- IT support service (helpdesk and management of configuration, management, change, release, problem, incident)
- IT delivery service (SLA, management of IT finance, capacity, service continuity, availability).
> Problem management vs incident management - The purpose of problem management is to reduce the number of incidents, while incident management is all about restore the affected system to its normal operational state as quickly as possible.
# Media sanitization
- process of eradicating data to the point where it is impossible to restore.
- an organization must select the correct sanitization techniques for the types of media it use for storing data.
Enterprise backend hardware: print server, file server, application server, web server, proxy server, database server, smart phones, PDA, firewall, IDS(intrusion detection system), IPS(intrusion prevention system), switches, routers, LPN, storage devices, memory and flash cards.
IS Risks: viruses, spy wares and other malicious programs, data theft, data loss, data corruption, loss of storage devices.
IS security controls: data encryption, granular control, IS security training, enforce desktop lock policy, antivirus policy, use of approved and secure devices, including return and privacy information in the data file.
# RFID (Radio frequency identification):
- Uses radio frequency to identify objects that is tagged. A tag consists of a chip and an antenna. The chip stores the ID of the object, and the antenna receives signal.
- An active tag draws power from a batter and can transmit its ID to a longer distance.
- A passive tag gets it energy from the radiated power from the RFID reader.
- Application area of RFID: asset management, hardware tracking, authenticity verification, matching, process control, access control, supply chain management.
> Risk of RFID
1. A direct attack on RFID system can disrupt business process.
2. A hacker can gain access to RFID information stored in your system.
3. RFID technology can appear as a threat to a non-RFID network.
- IT delivery service (SLA, management of IT finance, capacity, service continuity, availability).
> Problem management vs incident management - The purpose of problem management is to reduce the number of incidents, while incident management is all about restore the affected system to its normal operational state as quickly as possible.
# Media sanitization
- process of eradicating data to the point where it is impossible to restore.
- an organization must select the correct sanitization techniques for the types of media it use for storing data.
Enterprise backend hardware: print server, file server, application server, web server, proxy server, database server, smart phones, PDA, firewall, IDS(intrusion detection system), IPS(intrusion prevention system), switches, routers, LPN, storage devices, memory and flash cards.
IS Risks: viruses, spy wares and other malicious programs, data theft, data loss, data corruption, loss of storage devices.
IS security controls: data encryption, granular control, IS security training, enforce desktop lock policy, antivirus policy, use of approved and secure devices, including return and privacy information in the data file.
# RFID (Radio frequency identification):
- Uses radio frequency to identify objects that is tagged. A tag consists of a chip and an antenna. The chip stores the ID of the object, and the antenna receives signal.
- An active tag draws power from a batter and can transmit its ID to a longer distance.
- A passive tag gets it energy from the radiated power from the RFID reader.
- Application area of RFID: asset management, hardware tracking, authenticity verification, matching, process control, access control, supply chain management.
> Risk of RFID
1. A direct attack on RFID system can disrupt business process.
2. A hacker can gain access to RFID information stored in your system.
3. RFID technology can appear as a threat to a non-RFID network.
No comments :
Post a Comment