Select Page

Security Point


Red Hat Enterprise IPA on CentOS 5.2

For over a decade, several organizations used the Network Information Services (NIS) to render the central management of identity and policy for users and machines in the Linux and Unix environment. However, NIS had some serious infirmities that caused its failure to certain security compliance audits.

NIS is rather insecure for today’s standards. Host authentication mechanisms are not available and all information is passed unencrypted, over the network. Due to this, extreme care has to be taken while setting up a network that uses NIS.

Red Hat Enterprise IPA will help to enable significant risk reduction and efficiency gains for the IT industry. IPA stands for Identity, Policy, and Audit. RHE IPA aims to simplify the central management of the identity of users and machines, policies configuration and access control, and audit. The present release – RHE IPA 1.0 – takes care of “Identity” part. “Policy” and “Audit” are scheduled for future releases.

(more…)

Information Security Management System as per ISO/IEC 27001:2005

Security should be a key factor when choosing the hosting support company for your Web hosting business. The support team should be able to ensure you complete protection of the server information that you submit to them. An overall protection framework is the Information Security Management System (ISMS), as per the ISO/IEC 27001:2005 standard. This standard provides a model for establishing, implementing, operating, monitoring, reviewing, maintaining, and improving an Information Security Management System (ISMS).

Bobcares is an ISMS certified company, which means that our customers are affirmed security of their information assets through the proper standards.

Risk assessment is the first step in the overall protection framework. The article on Risk Assessment , gives an overview of how to go about identifying and evaluating the risks to business.

ISMS is based on the Plan-Do-Check-Act (PDCA) model. Through this article, we will go through all phases of the PDCA model as applied to ISMS, and see the major processes and activities involved.

(more…)

Why and How To Do Risk Assessment? : It’s Impact on Businesses

Risk Assessment is an important activity in protecting the critical assets without which your business suffers or cease to exist. It helps you identify the most important assets and associated risks, and lets you focus on those risks which really matters to your business.

Every organization handles critical information and information processing facilities to perform its day to day activities. Security (preserving the confidentiality, integrity and availability) of these critical assets are very essential for its smooth functioning. Risk assessment helps you identify risks to these critical assets and hence to formulate the overall protection strategy.

Before going into details of risk assessment, let us go through few terms and definitions.

(more…)