Home | hacker invade | crack analyzes | hacker course | Exploit | encryption decipher | network management | System crack | the virus to be related | invades the examination | firewall
You are here: hacking technology > invades the examination > Content
Hot Articles
ForensicSIM Toolkit gets
Serv-U bounce attack and
To the Image File Execut
Based on CallStack count
To a some music website
How to use double WAN ro
pcshare official net exa
Security precious book m
Honey jar and honey net
The invasion examination
pcshare official net exa
Tomcat invasion examinat
Bypasses the CallStack f
Ten big invasion examina
The network invasion exa
Recommend Articles
Only opens 80 port's saf
Bypasses the web key wor
Bypasses the CallStack f
Security precious book m
Based on CallStack count
pcshare official net exa
SQL Server SA idle talk
Honey jar and honey net
The invasion examines th
Four next generation inv
An accidental invasion e
The invasion examines (I
How to use IDS to invade
The invasion examination
A winding safe examinati
New Articles
TEA guidelines for risk
Training for medical per
JSIC Security Forum 2001
SITO includes E-Learning
The rationale for choosi
Drink and drug driving c
BTEC is Tavcom Training
International trade issu
1 in 5 companies is unli
New compact PD-350 for F
sharp rise in prices of
Passfaces strong authent
T3i teams with Passfaces
Comodo Two Factor Authen
Comfortable two-factor a
1 in 5 companies is unlikely that IT audits
  Add date: 10/13/2010   Publishing date: 10/13/2010   Hits: 31
Total 2 pages, Current page:1, Jump to page:
 
Never before has the result of the lack of effective IT was as critical for business continuity controls. Investor confidence in companies is inextricably linked to the reliability?permeability, accuracy and topicalityt want the coverage. And the results are almost completely dependent?REGARDLESS of IT-business from virtually all controls and business?Processes can be automated. In addition, CIO, CTO and internal auditors are responsible for the quality?t and security of information and systems, and yet, although the position with a superstar status, which often means their ignorance and unwillingness to address the basic need for IT controls that probably n 1 of 5 of superstar scapegoat out into the?next to?Years. In many organizations, the comment h?, That has made more often, although they are aware that things are better k?nnte believe that it is a likely victim. But 1 in 5 companies is unlikely that IT audit, and the refusal to sign by an external auditor to the financial statements by testing Exceptions are severely affecting the value of a company and the trust of investors.
It therefore should go without saying that every organisation should have policies in place that ensure that an independent examination demonstrates that effective controls are in place within the IT infrastructure that offer the assurance that your organisation is aware of the risks and is actively taking steps to ensure compliance to company policies.

These policies should take account of the following considerations1. Privileged user passwords should be kept in a secure location. The number of user accounts with privileged access must be kept to a minimum and passwords for these accounts must be changed on a regular basis. Additionally, organizations should enact policies that restrict access to privileged user passwords and administrative/root/service passwords to a “need to have” basis. By default, every instance of access to these passwords must have an audit trail. Every privileged user must have an account owner(s) who is responsible for controlling access to the account. This should allow for contingency procedures where any member of the responsible group can be authorized to release the password.2. Every privileged user account must have its own unique password and should be configured to change at least every 60 days.3. The use of any privileged user account must have the accompanying audit trail. Consideration should be given to differing policies for development and production systems. For example, privileged user access to a production system should only be possible with dual control, whereas a development system password may be accessible, within certain environments, without the need for dual control. Both production and development system passwords should be changed on a regular basis.4. In production environments, all groups, regardless of responsibility or location, should adhere to a common policy. This implies that policies related to how privileged user passwords are released and the frequency of change should apply across the board.5. External staff should never have privileged user access to a system using a guest or temporary account. Access should be granted via the default account, and the passwords should be immediately reset on completion of the task.

 
Other pages: : 1 * 2 * Next>>
Prev:New compact PD-350 for F?lschungserkennung system ACO Electronics Limited Next:International trade issues

Comment:

Category: Home > invades the examination
Home