ISACA & ISO 27001

ISACA’s article on ISO 27001 implementation.

Planning for and Implementing ISO 27001

Charu Pelnekar, CISA, CISM, ACA, AICWA, BCOM, CISSP, CPA, MCSE, QSA

ISO/IEC 27001:2005 Information Technology— Security techniques—Information security management systems—Requirements is an information security management system (ISMS) standard published in October 2005 by the International Organization for Standardization (ISO) and International Electrotechnical Commission (IEC).1, 2 The potential benefits3, 4 of implementing ISO 27001 and obtaining certification are numerous. Implementing ISO 27001 can enable enterprises to benchmark against competitors and to provide relevant information about IT security to vendors and customers, and it can enable management to demonstrate due diligence. It can foster efficient security cost management, compliance with laws and regulations, and a comfortable level of interoperability due to a common set of guidelines followed by the partner organization. It can improve IT information security system quality assurance (QA) and increase security awareness among employees, customers, vendors, etc., and it can increase IT and business alignment. It provides a process framework for IT security implementation and can also assist in determining the status of information security and the degree of compliance with security policies, directives and standards.

http://www.isaca.org/Journal/Past-Issues/2011/Volume-4/Documents/jpdf11v4-Planning-for-and.pdf

SafeSocNet 2

 

Get Safe Online

How can I protect my personal information online?

More and more people are conducting their personal affairs online. Online shopping, social networking, job hunting and the ability to carry out official functions, such as renewing car tax or contacting local councils and government departments online, are now an everyday part of life. Doing things online can offer convenience and widen opportunities, and in general people value it.

Organisations that collect and use your information have responsibilities to protect it. However, you can take various precautions to protect yourself from identity fraud or the misuse of your information, or to ensure that your privacy is respected in the way you would want.

http://www.getsafeonline.org/

http://www.ico.gov.uk/for_the_public/topic_specific_guides/online/social_networking.aspx

http://www.csoonline.com/article/529764/social-media-risks-the-basics

 

 

A Guide to Facebook Security

https://www.facebook.com/safety/attachment/Guide%20to%20Facebook%20Security.pdf
For Young Adults, Parents, and Educators
Linda McCarthy, Keith Watson, and Denise Weldon-Siviy

Facebook privacy settings 
It may surprise you to hear that when other Facebook users choose to install apps they can then share the information they can see about you with those apps
Visit your Facebook privacy settings and untick those options if you wish to limit what information about you your Facebook friends can share with third-party applications.
http://nakedsecurity.sophos.com/2013/01/11/my-birtday-calendar-facebook-warning/

The AV Marketplace 
https://www.facebook.com/notes/facebook-security/the-facebook-anti-virus-marketplace/10150672849230766
Accessible from the Facebook Security Page, or directly at https://www.facebook.com/security/app_360406100715618, people will be able to select a free download from one of our anti-virus partners.
We believe that arming our users with anti-virus software will help empower them to stay safe no matter where they are on the web.
It enables people to download six-month licenses to full versions of anti-virus software at no charge from Microsoft, McAfee, TrendMicro, Sophos, or Symantec.
Facebook’s global community can now download for free powerful software to protect their computers from current and future viruses, and content security threats providing hundreds of millions of people free access to anti-virus software.

A Few Updates to Make Your Mobile Experience More Safe and Secure
https://www.facebook.com/notes/facebook-security/a-few-updates-to-make-your-mobile-experience-more-safe-and-secure/10150839779545766
At Facebook we are always working to improve our systems and products so you can use them anywhere, any time, and on any device. We’ve spent a lot of time over the past few months making sure that your mobile experience is just as good as when you’re at home sitting at your computer.

A Redesigned Help Center 
https://www.facebook.com/notes/facebook-safety/improved-tools-to-support-your-facebook-experience/473126442708143
At Facebook, we work hard to build innovative products that help you connect and share. While we strive to make the Facebook experience intuitive and easy-to-use, we know that sometimes people still need help.
launched in April 2012, the Support Dashboard  is a tool designed to help you track the progress of the reports you make about photos and timelines, which are the most commonly reported types of content.

New Protections for Phishing
https://www.facebook.com/notes/facebook-security/new-protections-for-phishing/10150960472905766
Today, Facebook is proud to announce the launch of phish@fb.com, an email address available to the public to report phishing attempts against Facebook. Phishing is any attempt to acquire personal information, such as username, password, or financial information via impersonation or spoofing.

How do I turn on Secure Browsing (https)?
https://www.facebook.com/help/215897678434749/

 

Happy Safe Social Networking..!

FixNix InfoSec Solution’s Safe Networking tips !

Nixers wishes a very happy New Year and a healthy, happy and successful 2013.

On this auspicious Pongal/Sankaranthi day, we’d like you to achieve more than you set out to, and be more successful than you deserve in the coming year!

At this joyous time of year, We wish you abundance, happiness, and peace in a new year filled with hope. Happy holidays!

 

Cyberstalking is a topic offlate being discussed widely.

Particularly there’re lot of women victims being harassed due to this.

How can we unleash the power of social media without somebody unknown stalks on us?

You’ll get to see tips, insights in this ‘Safe Networking’ campaign mails.

McAfee has introduced apps like Socialprotection so that we can limit control of the photos we upload in our profiles.
https://apps.facebook.com/socialprotection/

https://www.facebook.com/McAfee/app_318055821622402

http://thenextweb.com/apps/2012/08/28/mcafee-launches-intel-built-app-protects-facebook-photos-unwanted-attention/

Keeping that aside there’re lot of security tips posted by facebook itself which everyone should keep track.

https://blog.facebook.com/blog.php?post=248766257130

https://www.facebook.com/security

Do an personal audit of your personal facebook account often at regular intervals.
http://iag.me/socialmedia/how-to-do-a-facebook-personal-profile-security-audit/

Twitter provides option to us to control who follows our tweets and control the further spreading of our 140 char thoughts
https://support.twitter.com/articles/20169376-how-to-approve-deny-follower-requests#

http://support.twitter.com/articles/18368-protecting-your-personal-information#

http://support.twitter.com/articles/76036-keeping-your-account-secure#

http://support.twitter.com/articles/20169996-email-account-tips#

http://support.twitter.com/articles/185703-my-account-is-compromised-hacked-and-i-can-t-log-in#

https://dev.twitter.com/tags/protected-tweets

https://dev.twitter.com/tags/protected-users

There’re tools from reputed security vendors like BitDefender for twitter security protection.
http://safego.bitdefender.com/twittera

Need to keep a tab on the twitter attacks happen
http://www.informationweek.com/security/vulnerabilities/5-steps-to-prevent-twitter-hacks/240005178

http://www.askdavetaylor.com/how_to_protect_twitter_updates_messages.html