Posted in Security Architecture on Feb 23rd, 2007
IT-Architecture is all about having a common language to describe an IT-environment. WSSRA SA defines a few words that are commonly used throughout the document: Assets, People, Process. Assets are divided into two groups: Data asset and Tier Asset. Data assets are the information stored within your databases, your spreadsheets and your worddocuments. That is […]
Read Full Post »
Posted in Computer Forensics on Feb 23rd, 2007
I frequently follow a blog at ITToolBox named “A day in the life of a security investigator”. His latest blog entry discussed the top ten errors that investigators often do. If you ever think of starting out in this business you should know these by heart. You could find them here: http://blogs.ittoolbox.com/security/investigator/archives/top-ten-investigative-booboos-14576
Read Full Post »
Posted in Security Architecture on Feb 20th, 2007
Last few weeks I have found quite a lot of companies hiring consultants with knowledge about WSSRA, Windows Server System Referency Architecture. Even if I like the concept of architecture it could be qute hard to grasp sometimes for an inexperienced person. During the following weeks I will write short notes about key concepts regarding […]
Read Full Post »
Posted in Compliance on Feb 20th, 2007
Here is a nice link for PCI DSS information. It is quite useful as a startingpoint for your PCI DSS certification. http://pcianswers.com/2007/02/17/pci-awareness-month
Read Full Post »
Are you using credit cards at your website or in some other parts of your business? PCI DSS stands for Payment Card Industry Data Security Standard and is a rather technical approach how you should protect your information. The fees and fines if you loose the credit cards are really high. How should you proceed […]
Read Full Post »
Posted in Computer Forensics on Feb 9th, 2007
When doing Computer Forensics it is uninvitable that you sooner or later will come across a computer where a person full life is stored in pictures, letters and so forth. That is the time you realise what is tough in this line of business. It is not finding a way around an encrypted file or […]
Read Full Post »
Posted in Computer Forensics on Feb 6th, 2007
Even if encryption is a very good tool for protecting data it do tend to come in the way when doing Computer Forensics. Pointsec gladly has a way to login in so that you could read the harddrive decrypted without booting the operatingsystem. By pressing CTRL+F9 when you see the logon to Pointsec and then […]
Read Full Post »
Posted in Security Architecture on Feb 5th, 2007
Security Architecture is a wonderful tool to use. There are so many marvelous words to use to really make everything totaly hopeless to understand. I recently attended a discussion regarding Security Architecture and was served a lot of terminology that I did not understand. When I asked him it turned out that he did not either. So […]
Read Full Post »
When I do Computer Forensics one of the largest problems is to find all the needed information. Most of the time we have to recreate this from different sources if it is at all possible to do. With this little casestudy I will try to give the basic setup for what is needed to have a good […]
Read Full Post »
Posted in Computer Forensics on Feb 4th, 2007
When I look inside a computer I find a lot of stuff that could prove as evidence in several cases but sometime the evidence in it self is not enough. In some cases we want to find where the information came from, what connections existed on the computer when it was active or how an […]
Read Full Post »