Feed on
Posts
Comments

Monthly Archive for March, 2011

IAM implementations of different kinds go on at many of my clients and one question I often get is how to handle logging and administrators from an IAM perspective. From the identity point you have one user – one identity. From the security point you have separation of duties and lowest possible access. If you […]

Read Full Post »

Quite often I am engaged in projects involving creating an information classification. Many times this is seen as security work. However, this is not the case. Information classification is only an economic construct. By classifying information you make it easier to decide what kind of security and which security mechanisms you need. What is then […]

Read Full Post »