no more cubes

Category: Security & Privacy

  • Recovery Strategy Considerations

    The setup, maintenance, and execution of the recovery strategy must cost no more than the value of protecting the relevant technological asset or business process. Ensure that the financial benefit of the chosen strategy equals or outweighs the total cost of the strategy.

  • Plan Test Types

    Call exercise: To find out how many involved people on the notification list are available any given time. Compact exercise: testing a plan using the most comprehensive type of test. Actual exercise: testing a portion of the plan as realistic as possible. Walk-through exercise: going through the plan and documenting everybody who has a role…

  • Recovery Strategies

    Alternative on-site venues: Temporarily using meeting rooms, training labs, or cafeterias to support business functions. Reciprocation: Agreements with similar, unaffected organizations to use their facilities in the event of a disaster. Multiple sites: Running operations from two or more fully equipped locations belonging to the organization. External suppliers: Hiring resources, such as data centers and…

  • Considerations for the planning phase: Business Continuity

    National and industry-specific laws and general business standards must be taken into account. The staffing, funding, and other resources required to develop the plan must be identified. The results of a risk assessment must inform the planning.

  • Items to consider work potentially lost

    How quickly work in progress will need to be restored to workstations at an alternative site The amout of work that can tolerably be lost without harming the organization

  • Project Initiation Phase: Business Continuity Plan

    Secure commitment of departmental leaders who’ll be responsible for implementing the BCP. Pursuade senior management of the importance of having a BCP. Outline a timeline for developing a comprehensive continuity plan. Determine which possible disasters should be covered in the BCP.

  • Categories of Laws

    Tort Law England and Wales Deals with individuals and their rights and obligations under the law Mixed Law Forms the basis of the legal system in Holland, Quebec, Louisiana, South Africa and Scotland Civil Law Central Europe, Asia   Administrative Law Defines standards of performance and conduct that organizations and their employees should follow Religious…

  • Computer related crime characteristics

    Trap doors – potential offenders are system and application programmers Trojan horses, viruses, worms, salamis and logic bombs – can be detected by comparing program code with backup copies of the same program Masquerading – can be detected through password violations Scanning – potential offenders are spies trying to access systems for targeted data Dumpster…

  • Intellectual Property Laws

    Copyrights Example: A marketing / design company wants to restrict usage of designs it created. Trademarks Example: A company wants exclusive rights to use a particular logo or slogan. Trade Secrets Example: The recipe for a caffeinate, refreshing lemonade. Patents Example: Exclusive rights to a pharmaceutical company for a new drug it created.

  • Categories of Computer Crimes

    Breach of data security: Information stored on network or computers is altered by attackers. Breach of operations security: Attackers take advantage of vulnerabilities within daily procedures to access or alter information through methods like password sniffing. Breach of personnel security: Sensitive company information is gained from an employee by attackers Breach of communication security: Information…