Sunday, April 28, 2013

Information Technology Infrastructure Library


What is ITIL? Information Technology Infrastructure Library is the most widely adopted approach for IT Service Management in the world.  The ITIL framework is said to be practical and a no nonsense approach for identifying, planning, delivering and supporting IT services to an organization.  ITIL consists of a collection of methods and practices for managing the development and operation of information technology infrastructures.  The Information Technology Infrastructure Library is a produced series of books that each covers a different IT management topic.  ITIL can be tailored to many IT organizations due to its significant IT related practices.  Today, you will see a lot of organizations are beginning to add ITIL to their organization. 

Individuals can also receive certifications in Information Technology Infrastructure Library.  There are three levels of certifications levels, Foundation, Practitioner, and Manager.  Foundation Certificate is designed to provide a foundation level of knowledge in IT Service Management.  Practitioner’s Certificate is aimed at those who are responsible within their organization for designing specific processes within the IT Service Management.  Manager’s Certificate is aimed at those who need to demonstrate a capability for managing ITIL-based solutions across the breadth of the Service Management subjects.

 

References

ITIL Certifications. (n.d.). ITIL, ITSM and ISO 20000 News. Retrieved April 28, 2013, from http://itsm.the-hamster.com/itsm9.htm

Whitman, M. E., & Mattord, H. J. (2010). Security Management Models. Management of information security (3rd ed., pp. 211-246). Boston, MA: Course Technology, Centage Learning.
Posted by at No comments:

Sunday, April 21, 2013

Security Education, Training, and Awareness

Security Education, Training and Awareness (SETA) program is defined as an educational program that is designed to reduce the number of security breaches that occur through a lack of employee security awareness. A SETA program is quite beneficial for companies that deal with secure information and to make their employees aware of security risks.   Security Education, Training, and Awareness will set the tone of security for employees of an organization, and can be very impactful to make new employees aware at their time of hire. Awareness programs can help employees protect their personal and confidential work information from security breaches.  Before and after all employees go through Security Awareness training, to keep morale up in a company, it is a good idea to send out reminders to the employees on Information Security to keep a reduction of breaches and viruses down.

Reference
http://www.infosecwriters.com/text_resources/pdf/SETA_SHight.pdf
Posted by at No comments:

Sunday, April 14, 2013

Top Security Breach of 2012

Information Security covers a lot things but today I am going to talk about the biggest breach of 2012. 

The biggest breach of 2012 was from the Government Sector which it was reported that 268 individual data breaches occurred over a period of three years.  The government reportedly exposed over 94 million records that contained personal information that could identify these individuals.  It is also stated that this number has escalated since 2009......scary right?  There are several ways for individuals to protect themselves on their personal computers and e-mails.  It is extremely hard to protect your personal information if somewhere like a bank or government agency has a data breach.  It is quite un-nerving to know that someone may have access to all of my personal information and plan to maliciously use this information for their gain.  It is always good to keep an eye on your credit report just in case someone has your information! 
 
Posted by at No comments:

Sunday, April 7, 2013

Business Continuity

How important is Business Continuity to your organization? Does your organization have a Business Continuty plan in place, in case of a disaster? In my opinion, this is very important to think about and have in place so that your business can still operate if there were ever a fire or another kind of disaster to occur.  A company can look at three options to consider which type of site is the most beneficial for their organization.  They have the option to choose a hot site, warm site, or a cold site.

A hot site is a duplicate of the original site of the organization, with full computer systems as well as near-complete backups of user data.

 A warm site is a compromise between hot and cold. These sites will have hardware and connectivity already established, though on a smaller scale than the original production site or even a hot site. 

A cold site is the least expensive type of backup site for an organization to operate. It does not include backed up copies of data and information from the original location of the organization, nor does it include hardware already set up. 

Choosing one of these options can make sure a business does not "go out" of business after a major disaster. Every company should think about a "just in case" disaster and a business continuity plan. 

 Reference

 Backup site - Wikipedia, the free encyclopedia. (n.d.). Wikipedia, the free encyclopedia. Retrieved April 7, 2013, from http://en.wikipedia.org/wiki/Backup_site
Posted by at No comments:
Subscribe to: Posts (Atom)