Source: US Trendmicro by David Sancho INTRODUCTION Social networking sites are websites designed for human interaction. They enable users to meet others; keep in touch with them; and share experiences, feelings, and opinions. They are all built on a similar foundation—the user builds a network of contacts bound by an element of trust. The user then creates content… Read More »
Source: American National Standards Institute (ANSI) The American National Standards Institute is pleased to announce the release of the new member of the ISO/IEC 27000 series, ISO/IEC TR 27008:2011 – Information Technology – Security Techniques – Guidelines for auditors on information security controls, which is now available from the ANSI standards store (webstore.ansi.org) ISO/IEC TR 27008:2011 provides guidance on… Read More »
Source: OWASP CLASP (Comprehensive, Lightweight Application Security Process) provides a well-organized and structured approach for moving security concerns into the early stages of the software development lifecycle, whenever possible. CLASP is actually a set of process pieces that can be integrated into any software development process. It is designed to be both easy to adopt and effective. It… Read More »
Source: PCI Security Standards Council The PCI Security Standards Council offers robust and comprehensive standards and supporting materials to enhance payment card data security. These materials include a framework of specifications, tools, measurements and support resources to help organizations ensure the safe handling of cardholder information at every step. The keystone is the PCI Data Security Standard (PCI DSS),… Read More »
Just providing another resource on policies to protecting PII. This handbook was published by the Department of Homeland Security. Hope this is another useful resource on this subject. You can download the pdf file here.