Implementing restrictions on software installation using ISO 27001 control A.12.6.2
Antonio Jose Segovia
Currently, in all companies around the world, it is necessary to install software (operating systems, office applications, financial applications, applications...
Currently, in all companies around the world, it is necessary to install software (operating systems, office applications, financial applications, applications development, etc.). But, in general, the installation of this software is not sufficiently controlled, which...
Key performance indicators for an ISO 27001 ISMS
Rhand Leal
Think about a medical exam. Our objective is for the physician to tell us that our health is ok and...
Think about a medical exam. Our objective is for the physician to tell us that our health is ok and that we’ll live a long life, right? And how does the physician evaluate our health...
How to protect against external and environmental threats according to ISO 27001 A.11.1.4
Physical security plays a critical role in information protection, because even the best designed, implemented, and maintained technical and administrative...
Physical security plays a critical role in information protection, because even the best designed, implemented, and maintained technical and administrative controls, whether IT related or from some other area, are of little help if an...
How to use penetration testing for ISO 27001 A.12.6.1
A famous historical hacker, Kevin Mitnick, said on one occasion: “I get hired by companies to hack into their systems...
A famous historical hacker, Kevin Mitnick, said on one occasion: “I get hired by companies to hack into their systems and break into their physical facilities to find security holes. Our success rate is 100%;...
How to set security requirements and test systems according to ISO 27001
Security is something that everyone wants to have, but which no one ever wants to use. And this thought can...
Security is something that everyone wants to have, but which no one ever wants to use. And this thought can bring a lot of problems. Unless a system’s purpose is security related (e.g., firewall, access...
How to use cryptography according to ISO 27001 control A.8.24
Updated: December 28, 2022., according to the ISO 27001:2022 revision. Today, information travels constantly from one part of the world to...
Updated: December 28, 2022., according to the ISO 27001:2022 revision. Today, information travels constantly from one part of the world to another through email, online transactions, USB flash drives, and external hard drives. Outside the facilities...
