Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

potential Security Risks

Posted on 2014-04-01
6
Medium Priority
?
332 Views
Last Modified: 2014-04-07
i need some potential Security Risks which i can add to our Risk Register. pls forward me your ideas and recommendations,thank you!
0
Comment
Question by:DukewillNukem
  • 3
  • 2
6 Comments
 
LVL 57

Expert Comment

by:McKnife
ID: 39969246
It would be kind of helpful to see what is already in there (complete list) to get an idea of where you are heading.
0
 

Author Comment

by:DukewillNukem
ID: 39969322
risk: Security breaches due to unauthorized use of private devices is one.
solution: Provide secure alternatives like RSA,Citrix and Good technology

risk:Lack of Firmwide document retention standard
solution: Create guidelines on documents which are marked to be deleted or passed the retention period


stuff like that.
0
 
LVL 38

Expert Comment

by:Rich Rumble
ID: 39972080
Have a look at my artilces
http://www.experts-exchange.com/members/richrumble.html
click ->Articles Published at the top.
Lot's of risks there to think/read about.

Now matter where I go for an engagement I always see some of these issues:
Insufficient backup's, Users are Local Admins, no patch management, default configurations being used, no password auditing, default passwords being used, clear-text protocols containing passwords, no pentesting being done, coding best practices ignored (lack of SDLC), no security awareness efforts, no log management, insufficient logging levels, no egress filtering... and on and on...
Lack of policies and procedures is another. If your company needs to be PCI or SOX compliant, then you can check off 90% of those requirements as not being done.
-rich
0
Cyber Threats to Small Businesses (Part 2)

The evolving cybersecurity landscape presents SMBs with a host of new threats to their clients, their data, and their bottom line. In part 2 of this blog series, learn three quick processes Webroot’s CISO, Gary Hayslip, recommends to help small businesses beat modern threats.

 

Author Comment

by:DukewillNukem
ID: 39972152
great! thats what im looking for,i will read thru it and let you know
0
 

Author Comment

by:DukewillNukem
ID: 39977849
but i need Infos like Gartner which list the current threats and risks for an enterprise,especially lawfirms
0
 
LVL 38

Accepted Solution

by:
Rich Rumble earned 2000 total points
ID: 39977920
The current threats haven't changed much... I'd suggest you read the Verizon/Microsoft reports and the OWASP top 10. Every year the threats are the same, they just switch places...
https://www.owasp.org/index.php/Top_10_2013-Top_10
http://www.verizonenterprise.com/DBIR/2013/
http://www.microsoft.com/security/sir/archive/default.aspx
https://www.sophos.com/en-us/threat-center/security-threat-report.aspx

Basically search for "threat report" or "risk report" maybe "enterprise risk report".
-rich
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

It’s time for spooky stories and consuming way too much sugar, including the many treats we’ve whipped for you in the world of tech. Check it out!
Experts Exchange expands question security options for members.
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
In a question here at Experts Exchange (https://www.experts-exchange.com/questions/29062564/Adobe-acrobat-reader-DC.html), a member asked how to create a signature in Adobe Acrobat Reader DC (the free Reader product, not the paid, full Acrobat produ…

886 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question