Blog security
Information Security – Incident management & template incident register
Information Security is a continuous effort; staff handling information needs to be trained regularly, systems need updating to remain secure, assets and risks change, and incidents need addressing. A complete risk register gives you a good idea of what might happen, but without a plan for both anticipated and unanticipated incidents there is a good…
Joost Krapels
Information Security at Microsoft Azure
Microsoft Azure forms, together with Amazon Web Services and Google Cloud, The Big Three; the three largest cloud providers. Their clients store tons of data, making the web services vital to many operational processes. Securing that data is critical, which Microsoft more than agrees with. They have made a lot of information and documentation available,…
Joost Krapels
Information Security at Amazon Web Services
Amazon Web Services forms, together with Google Cloud and Microsoft Azure, The Big Three; the three largest cloud providers. Their clients store tons of data, making the web services vital to their company. To help with information security, Amazon provides many features and allows for a lot of APIs. They have thousands of pages of…
Joost Krapels
Facebook Personal Data Breach, the aftermath
On september 28 2018, Facebook published a statement saying a security breach had taken place earlier that week, having brought the personal data of 50 million users in jeopardy. The personal data breach has been reported to the Irish information supervisory authority, but does this mean the story is over?
Joost Krapels
ISO27002 and Statement of Applicability explained
The international information security standard ISO27001 is known by many. But what is the illusive ISO27002 that is often mentioned alongside it? ICT Institute has created a series of articles to explain the lesser known ISO27002 standard in more detail. You could use this overview to prepare yourself for ISO27001 certification or just to refresh…
Joost Krapels