Network Security News

Enterprise software needs auditing

Tuesday, July 8, 2008

As big business becomes more reliant on virtualized enterprise software, an independent data security evaluation strategy needs to be brought into force to ensure that data is protected in the auditing process.

Such is the suggestion of ZDNet enterprise network security blogger Dennis Howlett, who has noted in a recent entry that many firms are facing the prospect of data breaches as their reliance on virtualized enterprise software grows.

Howlett noted that while there are many benefits to using virtualized business services, an effective data security standard needs to be developed in order to minimize the risk of data leaks in the auditing process.

The current auditing standard - the Statement on Auditing Standards (SAS) 70 - may not be able to carry out effective security evaluation as the number of virtualized services and providers proliferates.

Many of these software developers are neglecting their responsibilities as set out by the American Institute of Certified Public Accountants, Howlett suggested.

As such, he concluded: "The SAS70 issue can be addressed but in my opinion requires a different type of audit - one that is informed by systems thinking and not based on financial accounting."ADNFCR-1765-ID-18674449-ADNFCR

Related News:

Zeus botnet performs MySpace spam campaign to spread itself further - 11.20.2009
A sophisticated Trojan dubbed "Zeus" has sent a flood of email messages to MySpace users in an attempt to propagate itself onto more computers, according to researchers at the University of Alabama at Birmingham.

Experts dissect Chrome OS security features - 11.20.2009
Yesterday's release of Google's groundbreaking new cloud-based operating system, Chrome OS, has caused a stir in techie circles, with experts of all stripes rushing to examine the product and issue their judgments.

Microsoft counts Chrome coup with discovery of security flaw - 11.20.2009
Security researchers at Microsoft recently discovered a security vulnerability in Google's controversial Chrome Frame for Internet Explorer, a browser plug-in that simulates Chrome functionality within an Internet Explorer session.

iPhone user sues games maker, claiming to have found hidden spyware - 11.18.2009
An iPhone gamer filed a federal lawsuit against mobile game programmer Storm8 today, alleging that the company violated his privacy by including hidden code in its games that gathered his personal information without permission.

Government watchdog warns of possible IT leaks at Los Alamos - 11.16.2009
The Government Accountability Office has issued a report on data security at the Los Alamos National Laboratory which says that sensitive and highly classified information is vulnerable to outside access.
View Related Resources
Or
Watch an Online Demo
Or
Have us call you now