Enterprise software needs auditing
Tuesday, July 8, 2008
As big business becomes more reliant on virtualized enterprise software, an independent data security evaluation strategy needs to be brought into force to ensure that data is protected in the auditing process.
Such is the suggestion of ZDNet enterprise network security blogger Dennis Howlett, who has noted in a recent entry that many firms are facing the prospect of data breaches as their reliance on virtualized enterprise software grows.
Howlett noted that while there are many benefits to using virtualized business services, an effective data security standard needs to be developed in order to minimize the risk of data leaks in the auditing process.
The current auditing standard - the Statement on Auditing Standards (SAS) 70 - may not be able to carry out effective security evaluation as the number of virtualized services and providers proliferates.
Many of these software developers are neglecting their responsibilities as set out by the American Institute of Certified Public Accountants, Howlett suggested.
As such, he concluded: "The SAS70 issue can be addressed but in my opinion requires a different type of audit - one that is informed by systems thinking and not based on financial accounting."
Related News:
Cyber criminals exposed medical records - 3.8.2010
More than 18,000 patients, whose medical information is stored on the computer systems of five doctors in Torrance, California, were potential victims of identity theft in September when cyber criminals penetrated the doctors' networks, according to the Los Angeles Times.
McAfee advises companies to boost web security relating to source code - 3.4.2010
At the RSA Conference, currently taking place in San Francisco, McAfee released a report indicating that companies regularly use too few web security protocols when protecting intellectual property such as source code.
False social networking attacks provides teachable moment for web security - 2.25.2010
A unique tool developed to prevent the spread of malware from social networking websites has been recommended Processor.com, a web and network security news provider.
With global web security under siege, exports point to problems - 2.25.2010
In 2009, Garlik, a United Kingdom-based web security company, reported a 207 percent increase in malware use to overtake bank accounts. Recent events have also shown vulnerability in corporate, private and governmental web security systems.
Kaspersky reports malware growing more sophisticated - 2.24.2010
Kaspersky, a web security provider, reported Wednesday that while there is very little growth in the amount of malware currently roaming the web, it is becoming more advanced and much harder to detect.
|
