Information Security Policy Frameworks

This post provides resources to create Information Security policies, standards, procedures and guidelines. Documenting IT Security Policy Frameworks IT Security Policy Framework Document Types IT security policy framework documents: Policy Policies would be like the constitution, while procedures are the…

Serverless Architecture

Function as a Service (FaaS), most commonly known as serverless architecture, is a concept of cloud computing where cloud user can work on code and run it on a server within the cloud without worrying about this server. This server…

Authentication Protocols

This post features computer network authentication protocols. Do not confuse the authentication protocols with the Authentication, Authorization and Accountability (AAA) protocols like RADIUS or TACACS+. Authentication protocols works in the OSI layers 2 and 3, and AAA protocols in layer…

Data Privacy

The terms data privacy, information privacy, data protection refers to data related to individuals, or personal identifiable information (PII). A privacy impact assessment (PIA) has the following goals: Privacy by Design Privacy by Design (PbD) is based on the “Privacy…

IT Crime Regulations

This post discusses some aspects related to IT or computer crime. The post focuses on regulations that prosecute malicious behavior related to computers or IT. If you want to read more about regulations concerning IT security focused on the implementation…