Assignment System and Services Acquisition (Case Study)

Seven StepsIntroduction:

It’s critical for the company to convey its information security requests with transparency and specificity when obtaining systems, parts, and services necessary for business success. After reviewing current information system security controls, we have determined that there is a need to overhaul current practice by implementing a new set of security tools necessary to help meet or exceed current and future industry regulatory standards. Continue reading

Cloud Computing Access Controls (Case Study)


Cloud providers are tasked with providing cohesive trust and security relationships. In many cases, cloud users and cloud service providers belong to different trust domains. Due to the inherent nature of cloud computing’s multi-tenant and virtualization features, unique security and access privileges present challenges due shared resources among potentially untrusted tenants. As a result, privacy, trust, and access control, are critical issues that must be dealt with in cloud computing. Continue reading

Defense-In-Depth (Case Study)



Our current effort at implementing defense in depth needs to be overhauled and one of the areas of major concern is a mobile device. We recently paid out a total of $60 million in settlements as a result of stolen sensitive private information from our customer data centers located in two of our major markets, Mexico and the Philippines.

As a result of the negative press, our customer satisfaction has dropped to an all time low of 20%. According to our estimates, we can easily achieve a 90% reduction in incidences by initiating a small number of low cost countermeasures. Continue reading