Helping you Piece IT Together

 

Home Previous About Us Our Services Whitepapers Resources Newsletter Links News Contact Us Search
 

Visit Our Blog

 


 

 

Issue July 2007

Welcome to the July edition of BH Consulting's Security Watch Newsletter.   In this month's issue we provide some updates to what has been going on in BH Consulting, provide a brief overview of the upcoming seminar for Global Security Week, discuss a number of issues relating to Microsoft Exchange Server and highlight how to log remote desktop connections.

 

 

About BH Consulting
BH Consulting was founded in answer to demands for an independent consulting firm to assist clients gain a competitive edge by achieving IT Operational excellence in deploying, managing and securing their IT infrastructure. With over 20 year’s experience, we provide you with access to in-depth expertise, experience and technical know-how. Backed with our quality processes and commitment to deliver, BH Consulting provides clients with quality solutions at cost effective rates.

 Focus IrelandSupport Focus Ireland
If you have found any items in our Security Watch Newsletter to be of use to you we ask that you make a donation to Focus Ireland who work tirelessly supporting the homeless throughout Ireland.  Focus Ireland aims to advance the right of people-out-of-home to live in a place they call home through quality services, research, and advocacy.  The objectives of Focus Ireland are to respond to the needs of people out-of-home and those at risk of becoming homeless, through a range of appropriate high quality services, to provide emergency transitional and long-term accommodation for people out-of-home, to  campaign and lobby for the rights of people out-of-home and the prevention of homelessness.  No sum is too small and all is put to excellent use.

BH CONSULTING NEWS

Final Version of “Cyber-Security Check List” by the US CCU is now available.
The U.S. Cyber Consequences Unit, an independent research group that supplies the U.S. Department of Homeland Security with information on the consequences of cyber-attacks and evaluates the cost-effectiveness of countermeasures in place to prevent such attacks, has released the final version of its “Cyber-Security Check List”.  This list is a comprehensive guide to help those responsible for managing the security of their information and is broken down into the following categories, hardware, software, networks, automation, humans and suppliers.

Brian Honan reviewed earlier drafts of this document and provided feedback and insight which has been incorporated into the final version.  The US Cyber Consequences Unit have made the list available for posting on any responsible website and is available for download at BH Consulting’s site here.

Brian Honan to Speak at COSAC 2007.
Our Senior Consultant, Brian Honan, has been selected to address the 14th COSAC International Computer Security Symposium in September of this year.

Brian will present to the symposium the lessons learnt from his work to establish an independent, trusted and vendor neutral Computer Emergency Response Team to provide services to businesses, organisations and citizens in the Irish Republic.

Brian will share with attendees the various steps and pitfalls that can face anyone looking to set up their own CERT team, be that at a departmental, company, sector level or larger. More details on Brian's presentation are available at the COSAC website.

COSAC is a highly prestigious event with many quality speakers and topics scheduled over the three days. Best of all it is located in Ireland which provides Irish professionals with easy access to some of the industry’s best speakers. Registration for the event is available on the COSAC registration page.

BH Consulting Published in Latest Edition of Knowledge Ireland.
Knowledge Ireland magazine recently published an article written by our senior consultant Brian Honan titled "A Standard to Maintain".  The article discusses how the ISO 27001 Information Security Standard can be used as a foundation to help companies ensure they meet their compliance requirements, be that SOX, Basel II, PCI or the Data Protection Act. The premise that Brian put forward is that having a certified Information Security Management System in place provides you with a strong basis which you can use to meet your compliance requirements. 

If you wish to find out more about the ISO 27001 Information Security standard you can read our free whitepaper titled, "BS 7799 to become ISO 27001".  Alternatively if you wish to discuss your requirements regarding the ISO 27001 security standard please contact us and we will be happy to assist you.

Focus Ireland Golf Tournament.
BH Consulting were delighted to enter a team into this year's Focus Ireland Golf Tournament held at Carton House.  As we decided to enter a team that extolled in the true Olympic spirit we did not manage to win any prizes, however a great day was held by all.  On behalf of BH Consulting I would like to sincerely thank the members of the team who took the time from their busy schedules to take part and made the day a very enjoyable event.  My thanks also to our kind sponsors for the day who provided the team with various golf paraphernalia and the much appreciated supply of spare golf balls!!  Finally a very sincere thank you to our hosts for the day, Focus Ireland, who provided an excellent day and venue for the event.

Brian Honan Published in the August issue of the CSI Communications Magazine
The Computer Society of India has published an article written by Brian Honan on best practises on how to respond to information security breaches and incidents.  The magazine is circulated to over 30,000 Information Technology professionals throughout India and highlights BH Consulting's reputation as experts in the field of incident response.

If you are interested in learning more about how best to respond to a information security incident please feel free to read our free whitepaper "Incident Handling and Management".  You can also contact us with your enquiry and we will be happy to help you.

Global Security Week 2007 Seminar.
As discussed in our June newsletter the topic for this year's Global Security Week event is "Privacy in the 21st Century".  A free seminar based on this year's theme of "Privacy in the 21st Century" will be held at 2:00 p.m. on Wednesday the 5th of September.  More details of this event will be posted nearer the date.

If you want to get involved then please do not hesitate to contact us.

Enterprise Ireland Podcast on Information Security
Enterprise Ireland have launched a series of podcasts aimed at businesses in the SME sector to help them address the challenges they face regarding ICT.  Our senior consultant has been asked to participate in Enterprise Ireland's upcoming podcast on "Security Issues Facing Irish SMEs".   

"Managing Information Security with ISO 27001" Training Course Scheduled for September 2007
Due to the demand and interest generated in the above training course another date to host the event is being scheduled for September of this year. 

BH Consulting and the Centre for Software Engineering are hosting a two day course “Managing Information Security with the ISO 27001 Information Security Standard”. This course provides a framework that will enable those responsible for securing sensitive information assets using a quality based approach to identify key assets and how best to manage the associate threats and risks.

The subjects covered include:

  • Overview of information security
  • Introduction to the ISO 27001 Information Security Standard
  • Identifying key information assets
  • Identifying risks
  • Strategies for mitigating and managing risk
  • Implementing appropriate security controls
  • Monitoring the effectiveness of security controls

Anyone interested in the above course can contact us or find more information available on the Centre For Software Engineering’s website

BH CONSULTING WEBSITE UPDATE
 We strive at BH Consulting to provide information that is relevant and useful in securing and running your business. To this end we provide a range of free whitepapers available for download free from our white papers page.

The following whitepaper has been updated on our website "The U.S. Cyber Consequences Unit Cyber-Security Check List

LATEST THREAT LEVELS
Get more information on the latest updates on current threats at our online resources page;

FEATURES

Exchange 2007 Fault Tolerance
With clustering, only the mailbox server can exist in a failover cluster (Single Copy Clusters—SCC or Cluster Continuous Replication—CCR), with no other roles. Redundancy for the other roles is achieved through multiple servers and Network Load Balancing (NLB)/DNS round-robin...  Click Here for more

Microsoft Exchange Server 2007 Clustering Modes
Whereas Exchange 2003 really offers only one type of clustering support (local, with multiple servers sharing a SAN), Exchange 2007 supports log shipping both remotely and locally, which opens up new modes of clustering: * Local Continuous Replication (LCR), a single-server solution in which the system uses the logs to create a second copy of a storage group (SG) on a different set of disks. This method gives you a second copy of...  Click Here for more.

Logging Remote Desktop Connections
Q: We believe someone at our company is using another employee’s account to access a workstation remotely through Remote Desktop Connection. We know the authorized employee couldn’t have accessed the workstation because at that time he was on a 12-hour flight with no Internet access. Can we get a list of all the Remote Desktop logons to our workstations from Small Business Server’s (SBS’s) Security log? ...  Click Here for more.

Exchange 2007 Infrastructure Requirements
To ensure reliable performance, make sure you’re ready for Exchange 2007. Because of the move to 64-bit architecture, no in-place upgrades to Exchange Server 2007 are possible. Here’s a quick look at some of the minimum requirements your organization must meet before you can migrate to this version . Step 1: Choose a Processor Exchange 2007 requires 64-bit processors: either AMD64 or Intel Extended Memory 64 Technology... Click Here for more.

FREE SECURITY SCAN
 In partnership with Qualys, BH Consulting are offering a for a free Network Security Scan so you can check how healthy your network is. To find out more about what this service can do for you, visit our free Network Security Scan

Alternatively contact us or visit our website to get more details on our risk assessment service.

This issue of Security Watch is being brought to you by BH Consulting.  If you have found this issue to be of use please support our drive to raise funds for Focus Ireland.

Each Security Watch eNewsletter, and the special Security Alert issues, are produced independently by the Windows IT Pro Custom Media Group and is distributed by various Microsoft security partners. Each eNewsletter contains up-to-date information about security strategies, technologies, and alerts. Each Security Alert contains the latest information about security threats.

Additional news courtesy of Silicon Republic, Cnet, Silicon and Zdnet

To update your subscription to our newsletter click here.  To unsubscribe click here

Home | About Us | Our Services | Useful Resources | Contact Us | Corporate Responsibility | Disclaimer | Privacy | Blog
Copyright © 2005 BH IT Consulting Ltd.