Information Security,

Approximately every business organization need IT ( Information Technology ) to drive success and growth. Most of those organization follows some business processes. People in those organization know how to set goals, organize their activities and drive quality into delivery of product and services. This is all done to achieve certainty, predictability and reliability to make sound decisions.  When it comes to IT department that support those organizations, very few follow any sort of guidelines to make it certain and reliable. COBIT (Control Objectives for Information and Related Technology) enables organization to manage IT in a similar way as they manage other activities of organization. COBIT provides guidance on how to organize activities that relate to IT within all business activity properly. There are three key cards 1) Process Model 2) Best Practices 3) Management Tools Process Model:-   It helps enterprise to understand the nature of all these activitie...

If you are a movie lover and have watched any of those war movies where the villain is going to launch nuclear attack and he needs multiple secret codes for it and all of a sudden he finds that no single person have access to all of the codes, then you have already witnessed "Access Control" ! What is Access Control?  Access control ensures that resources are only granted to those who are entitled to them. Basically  there are two entities , one is "Subject" and the other  is "Object". In a general scenario a subject wants to access an object and for that purpose different access control mechanism are there to apply. There are different type of access controls:- Technical :- Various Access control mechanism like passwords,smart cards, Biometrics,  etc Physical :- Can be  Preventative like putting a door, a guard dog etc to control the access or it could be detective like installing a camera,motions sensors etc to detect access. Administra...