Tips
Tips
-
Five ways to prepare a company board for a cyber breach
Five key things that boards need to do to stop their businesses leaking like sieves and potentially going to the wall Continue Reading
-
How to implement risk-based security
Implement a simple process to identify, analyse and prioritise risk without significant investment in time or money Continue Reading
-
Seven secrets of SQL Server Management Studio
SQL Server Management Studio (SSMS) is the principal interface for working with Microsoft SQL Server. However, many subtleties of this powerful tool evade even the most seasoned professionals Continue Reading
-
Audits and compliance requirements for cloud computing
Even as India Inc experiments with the cloud, security concerns play spoilsport. These cloud computing audit and compliance tips will make your journey easier. Continue Reading
-
Security business analyst – a role whose time has come
For effective information security, India Inc requires security business analysts. These should be people who understand security, technology and the business. Continue Reading
-
Using ESAPI to fix XSS in your Java code
Customized validation routines are the norm in Indian organizations for fixing vulnerabilities. OWASP’s ESAPI framework may prove to be a better option. Continue Reading
-
Identity and access management (IAM) in the cloud: Challenges galore
Identity and access management (IAM) in the cloud poses never before seen challenges to Indian organizations. Here are some points to keep an eye out for. Continue Reading
-
Leading Indian banking portals contain glaring security lapses
Even as Internet banking portals transform the way Indians bank, vulnerabilities exist in banking websites like SBI, Citibank India, HDFC Bank and ICICI Bank. Continue Reading
-
Six business continuity audit guidelines for Indian businesses
In order to be fully prepared to tackle disasters it is important to conduct BCP audits. Use these guidelines for effective business continuity audits. Continue Reading
-
Vulnerabilities in JavaScript: Secure coding insights and tips
JavaScript vulnerabilities are on the rise in India with the entry of HTML5 and faster JavaScript engines. Here are some key problem areas along with antidotes. Continue Reading
-
BPM-ERP integration in four steps
Integrating ERP with BPM can improve organizational efficiency and productivity. Follow these steps for easy integration of ERP with BPM. Continue Reading
-
Limitations of two factor authentication (2FA) technology
The common two factor authentication (2FA) techniques used In India have several shortfalls. We take a look at security risks associated with 2FA solutions. Continue Reading
-
Implement a data integration solution in six easy steps
This is the first installment of a two-part series expert-advice on data integration solution deployment. Continue Reading
-
How centralised storage and server-based computing help IT face BYOD
Study shows that UK and EU IT pros are still scared of BYOD. But IT can overcome these BYOD fears. Here's how. Continue Reading
-
Guide to Windows Azure: Part 3 - How to configure local storage resources
Our Windows Azure tutorial series continues with an explanation of usage of local storage in Azure cloud services. Learn how to best configure local storage. Continue Reading
-
Business continuity strategy: Employees are the vital link!
No business continuity strategy can ignore the role that employees play in a crisis. Here’s how you can bring employees to the center of your BC plan. Continue Reading
-
Free IT service catalog templates for the CIO
Creating and updating an IT service catalog can keep your business running smoothly. Check out these free IT service catalog templates on the Web. Continue Reading
-
Mobile application security issues and threat vectors in enterprises
As mobile application security threats take on serious proportions, we explore the issues and risks involved for users and enterprises. Continue Reading
-
The benefits of an open source file system for storage
An open source file system can bring huge scalability, parallel file system capability and advanced features compared to those bundled with commercial operating systems. Continue Reading
-
A free risk assessment template for ISO 27001 certification
Risk assessment is the first important step towards a robust information security framework. Our simple risk assessment template for ISO 27001 makes it easy. Continue Reading
-
Building a hybrid cloud on SaaS, PaaS and IaaS for IT efficiencies
IT pros looking to adopt a hybrid cloud based must strategise for security, IT standards and costs to make their cloud project successful. Continue Reading
-
Five things that can make or break your virtual desktop infrastructure
IT pros looking to implement a virtual desktop infrastructure project must have a strategy for storage, application virtualisation and must understand desktop users to succeed. Continue Reading
-
System administrator guide to the contra-admin approach
A system administrator can benefit by adopting a contrarian approach to system administration. Learn how to use contra-admin effectively as a sysadmin. Continue Reading
-
BI platform standardization: Step-by-step approach
BI platform standardization is the key to improved data management and clarity on the cost per report. Follow these steps to standardize your BI with ease. Continue Reading
-
DCIM: what it is and what it does
Data Centre Infrastructure Management holds unquestionable worth, but with the wealth of DCIM tools in the market, IT managers must choose carefully. Continue Reading
-
Gartner’s fabric computing insights
According to Gartner, fabric computing has evolved over the past two years, and is here to stay. Read further for fabric computing implementation insights. Continue Reading
-
Risk management for cloud computing deployments
Cloud risk management involves more than meets the eye. Our expert details risk management for public cloud setups in this multi-part series. Continue Reading
-
Data centre design: Using engineered racks, pods and containers
IT pros must adopt a new approach to data centre design and consider using engineered racks, pods and containerised systems for better scalability, capacity and efficiency. Continue Reading
-
Information security budgets: Five steps to obtain management buy-in
Getting management to approve security budgets is difficult. Here are guidelines to help you prepare and present information security budgets effectively. Continue Reading
-
Maltego tutorial - Part 1: Information gathering
Maltego is a powerful OSINT information gathering tool. Our Maltego tutorial teaches you how to use Maltego for personal reconnaissance of a target. Continue Reading
-
POS terminal security: Best practices for point of sale environments
Securing point of sale (POS) environments can be tricky. Shobitha Hariharan and Nitin Bhatnagar share comprehensive POS terminal security best practices. Continue Reading
-
Using automation, self-service provisioning to build a private cloud
IT pros that recognise cloud computing benefits want to build one behind closed doors. But a private cloud requires automation, self-service provisioning and management planning. Continue Reading
-
Prepare for BCP audits with nine best practices
Business continuity plans are ineffective without proper BCP audits. Our expert has some guidelines on how to prepare for BCP audits. Continue Reading
-
6 point SIEM solution evaluation checklist
With SIEM solutions gaining steam in India, Satish Jagu of Genpact shares concise tips based on the lessons from his SIEM implementation experiences. Continue Reading
-
Windows Azure tutorial Part 1: Set up and manage subscriptions
Wondering how to set up a Windows Azure subscription? This Windows Azure tutorial has all the information to help you create and manage the subscription. Continue Reading
-
Inmon or Kimball: Which approach is suitable for your data warehouse?
Inmon versus Kimball is one of the biggest data modelling debates among data warehouse architects. Here is some help to select your own approach Continue Reading
-
Information security intelligence demands network traffic visibility
Use the network and host data at your disposal to create business-focused information security intelligence policies and strategies. Continue Reading
-
Troubleshooting bogus vCenter icons in VMware vSphere 5
The new vCenter icons that VMware introduced in vSphere 5 are buggy and issue false alarms. Here are some workarounds until the vendor issues a fix. Continue Reading
-
Your 10-step cloud database migration checklist
Thinking cloud database migration? Use this checklist to migrate your database to the cloud to avoid any issues such as security, latency, or integration. Continue Reading
-
Demystifying VMware Site Recovery Manager and its role in DR
VMware Site Recovery Manager (SRM) simplifies disaster recovery, but managing it is tricky if users don’t know how it handles VMware snapshots and how it affects backup software. Continue Reading
-
How IT can convince stakeholders of the value of technology projects
IT professionals must take data centre measures to convince stakeholders of the business value of technology projects. This will help IT emerge as a valuable business resource. Continue Reading
-
Seven NAS backup best practices
Rapid data growth necessitates optimization of NAS backup procedures. Here’s how you can reduce the NAS backup window and increase NAS backup throughput. Continue Reading
-
10 Linux security tools for system administrators
Linux-based tools for security are a boon to system admins for monitoring network security. Here are 10 popular and useful Linux-based security tools. Continue Reading
-
Data center checklist for IT power infrastructure design and setup
Set up a robust IT power infrastructure with this data center checklist. Besides, achieve a flawless IT power infrastructure design following these tips. Continue Reading
-
Map COBIT framework to your DR plan for better management control
By mapping the COBIT framework to your DR plan, you can facilitate governance and improve control. Here’s how you can go about doing that. Continue Reading
-
Segregation of duties: Small business best practices
Segregating duties can be tough in organisations that have few staff members and resources. Get duty segregation best practices for SMBs. Continue Reading
-
Sslstrip tutorial for penetration testers
Sslstrip is a powerful tool to extract sensitive credentials using HTTPS stripping. This sslstrip tutorial explains the working of sslstrip in-depth. Continue Reading
-
CSRF attack: How hackers use trusted users for their exploits
A CSRF attack is a serious Web security threat that, combined with XSS, can be lethal. Learn about the CSRF attack’s anatomy, along with mitigation methods. Continue Reading
-
ERP software migration in four easy steps
An ERP software migration project is not simple to execute. This four-step guide will help you with seamless migration of your ERP software. Continue Reading
-
BackTrack 5 guide 4: How to perform stealth actions
With BackTrack 5, how to include stealth into attacks is a necessary skill for penetration testers. Our BackTrack 5 how to tutorial shows you the way Continue Reading
-
3 essential data center network cabling considerations
Data center network cabling requires meticulous planning and design. Use these tips to determine the best data center network cabling setup. Continue Reading
-
How to manage transient data and replication
Transient data can be tricky to manage, and best practice tips outlined by vendors may have limitations. But there is an easier way out. Continue Reading
-
Free SAN sizing template and useful guidelines
With the explosion in data volumes, optimal SAN design and SAN sizing is key. Use these practical SAN sizing tips and SAN sizing template to get there. Continue Reading
-
How to choose a NAS
Choosing a NAS might be complex but there are a few things you can do to simplify the choice Continue Reading
-
Ways to align ITIL processes with your disaster recovery plan
Aligning ITIL processes to your DR plan leads to more efficient and effective use of IT infrastructure. Learn more about ITIL processes and DR in this tip. Continue Reading
-
BackTrack 5 Guide II: Exploitation tools and frameworks
Our BackTrack 5 guide looks at exploitation and privilege escalation techniques. This part of our guide will improve penetration testing skills. Continue Reading
-
Integrate your CRM application with BI for maximum benefit
Your CRM application need not stop after its growth after rollout. Integration with BI can helps organizations get the most from any CRM application. Continue Reading
-
CRAC unit sizing: Dos and don’ts
A CRAC unit can consume a lot of power, but using it correctly can save costs and avoid fatalities. Read more about correctly sizing CRAC units in this tip. Continue Reading
-
Big data storage management challenges and how to deal with them
Big data storage management is becoming an important concern. This tip will help you deal with your big data storage management challenges. Continue Reading
-
ISDN implementation: Part 2 -- Protocols, components and router options
ISDN provides for digital transmission over ordinary telephone copper wire as well as over other media uses. In this continuation of his tip on ISDN implementation, Chris Partsenidis discusses the OSI Layers, protocols, components and router options... Continue Reading
-
BackTrack 5 tutorial Part I: Information gathering and VA tools
Our BackTrack 5 tutorial covers information gathering and vulnerability assessment using BackTrack 5. Continue Reading
-
8 power usage effectiveness (PUE) best practices for your data center
Power usage effectiveness (PUE) is a measure of power efficiency in data center IT equipment. Use these best practices to learn how to tweak PUE levels. Continue Reading
-
Build an MDM hub with this step by step guide
Building a master data management (MDM) hub can be baffling. Use this step by step manual to build your own efficient MDM hub. Continue Reading
-
Step-by-step aircrack tutorial for Wi-Fi penetration testing
Aircrack-ng is a simple tool for cracking WEP keys as part of pen tests. In this aircrack tutorial, we outline the steps involved in cracking WEP keys. Continue Reading
-
Free-air cooling – using natural cooling in the data centre
If your energy bills are soaring and you want a cost-effective means of maintaining your data centre’s temperature, consider natural cooling or free-air cooling. Continue Reading
-
Map your data classification policy to controls effectively: How-to
Data classification policy plays an important role in control implementation and effectiveness. We take a look at the involved parameters. Continue Reading
-
Big data analytics made easy with SQL and MapReduce
With growth in unstructured big data, RDBMS is inadequate for big data analytics. Know how to use SQL and MapReduce for big data analytics, instead. Continue Reading
-
OpenVAS how-to: Creating a vulnerability assessment report
In this OpenVAS how-to, learn how to use the free scanner to create a vulnerability assessment report and assess threat levels. Continue Reading
-
SLA template and guidelines for DR outsourcing
Use these guidelines along with our downloadable SLA template to structure, implement and successfully manage SLAs for DR infrastructure outsourcing. Continue Reading
-
Metasploit tutorial 3 – Database configuration & post exploit affairs
Part three of our Metasploit tutorial covers database configuration in Metasploit and what needs to be done subsequent to exploitation using Metasploit. Continue Reading
-
Application migration to the cloud: Selecting the right apps
Migrating applications to the cloud depends on many parameters. This tip helps you prioritize and carry out application migration correctly and effectively. Continue Reading
-
Private cloud setup in six easy steps
Private cloud setup entails a systematic progression from assessment to optimization. This tip helps smooth your private cloud setup adoption journey. Continue Reading
-
Best practices for audit, log review for IT security investigations
Device logs can be one of the most helpful tools infosec pros have, or they can be a huge waste of space. Continue Reading
-
MDM tools vendor selection criteria
MDM tools are fast turning into necessities. Start your MDM tools vendor selection process with these helpful tips. Continue Reading
-
NIST SP 800-30 standard for technical risk assessment: An evaluation
Risk assessment with NIST SP 800-30 focuses on securing IT infrastructure. Find out NIST SP 800-30 strengths, and learn how it differs from other standards. Continue Reading
-
Water cooling vs. air cooling: The rise of water use in data centres
When comparing water cooling vs. air cooling techniques in data centres, you will find that air cooling is more popular. But water cooling is making its presence felt again. Continue Reading
-
6 cloud SLA monitoring tips for better service delivery
Cloud SLA monitoring is essential for better service delivery. These tips on effective cloud SLA monitoring help ensure SLAs from cloud vendors are met. Continue Reading
-
Website secure login: Alternatives to out-of-wallet questions
Learn about alternatives to static knowledge-based authentication and out-of-wallet questions for secure website logins in this tip. Continue Reading
-
Metasploit tutorial part 2: Using meterpreter
Part two of our Metasploit tutorial covers usage details of the meterpreter post-exploitation tool in Metasploit to create exploits that evade detection. Continue Reading
-
Nmap tutorial: Nmap scan examples for vulnerability discovery
Learn how to use Nmap, the free network scanner tool, to identify various network devices and interpret network data to uncover possible vulnerabilities. Continue Reading
-
IT gap analysis template: Download the simplified edition
Use our simple IT gap analysis template to document gaps between promise and delivery, for foolproof IT gap analysis and recommendations for bridging gaps. Continue Reading
-
OCTAVE risk assessment method examined up close
The OCTAVE risk assessment method is unique in that it follows a self-directed approach to risk assessment. Leverage its strengths with this expert tip. Continue Reading
-
SAP security tutorial: Top 10 SAP security implementation steps
Implementing SAP software securely isn't only the job of SAP specialists; the entire IT department has a role to play. Learn the top ten steps to a secure SAP implementation. Continue Reading
-
Metasploit tutorial part 1: Inside the Metasploit framework
In part one of our Metasploit tutorial, learn the framework’s basics, to use it for vulnerability scans and create a simple exploit on a target system. Continue Reading
-
Building the business case for a server refresh
As IT managers consider a server refresh, they need to create a solid business case for replacing hardware. Here’s how to garner support for the project. Continue Reading
-
Opex vs Capex: Maintaining the right balance
A few thumb rules can provide answer to the conundrum that puzzles CIOs, opex vs capex. Read these tips to know what suits you the best: Opex or capex. Continue Reading
-
Build open source business intelligence platform successfully
A business intelligence tool without a platform is like a body without a skeleton. Here is how you can build an open source business intelligence platform. Continue Reading
-
13 LUN management tips for VMware environments
Use these LUN management recommendations to ensure your VMware-based virtualization exercise results in optimal storage utilization and performance. Continue Reading
-
Free IT risk assessment template download and best practices
Here’s a structured, step-by step IT risk assessment template for effective risk management and foolproof disaster-recovery readiness. Continue Reading
-
Top incident response steps: Incident response team responsibilities
Do you know the proper incident response steps to handle a breach? Expert Davy Winder covers how to manage incident response team responsibilities. Continue Reading
-
Business intelligence center of excellence (BI CoE): A handy reference
To extract maximum benefit from a BI solution, setting up a BI center of excellence (BI CoE) is essential. Here’s how you should go about it. Continue Reading
-
Leveraging ISO 27005 standard’s risk assessment capabilities
In this first of a series of articles on risk assessment standards, we look at the latest in the ISO stable; ISO 27005’s risk assessment capabilities. Continue Reading
-
5 easy ways to deal with irregular data for improved BI reporting
Tips on how to make irregular data more consistent, accurate and reliable, in order to improve BI reporting and ensure better-informed business decisions. Continue Reading
-
Design change management procedure in five easy steps
Clear-cut change management procedure is essential for success of any enterprise-wide IT deployment. Follow these simple steps to get it perfectly right. Continue Reading
-
Four handy botnet detection techniques and tools: A tutorial
This tutorial will help you determine the right techniques and tools for effective botnet detection. Continue Reading
-
Three automated penetration testing tools for your arsenal
Automated penetration testing tools provide effective exploit libraries and processes to detect network, as well as application vulnerabilities. Our picks. Continue Reading
-
Cloud applications: Five migration tips from Gartner
Gartner offers tips on how IT organizations which desire to carry out cloud application migration can do so in an effective manner. Continue Reading
-
VA/PT technical report writing best practices for pen testers
A good technical report is indispensible to vulnerability analysis/penetration testing (VA/PT) exercises. Guidelines on how to write concise VA/PT reports. Continue Reading
-
6 data warehouse design mistakes to avoid
Although difficult, flawless data warehouse design is a must for a successful BI system. Avoid these six mistakes to make your data warehouse perfect. Continue Reading
-
Demystifying wardriving: An overview
With companies like Google being criticized for wardriving, this tip aims at decoding the concept and the associated legal implications. Continue Reading