Categories
General IT Information Security

Password Management Guidance

The primary objective of a theoretically sound password formulation policy is password diversity – we want our identity system to contain lots of different, hard to guess passwords.

There are several ways to achieve this but unfortunately most of the common approaches in use today, such as length requirements, complexity requirements, and change requirements, are far from helpful.

Categories
Information Security

Liability, Due Diligence, and Negligence

A short explanation on the meanings and differences between liability, due diligence, and negligence.

Categories
General IT Information Security

The CIA Triad

The CIA triad is a model designed to guide policies and procedures for information security within an organisation. Read on to find out more about the CIA triad and some of the common methods organisations implement to meet CIA requirements.

Categories
General IT Information Security

What is IAAA?

How does security in systems actually work? Well, security generally works on a principle called IAAA; Identification, Authentication, Authorisation, Accountability. Read on to find out what this principle looks like in the real world.