Binu Anna Eapen

I worked in a tech support team and we had maximum no. of tickets for password reset. I agree it can be inconvenient but it is for the security of the data and it is worth the price.

BSOD is when the operating system reaches a state where it can’t function properly. It appears when Microsoft window encounter’s issue either with software or hardware related and it can’t recover from it.

It occurs when driver running in kernel mode faces an error from which it cannot recover.

It could be due to improper installations of…[Read more]

Priya I guess both Denial of service and DDos have same effect. Both types of attacks want the same result, and it just depends on how many source machines are used in the attack as to whether it is called DoS or DDoS.

I agree with you Mansi that their might be financial implications in Operating system going bad, in-terms of data loss. But I do not think there will be any cost involved in a corrupt OS. Normally companies have their own image which is built according to the requirements of the company. If the OS is corrupt, then one can easily reimage the…[Read more]

I had an experience once when I was trying to pay online the website redirected me to another page. Thankfully I noticed it showed much higher price than what was the actual cost of the product and then realized that it was a hoax website. So I agree with you that payment process is very vulnerable to fraud. Also certain sites store the…[Read more]

In addition to accounting knowledge, he should also be technically well versed and know the business and its goals well. He should be able to analyze the risks and suggests way to mitigate it. He/she should have complete understanding of the process and should be quick decision maker when issues pop up.

Nice point Ming. Double check verification can mitigate human errors. Also there can also be another person to verify the correctness of the data or by setting constraint checks we can reduce lot of human error.

Well said. I was not really sure about this answer. But after reading this post it gave me a little better insight. I guess CIO is responsible for any controls in a organization. Order to cask should be a joint operation by CFO, CIO and COO.

I agree Said. That would mean they are taking precautions to mitigate that risk. If these application where not in place that would impose great risks right. So on a broader perspective, I still believe it is a risk which is fairly of concern.

And Amazon also lets us change the pick up location incase of returning the product.

Yes Yulun. Amazon return policy provides users the comfort to know that if they do not like the product, they will be able to return the product. So the customers tend to buy more products as this is completely feasible and saves on lot of time and money. Also the sales and discount coupons available make it even more attractive. It also has the…[Read more]

List common control issues associated with operating systems and remediation strategy/plan.

Some common control issues and their remediation strategies:

No proper definition of roles and responsibilities: The user has to be given the right level of access i.e. administrator or user and be assigned to the correct user group. Users need not…[Read more]

Why is so important to protect operating systems?
Operating system (OS) helps run programs on the computer and helps a computer system executes multiple application concurrently in a single hardware containing multiple processing unit. Protection is any mechanism for controlling the access of users or processes to resources. OS integrity is a…[Read more]

Flaw with IOS 10 allows hackers to crack password:

A severe security flaw was uncovered in the new release of Apple IOS 10 which can allow hackers to crack password from backup 2500 times faster than before. The new password verification method is 2500 times slower that IOS 9 backups. Elcomsoft researchers discovered that when IOS 10 backup is…[Read more]

HDFC bank becoming a target to phishing attack Salvi, the CISO was faced with the below challenges:
1. How to ensure the security of online transaction while keeping customer convenience as a priority?
For online transaction HDFC used the adaptive risk modelling where risk score was assigned to each transaction based on some…[Read more]

Yes Said. The example is a great one. I am sure every one of us have atleast one case of misplaced delivery. Even without the third party involved we have lot of fraud happening. Do you think there is a way to prevent it? Is this only due to human error?

2. Which portion of the Order to Cash (OTC) process do they see as the most vulnerable to theft, fraud or failure of some kind? Explain.
Ans. The order to cash has 4 processes:
1. Quotation/order entry
2. Provision of goods or services
3. Billing(invoice)
4. Incoming payment
All the 4 processes are vulnerable to threats equally.…[Read more]

I guess by properly delegating accesses, updating the patch regularly and have proper restore points most of the risks mentioned can be mitigated.

Hi Yang,

But I assume most companies will have a back up system and have multiple recovery points for the databases as it contains lot of important information..

Thanks Priya for the example.