Articles in English

The articles are beginning to be translated into English through a collaborative initiative. Take part in this project as a volunteer allowing the content on security to be even more accessible.

In 2009

110# The Firewall climbed on the roof. Apr 2009
The Firewall, in the female, because I am not talking about the device that turned icon of security for years and that protects the networks of data, but this column that since April 1999 was shaped, has lent the name of the device and now complete ten years of continuous existence.

109# Computer lost its function. Mar 2009
Bubble? Nothing! It is a true story of how the experience of users have been frustrating to use the computer. Time to leave it? Certainly not, but everything leads me to believe that it is time to rethink the roles and seek alternatives to this stupid trend to work for the machines.

108# Dilemma of the crisis: brake or accelerate? Feb 2009
But if we are living a crisis, directly or indirectly, because of the inefficiency of the financial controls that take care of the productive chain as a whole, what to do with the projects and investments aimed precisely improve them? It is time to accelerate or halt these projects?

107# How will be our relationship with information by 2019? Jan 2009
Predicting the future is even riskier. The chances of error are enormous and there are still many interdependencies for all these transformations taking place, beyond that, humanity may decide take another course. Back to the sources. Revive the early days and forget all questionable modernity.

 

In 2008

106# My laptop will travel. How to protect him? Dec 2008
There is an entire industry of theft waiting out his notebook Vacation. With the popularization of the equipment was easy to spot many of them going on vacation in the hands of their proud owners in airports around the world.

105# When less is more Nov 2008
The technology industry is hypnotizing to the users, making them exchange what they looks good and functional today against the promise of something better, even without first discovering how to extract the best of what they already possess, or without giving account that the product they already have, fully meets their needs.

104# When everything is in your keyring Oct 2008
The popular pendrive, also known as USB flash memory or memory stick, for example, is a great expression of what you can have in your pocket as a keyring. However, even with its small size, it brings together all aspects of information security with which we should concern ourselves.

103# Do not turn shark food in online auction Sep 2008
In theory is the perfect place to pursue the relationship 'win-win'. However, as occurs in almost any relationship where there is transfer of value, there is the possibility of fraud.

102# Iphone 3G: a grenade in your pocket? Aug 2008
Without losing time with revisions or detailing on the new features, which many have already done so competent to outside world, let's talk about safety and potential risks of the new device.

101# IT GRC: which means in practice Jul 2008
The term GRC has gained wide recognition in the area of business and represents a new and integrated approach adopted by modern organizations to address the issues Governance, Risk Management and Compliance. These are areas with great affinity with each other and can be employed in any area of the organization.

100# End of the recyclable cycle Jun 2008
We need to close the cycle of recyclable solutions soon, and start something structured and sustainable that can be accumulated year after year, thus, contributing towards the increase of maturity with which the companies manage their information technology assets, risks, compliance, reputation and their future. Paraphrasing the famous English poet and playwright, William Shakespeare, the best way of foreseeing the future is to invent it!

99# # Online survival kit May 2008
The first and most important step is to know your risk “appetite”. This is because making payments over the Internet is not 100% safe and it is wise to know the limit of your credit card, for example, so that you can assess your availability and sensibility in case of fraud. In practice, you should assess your potential loss compared with the benefit and convenience of making the payment, and the purchase itself, from the comfort of your home or office.

98# They stole my employee’s laptop Apr 2008
You are not the first, nor the last person to have this sort of problem with a member of your team. The theft of mobile computer equipment is becoming more and more common and is becoming a routine, both in Brazilian and foreign companies. The reason for this is relatively simple.

97# Increase the security of your online payments Mar 2008
The first and most important step is to know your risk “appetite”. This is because making payments over the Internet is not 100% safe and it is wise to know the limit of your credit card, for example, so that you can assess your availability and sensibility in case of fraud. In practice, you should assess your potential loss compared with the benefit brought by the convenience of making the payment, and the purchase itself, from the comfort of your home or office.

96# PCI and the Real Value of Compliance - part 2 Feb 2008
Non-compliance with PCI DSS, occurring through the failure to demonstrate adherence to the standard through the implementation of security controls, may result in fines and other types of penalties to retailers and service providers. In a situation of fraud and compromise of credit card details, the credit card association can charge a fine of up to US$ 500,000 and also US$ 25 for each card affected.

95# PCI and the Real Value of Compliance - part 1 Jan 2008
The indicators of fraud are accompanying the rhythm of growth. According to the international organizations, the costs of fraud with credit cards exceed billions of dollars annually, and in 2007, in the UK alone, the volume was estimated in 800 million dollars, indicating an average growth of 350%. In Brazil, according to data from FEBRABAN, the losses added up to over 150 million dollars.

95a# Prediction of the Main Threats for 2008 Jan 2008
After a turbulent year and full of the usual security incidents, it is now possible to predict the anatomy of some of the threats that will be highlighted in 2008. This is why it is important for you to know your profile and to plan incremental preventive actions.

 

In 2007

# Interview: When the career is the case Dec 2007
Marcos Sêmola has built a wonderful career at Atos Origin, UK, and has an extremely interesting experience to share. Elected in 2007 in the Top Information Security Professionals as one of the professionals of the year for his contribution to the development of information security in Brazil, he has been living in England since 2005, and he is from Rio de Janeiro. He is 35 years old, and is married with a 4 year old son. He has a Bachelor degree in Computer Science by UCP and an MBA in Applied Technology by FGV and Specialisation in Strategy and Negotiation by the London School.

94# Anatomy of the Christmas Fraud Dec 2007
Christmas should only be a period of festivities, renewal, celebration and charity, but it has also become ideal for con artists ‘on duty’. This is because the atmosphere and state of spirit that involves the Catholic population worldwide, makes the people sensitive to emotional issues and, therefore, makes them susceptible to all kinds of psychological fraud.

93# Intelligence of the Fraud Nov 2007
In Criminal Law, fraud is a crime or offence of deliberately deceiving others with the intention of injuring them, usually to obtain belongings or services unjustly. Fraud can also be done with the assistance of fraudulent objects, using different means and targeting distinct marks, allowing them to be classified as scientific fraud; artistic; archaeological; financial; intellectual; electoral; accounting; and journalistic, among others..

92# Time for Security to stop being the icing on the cake Oct 2007
Inside companies the problem seems to be even more chaotic. In general, software developed by internal teams suffers from lack of time, standardisation, documentation, resources, but especially lack of conscience and specific competence to mix all the basic components into a quality recipe.

91# Protect your Virtual Image: cookies Sep 2007
Well, you go to your computer, key in the address of that search site you usually use, and as just as you click the mouse you are greeted with a nominal message welcoming you, as if the computer had immediately recognised you.

90# Protect your Virtual Image: fishing Aug 2007
The opportunities are really widespread on the Internet. The large network has become a channel to get people together, do business, break down geographical barriers, entertain, teach, learn, help, as well as to find jobs or assess candidates. It is like going fishing in a large lake, where the result depends largely on the fisherman’s ability and strategy, and the quality of his equipment and bait.

89# Protect your Virtual Image Jul 2007
Motivated by the potential of interaction of the Internet associated with the enthusiasm for new applications and technologies, people, in general, end up getting quite confused about values. There is an alarming loss of reference about what can really be said, written, shared and especially, with who you can do all of this. As a result, we see users exposing themselves completely and taking unnecessary risks.

88# The first contact with Forensic Science Jun 2007
New professions and market niches have arisen to satisfy recent needs, while other professions are simply being renewed. This is happening with professionals with technical expertise, which has aroused great interest in teenage students and also experienced IT professionals. However, before speaking more directly about Forensic Practice, the concept and context in which the term is applied need to be understood.

87# More Security with a Pocket Operational System May 2007 
Once the scenery to be used is known, the risks have been mapped and the benefits of having a pocket operational system have been considered, you only need to choose the Linux version which best suits you, without also forgetting that there are excellent Brazilian distributors, and add it to your baggage.

86# Backup Phantoms Apr 2007
Security copies or simply backups have been with us for some time, but this is not the reason why they are currently no longer a major concern. They become a problem when we need them to be accessible, operating and ready to recover information destroyed by errors, accidents and sabotages, but they also represent a great challenge at the moment of decision on what to do, how to do, how frequent and how to manage the residual risks of adopting a backup solution.

85# 10 lessons: how to lose money on security projects Mar 2007
Learning through experience is important, but to learn from other people’s errors can make a difference and give you a better advantage. Therefore, I would like to share 10 lessons I think are valuable for any company or information security manager.

84# Practical View of Windows Vista Feb 2007
The world personal computer market has been in turmoil with the innovative, and quite revolutionary, launching in the history of software, marked by the new product Microsoft Windows Vista and its various versions.

83# Trends in 2007 for the information security market Jan 2007
According to ‘A Arte da Guerra’ (The Art of War), written by general philosopher Sun Tzu, to achieve a target you need to act together with other people, know where the action will take place, the obstacle to be overcome besides being aware of your own strengths and weaknesses. Any similarity with the information security battle is no coincidence. Bring on 2007!


In 2006

82# What does the Brazilian have?  Dec 2006  
It is with the same boldness that the service centres, software and solutions are organised into professional associations and joint ventures for promotion in Brazil and abroad and it is today, the best expression of quality and competence making Brazilian excellence tangible in the development of high level solutions and services, and great reliability in the field of information security.

81# The risk sex offers to information security Nov 2006    
It may seem irrelevant, but as there is a merger between the physical and digital world, where the exploitation of a technical failure can create impacts to the user, just like the exploitation of a human error can create impacts to technology, knowing about habits, weaknesses and standards of behavior can make the difference.

80# Orkut dangers you can avoid Oct 2006  
The electronic relationship networks, for example Google’s Orkut, has been growing geometrically. Many people believe that the reason for so much success is associated with the need that humans have of being in contact with others, despite being linked through a virtual interface. Others show clear interest in other people’s lives, in voyeurism, or even in the sensation of being more accessible and visible in a world where time with friends and family is becoming increasingly scarce. There are also those who use the environment to meet old friends and establish interest groups that enable the exchange of tips and experiences.

79# E-mail etiquette: efficiency of communication Sep 2006
Electronic mail has definitely changed the lives of people and companies after becoming one of the most popular means of communication in the computer age. However, its efficiency has been put to the test against the interminable threats that promote the loss of productivity, expose the user to traps and viruses, besides all the other reasons that could undermine the availability of the service.

78# May the password be strong until the arrival of biometry Aug 2006  
However, coming back to the password reality...if we have to continue using it for a little while longer, may it be at least strong enough to give us protection. And, despite referring to it as ‘old’ earlier, the user needs to keep it young, compatible with what is being protected and also updated in relation to the power of computing.

77# In information security, less can be considered as more Jul 2006     
Simplifying has been my challenge in the last 7 years, writing and talking about information risk management in lessons and lectures. I believe the companies and Chief Information Security Officers, in general, should channel their efforts focusing on the treatment of more relevant threats and risks, and therefore, invest time and money in the most significant of problems.

76# Does security halt or accelerate business? Jun 2006   
However, different to the initial interpretation, which we made regarding the brakes of a vehicle, this is not intended to prevent the car from going any faster. On the contrary, the efficiency of the brakes is the key component considered so that motor engineers can develop even faster vehicles with the certainty that they will stop efficiently in a moment of crisis.

75# Brazilians in the land of the Queen  May 2006  
"Definitely, when the issue is to create and innovate, Brazilians are in the limelight. Like what has been happening in football for decades, and more recently with the title ‘Joga Bonito’ (Play Beautifully) given due to it being close to the FIFA World Cup, I hope to see new labeling soon..."

74# Biometry at the Service of the Population Apr 2006   
Heathrow, one of the largest and busiest airports in Europe, in London, UK, has just announced that they will be adopting a support system for immigration control based on iris identification.

73# Predictability Factor  Mar 2006  
Predictability, therefore, has nothing to do with card games, divination and crystal balls, but with the quality of what is predictable from the perception of risk and tolerance.

72# Tolerance Zero Security  Feb 2006  
In a tolerance zero environment, failures in the business layers are not expected, and for this reason, avoiding a risk by leaving out some immature technology, for example, is a wise decision.


In 2005

71# SPAM Dec 2005  
Despite many concrete facts, I will not give up on my conviction that we have not become computer users to make selective collection of garbage.

70# Have you heard about data kidnap? Nov 2005
In the most advanced model of this type of fraud, the data is not transferred, copied or altered, it is simply protected by the kidnapper with strong cryptography so that only he has access...

69# Security will be compromised, it is just a question of time Oct 2005
It is almost a mathematical statement, for if there are failures and threats, therefore risk, the resulting impact of the exploitation of the first by the latter is certain, and is exclusively dependent on time.

68# The budget is always lower Sep 2005
The result of this stage of negotiation is almost always a mixture of the dimensioning of a lower budget than is necessary and living with a false sense of security making the holder take on risks, which would have been better if they pretended they did not exist.

67# What I said about security and I need to explain: part 2 Aug 2005
The security problems and risks tend to increase exponentially while the budgets for the countermeasure will never accompany this index.

66# What I said about security and I need to explain: part 1 Jul 2005
No company will ever be protected from threats that put their information at risk. This would be extremely expensive or their processes would be extremely restricted.

65# Things I would not like to say about security, but I have to Jun 2005
Before taking any strategic or practical initiative in information security, we need to reflect about the following perceptions to check if we are going in the right direction. Risk: No company will ever be completely protected from threats to its information. This would be extremely expensive or their processes would be extremely restricted...

65# Things I would not like to say about security, but I have to Mar 2005
No company will ever be completely protected from threats to its information. This would be extremely expensive or their processes would come to a halt.
+ InfoSecurity Magazine

64# It is our fault Feb 2005
How people behave when they are faced with security measures and countermeasures makes all the difference. The perennial nature of human beings is certain and, despite the trend pointing to a scenario of increasingly less interaction, they will always be backing decisions, controls and tools...

63# The paranoia of security has reached the end user Jan 2005
It took time, but the paranoid behaviour concerning information security has reached the end user. For information technology professionals, the matter and the motivation factor have been known for some time, which are also the main reason for the development of a fear syndrome, or better, respect for the electronic risk agents…


In 2004

62# CSI Novelty, Washington Nov 2005
The 31st International Conference of information security organised by the CSI - Computer Security Institute, has come to the end, this year taking place in Washington, DC. During 5 days, there were more than...

61# Security Scorecard and Formula One Sep 2004
Monitoring the level of risk and measuring the efficiency of the security control adopted by the company seems to be the desire of 10 out of 10 information security managers. Not in the least...

60# Pareto and Security Jul 2004
Pareto, an Italian scientist, discovered in the last century, a cause effect relationship in which 80% of the results are generated with an effort of only 20%. It may seem unreal, but the time and continuous exercises with the figures have shown managers that ...

59# Cryptography, Biometry, Backup and Drowsiness Jun 2004
Therefore, understanding so many information security concepts, many risk management methods, being familiar with many technologies, tools and procedures that involve people and equipment, in situations like this one, a single combination could make the victim relax and fall into a deep sleep: cryptography, biometry and backup. Try it out!

58# Information Security to protect the Manager May 2004
Protecting important information for the company’s operation, does that make any sense to you? And what about protecting the information to protect the manager? Now, more than ever, yes. The last of the three factors that encourage investment in information security, liability, is beginning to make sense to companies and the men who are running the business...

57# Motivation: the key to security Apr 2004
Protect information that subsidises the operation of the company’s business processes. Reduce and manage the information risks and the impacts potentially caused by an incident of leakage, fraud, sabotage and unavailability. These seem to be the reasons that influence the executive and his consultative committee into adopting measures and making investments in security, but it is wrong to think this way...

56# Security Week’s 2004 Balance Mar 2004
This time the traditional article has become journalistic footage. I took part in the event considered by the Brazilian market as the largest gathering of Brazilian professionals, scholars and those interested in questions of information security, the Security Week. In its third edition...

55# Virus: how to be 100% safe Feb 2004
Stop using the computer. This seems to be the best solution, if not the only one, which would really eliminate 100% of the risks of contamination by computer virus. In the world there are more than 50 thousand computer programmes developed to cause injury, loss of information, leakage or any other damages to the computer operation...

54# Governance and Professional certifications Jan 2004
Facing a professional challenge and not feeling prepared for it is a situation of major concern. Generally, the sense of incapacity can result from lack of formal study, low esteem and lack of self-assurance, or even the clear and transparent notion that you do not have all the necessary competence and a sufficient number of accumulated experiences that allow you to shoot the one and only arrow and hit the centre of the target the first time...


In 2003

53# 2004 Outlook: information security market Nov 2003
After practically twelve months after the last prediction of the information security market in Brazil, we are faced with new surprises, and it seems like this time the well known Murphy’s Law is in action, explaining – under the vision of security – the precept that the slice of bread always lands with the buttered side down in direct proportion to the value of the carpet. This is due to...

52# Closed software: is it necessary? Oct 2003
This is what happened. Small software producers got hold of a version of an open product, as the structural base, and they began working on the optimization of the interface, support to devices and network services, among others, making it take on its own identity. Everything seemed like a straightforward initiative of collaborating with the open source community...

51# Palmtop: useful for the executive & dangerous for the company Aug 2003
It is true that every year the capacity and speed of computers double and that the processes of miniaturization are taking long steps, motivated by the emerging demand of the market for automated processes, reduction of the response time, distributed processing and mainly the need of guaranteeing that the information will be available at all times and in any place...

50# The need to justify investments, but how? Jul 2003
You must have asked yourself the same question at least a ten times, like I have. But, don’t expect to find the magic formula here or an infallible recipe to answer it and approve all your information security projects. It is true that we have been looking for this for a long time, but there is simply no method nor has one been invented that can be applied to any situation...

49# Change Management: key to “selling” security Jun 2003
It is not possible to deny. Human capital is determinant in guaranteeing the success of any corporate initiative with the objective of mitigating information security risks and transforming the targets of the Strategic Security Plan...

48# What is the Security Manager’s role? May 2003
According to a study by the Giga Information Group, in March this year, although information security departments in corporations around the world have received an average of 5% in their budgets, more than 50% of the companies have invested in incorrect and irrelevant security projects. Moreover, Giga predicts for this year that more than 90% of all organisations will nominate an individual or a special department for the task of managing information security...

47# The Security Management enigma Apr 2003
Why are we hearing so much about Security Management? Is it because of the excessive activities and projects, by the volume of corrections that have been made to computers every month, or by the increasing maturity of the market with the formation of internal teams and specific information security norms? The answer lies in the combination of all of these. In other areas of knowledge, in the past decade, we have seen consultancies strengthened by the complexity of quality projects...

E2# Executives face security challenge Mar 2003
Study by an FGV professor helps to prioritise actions and define a protection plan. The IT manager or any executive that plans to deal with the seriousness of the information security question will make good use of the book published by Editora Campus, Gestão de Segurança da Informação - uma visão executive (Information Security Management – an executive view...

46# Peopleware: hire without risking your information Feb 2003
Employees get together with the new collaborators hired recently, to become co-responsible for the company’s operation. Cutting edge hardware, performatic software and, why not, peopleware…

E1# You need to have an integrated view of the risks Jan 2003
By the end of this month, Marcos Sêmola will be launching the book “Information security management: an executive view” (Editora Campus, 176 pages, R$ 35). The idea of the book is to help companies and their CSOs...


In 2002

45# 2003 Outlook on the security market in Brazil Dec 2002
Almost twelve months after the last prediction for the information security market in Brazil, we are faced with many surprises, which make it more difficult to predict the scenario for 2003. However, we have recognised new variables that now help us to correct deviations in understanding and give us subsidies for a prognostic that is closer to reality...

44# Test: is the company in compliance with ISO17799? Oct 2002
The article this month has a practical purpose and is intended to help you realise your company’s level of compliance with the Information Security recommendations of the international BS7799 norm or its Brazilian version, NBR ISO/IEC 17799...

43# Why is so much being said about the ISO17799 Norm? Aug 2002
What is the purpose of an ISO norm? Many of us have never asked this question, despite being daily in contact with certified products, companies recognised by certifying bodies and, in some cases, B2B business relations that...

42# What type of analysis does a CEO need?  Jul 2002
Decision. This is what executives associated with security and Security Officers need to do all the time. What level of risk are they ready to accept? What percentage of investment in IT should be considered for security? What are the immediate actions towards imminent threats? What needs to be postponed and prioritised...

41# Have you made a true risk analysis? May 2002 
This question may have surprised you, just like it has surprised some of those responsible for information security. It may have given the Security Officer, the Technology Director, the network administrator a sense of doubt or mistrust, or may even have made security analysts leave their comfort zone...

40# Seven actions of very efficient Security companies Mar 2002
Many books, a large part of which are bestsellers, adopt similar titles to this one to highlight the behaviour, techniques and tools that have shown efficiency in each one of the sectors of knowledge and management. Following this apparently brilliant idea, I asked myself: why not also highlight the positive points that have brought good and actual results to companies associated with information security management!?

39# Is your SPB a time bomb? Jan 2002
On 22nd April 2002 the country celebrates another anniversary, more precisely, the 502nd anniversary. The same date marks the beginning of Brazilian Payment System (SPB – local acronym) operations, which promises to revolutionise the national financial system.


In 2001

38# 2002 Outlook: Information Security market Dec 2001
Based on years of experience following and working in the security market, following the conceptual evolution of information security brought about by the dedication applied by specialists and scholars, and also seeing the rise of relevant technologies, I feel more confident to continue writing this short summary – organised into topics – about what 2002 is going to be like to the market, in general, and to security professionals...

37# We have discovered the Security Officer’s agenda for 2002 Nov 2001
As usual, this information executive also needs to quantify efforts, plan activities that are normally pluri-annual and establish budget plans in order to foment the creation...

36# Time to choose: privacy or more security Oct 2001
The challenge is intimately related to the “dose” of control applied in the processes, technologies and people. It is as if we had to balance the scales...

35# Terrorism in the USA: how is your site? Sep 2001
Tuesday, 11th September 2001, 10:23 a.m. – in Brasília – and news from American sources escalating from mouth-to-mouth. Supposed act of terrorism...

34# Why do I need this? Aug 2001
Assuming that your reaction to this question is the same as the majority, you have never really stopped to think a few minutes about how to assess the importance and role of doors. For they are devices installed to give physical access to your flat. They are control mechanisms that can be opened and closed according to what the owner wants, allowing, or not, access to the interior of your residence.

33# Information security: myths and facts Jul 2001
I decided to break the routine of the column and write something even more didactic and practical in order to eliminate doubts, ratify truths and do away with myths associated with the subject...

32# SPB: three letters and many challenges Jun 2001
One more acronym appears for us to memorise, this time related to the financial sector and not directly to IT – as usual. The SPB or Sistema de Pagamentos Brasileiro (Brazilian Payment System) has become the main topic on the agenda of 170 Brazilian banks...

31# Risk Management May 2001
Teaching the subject Information Security in Master in Business Administration (MBA) courses, where the large audience has an executive or entrepreneurial profile, I am frequently questioned about the challenges of security, the most adequate solution, and mainly about the possible existence of an equation that enables the management of risks...

30# Director Security Plan: critical success factor! Apr 2001
After making many errors in the attempt to repair security problems scattered throughout the various perimeters of the company, a critical success factor has been identified: Director Security Plan...

29# Security Strategy: spot the 7 errors (puzzle) Mar 2001
IT Director Plan is a known expression in the large corporate environments. They take up a lot of time in planning and mainly devise high investments to allow companies to maintain and reach increasing levels of competitiveness...

E3# Driving Security Management towards results Feb 2001
Contrary to the pessimistic expectancies, the European Norm BS7799 rises as a saving compass that competently points out the codes of conduct for information security management. Pointing out what to do, the norm clarifies and gives understanding to the challenged team...

28# I know WHAT to do with security, but HOW? Jan 2001
This question must be in the mind of at least 80% of the executives or employees responsible for managing information security, of the portion of companies that have been sensitised towards the problem and seek the reduction of corporate risks...


In 2000

27# Protecting your laptop is also protecting your business Dec 2000
Thanks to the amateurism of Brazilian criminals, many of these kinds of attack STILL have as their main objective the commercialisation of the equipment and not its content...

26# 7+7 Tips on how to protect your business - part 2 Nov 2000
Giving continuity to the previous article, there are 7 other tips to increase the level of security of your business, reducing the maximum of risks...

25# 7+7 Tips on how to protect your business - part 1 Nov 2000
A long time ago I wanted to write a more objective and practical article. Something like a list of basic activities to guarantee corporate security. A set of tips and procedures. Thus, encouraged even further by the latest e-mails that have mentioned this matter, here is...

24# On the limit of insecurity Oct 2000
The companies are living ON THE LIMIT! They integrate all the elements of the productive chain – suppliers, partners, distributors and the government – through hybrid connections, and also share strategic information remotely with the employees, who with their laptops access the corporate network...

23# PKI: the key to security on e-commerce SeP 2000
Breaking the protocol of the column, I have opened exclusive space in this edition for a specialist in Information Security, which with incontestable competence has managed to make an issue, which was once complex and intelligible to mortals, easy and pleasant to read. Considering this fact, I had to give in and let the reader benefit from this efficient clarification about the promising PKI – Public Key Infrastructure technology…

22# Your litter could be worth millions Aug 2000
Tons of paper and media are thrown out monthly by high technology companies. It is obvious that a large part of this material has no value at all, but surely in the midst of so much rubbish, there is the result of research, tests, feasibility studies, industrial secrets...

21# Do you believe in ROI? Well, you should Jul 2000
The ROI study is definitely a part of the daily activities of technology executives today and, especially, information security is certainly a part of the agenda and an excellent reason to be considered as an investment...

20# Is your ERP system safe? Jun 2000
If your company has been through all of these stages of implementation – eventually suffering from not meeting deadlines and exceeding the budget – and has still survived, you should know that it is still not entirely safe...

19# Prevent the E-business from becoming an E-problem May 2000
This is the new economy, where the behaviours differ from the real world and where initiatives that only exist on paper, in the form of ideas, are worth more than physically concrete and palpable ventures...

18# Security: much more than technology Apr 2000
Man is the motion gear, the part that puts the corporate machine in motion. He is responsible for all the technology that becomes the infrastructure for the business. He is the one who manipulates computers, programmes and information...

17# Fraud: it is not always the hackers that are to blame Mar 2000
Many of this kind of fraud happen daily, which signals the increasing action of opportunists and not just specialists. The technique of social engineering, allied to the lack of awareness and readiness of accountholders, without forgetting the part of the blame due to neglect, have increased...

16# Hackers: sleeping with the enemy Feb 2000
Initially, a justifiable initiative. Who could know better about threats and security flaws? Who would know how to preview technological advance?

15# What the Telecom segment expects? Jan 2000
There are many changes, new technologies and expressions rising in this segment. Revenue Assurance or Guaranteed Revenue, is certainly the main concern, after all, the escape from invoicing following imprecision and inconsistency provoked mainly by the Billing system...


In 1999

14# Security in readymade Public Key Infrastructure applications Dec 1999
Public Key Infrastructure is a good example of newly created technology. PKI or public key infrastructure, consists of services, protocols and applications used to manage public keys...

13# Procom, Credit, SPC and Security? Dec 1999
Non-authorised electronic transactions; undue collection of bank charges; lost chequebooks; not supplying copies of contracts and queues; long waiting time and poor customer service in the branches. Phew! After an intensive list of the most common problems, supplied by the main consumer reporting agencies, an interesting fact can be observed: a large part of complaints has been caused electronically.

12# ESP, the next strike Nov 1999
It is time for security! Businesses were initially concerned with absorbing all the technology available, exploiting the network resources, Internet and Intranet. Now...

11# E-mail: how to control without infringing? Nov 1999
The recommended practice is directly linked to the partial control of the traffic of information and the awareness of its users. This strategy can be converted into various actions...""

10# E-business, E-commerce, and now... E-security! Oct 1999
Your business, whatever it is, is no longer based on buildings, machinery and equipment, but on information, knowledge and intelligence. Knowledge is the true asset in the digital era...

9# Password: slowing down your business Oct 1999
The importance of a well-chosen password and its confidentiality is clear from now on, because if someone knows your identity password they will have access to all the services associated to it, as if they were you. Making an analogy, you would simply have taught them how to sign on your behalf...

8# The company on IP (Internet Protocol) Sep 1999
The electronic mail (e-mail) itself has become useful in a time of disaster. So, why not use a computer network and the Internet also for telephony? Computers are in all corporate environments...

7# Classifying is necessary Sep 1999
Does your company deal seriously with information that contains business secrets? If you could not answer, because simply speaking, you could not identify this type of information, it is time to begin thinking about the Classification of Information...

6# 2892: four numerals and little time Aug 1999
It is good to clarify and separate the contingency plan from the return and recovery plan. In reality, they are complementary procedures. The recovery plan is in charge of solving the disaster...

5# Small details, large vulnerabilities Aug 1999
In this chain concept, there is a concern about maintaining the same level of security in each link, because it is no use having extremely strong links, if one of them is weak and vulnerable...

4# The E-Mail climbed onto the roof... Jul 1999
The majority of users are unaware, but receiving an e-mail by Internet is equivalent – from the point-of-view of security – to receiving a post card written in pencil...

3# Cabling: an important link in the security chain Jul 1999
Even with all the changes and challenges that are a part of every business, a structured cabling system can eliminate the need of interrupting...

2# Resolution 2554, race against time Jun 1999
Many questions and only one answer: you cannot think of meeting a resolution, without guaranteeing the controls and security of your business. You need...

1# Corporate protection, now from the inside out Jun 1999
The personal firewall has in fact brought a complementary concept to the traditional firewall. When it is used in the stations of a corporate network...

F# Internet Banking: the alternative channel May 1999
Recent data has revealed that a financial transaction using a conventional branch, costs ten times more than the cost of the same transaction done remotely...

E# What is the association between Condom and a Personal Firewall? Apr 1999
The firewall, traditional in interlinking LANs and WANs and protecting against access to servers with the separation of the internal and external networks, has been achieving...

D# What is the association between Cabling Mar 1999
No other network component has a longer life cycle or requires further consideration. Concerning the importance of cabling, the industry has established...

C# Trojan Horse Guide Feb 1999
The legend of the"Horse of Troy" says that a large wooden horse was presented by the Greek to the people of Troy, as a sign that they were resigning from war, and wanted peace. This horse was hiding...

B# Bank Automation: what about security? Feb 1999
The risk is also critical in the Intranet environment. The current model for network security has assumed that the “enemy” is outside the company while inside everyone is trustworthy. This idea has...

A# The thorns of Internet Banking Jan 1999
More than 2.5 million Brazilians use the Internet and 51% of them use Internet banking/Home banking services. We cannot close our eyes to what is going on around us.

The articles in this section may be partly or entirely reproduced, or used as reference, as long as the credits to the author and source are preserved. We would also like to request you to inform the author about its use by e-mail.

The articles are available in the Adobe PDF format , which guarantees better control and security.

FORMAT
Marcos Sêmola website© 2009 | www.semola.com.br | Brasil, Rio de Janeiro | London UK, Netherlands NL | ©S4P Photography
Translated by Global Translations.BR www.globaltranslations.com.br

HOME | OBJECTIVE | ARTICLES | PROJECTS | CONCEPTS | PROFILE | CONTACT
Publicity

Parnership:




Interested? Find out more

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Base Article




ARTICLES

Autumn, 1999
by Marcos Sêmola

This is when it all began. Created on 22 April 1999 by IDGNow, the largest information technology portal in South America, the Firewall Column came to supply the need for information related to the corporate management of information risks with the use of simple language and a critical posture by the author.

Os artigos são publicados mensalmente e se encontram organizados também aqui. São mais de cem artigos retratando a realidade dos problemas e soluções que envolvem a gestão de riscos, Suas contribuições se estendem à outras publicações destinadas aos mais diversos segmentos de mercado e veículos de comunicação impressa, eletrônica e audiovisual. Boa leitura.

Present on the Internet supporting education.
1997-2011

EDITORIAL PRODUCTION


Crime? Denounce it
www.semola.com.br
4 January, 2011
PORTUGUÊS .
IDG Group



The IDG Group is the world leading company regarding offers on Information Technology content
.

VoIT

The Voz on TI was innovated by the news in MP3 commented by specialists.

COPYRIGHT

Media

Local:
Jornal Estado de São Paulo
Jornal Folha de São Paulo

Jornal O Globo
Jornal Policiais Federais
Portal CSO Online
Portal Computerworld
Portal Decision Report
Portal Globo Online
Portal IDGNow
Portal Info Guerra
Portal Information Business
Portal Information Security Task Force
Portal Módulo Security
Portal Serpro
Portal SOCID
Portal VoIT

Revista B2B
Revista Business Standard
Revista Cabling News
Revista Checkin
Revista ComputerWorld
Revista Petrobras
Revista Petroinfo
Revista da Web
Revista Developers Magazine
Revista Disaster Recovery Mercosul
Revista E-commerce
Revista e-Manager
Revista Época
Revista Exame
Revista Executivos Financeiros
Revista Fonte
Revista Ícaro
Revista Impressões PF
Revista InfoCoporate
Revista InfoExame
Revista Informática Hoje
Revista Information Week
Revista Internet Business
Revista Isto é
Revista Meio e Mensagem
Revista Exame Negócios
Revista Network Computing
Revista Proteger
Revista Risk Report
Revista Security Magazine
Revista Security Review

Revista Sociedade Digital
Revista Tema Serpro

+

Internacional:
ISACA Magazine
Information Security Magazine
ISMS PT
SINFIC Newsletter





 

Themes

Risk Analysis
Bank Automation
Awareness
Backup
Biometry
Structured Cabling
Awareness Campaign
Professional Certification
Change Management
Forensic Science
CISM
CISSP
COBIT
Behaviour
Compromising Data
Computer Security Institute
Compliance with BS7799
User Awareness
Brazilian Consultants
Business Continuity   
Access Control
Cookie
Cryptography
E-Business
Enterprise Security Planning
E-Security
Image Protection Strategy
Information Security Strategy
E-mail Etiquette
Europe Information Security
Security Project Failures
Predictibility Factor
Firewall
Electronic Fraud
Financial Fraud
Management of Projects
Change Management
Management of People
Information Risk Management
Corporate Governance
GRC
Hacker
Windows Vista
Internet Banking
ISO 17799 / ISO 27000
Justifying Investments
Security Management Book
Pareto’s 80/20 Model
Investment Motivation
Role of Information Security
Role of CISO
Role of Security Manager
PCI Payment Card Industry
Peopleware
Profile of the CEO
Outlook of the Security Market
PKI Public Key Infrastructure
Budget Planning
Director Information Security Plan
Security Policy
Prioritisation of Security
Privacy
Corporate Protection
Virtual Image Protection
Business Protection
Recruitment
Resolution 2554
Resolution 2892
Return On Investment (ROI)
Orkut Risks
Identity Theft
Security Officer
Security Scorecard
Security Week
Laptop Security
PDA Security
E-mail Security
ERP Security
Physical Security
Password
Data Kidnap
Linux Operational System
Open Software
SOX Sarbanes Oxley
SPAM
SPB - Brazilian Payment System
Security Technologies
Trend of the Security Market
Terrorism
Trashing
Trojan Horse
Virus
Integrated View of Risks