 |
MyDoom Virus
The MyDoom Internet worm claimed its first scalp last month by paralyzing SCO's website with a massive data blitz.
SCO has drawn the ire of the "open source" programming community who object to SCO's claims they have copyright control over key pieces of the Linux operating system.
MyDoom.A, also known as Novarg or Shimgapi, comes in the form of a spam e-mail message with well-disguised virus attachment.
It was programmed to take control of unsuspecting computer users' PCs from which it would launch a debilitating denial-of-service attack. It is believed to have infected hundreds of thousands, and possibly over one million, PCs.
Both Microsoft and SCO have issued $250,000 rewards for tips leading to the arrest and conviction of the author or authors.
A free patch capable of wiping the program from an infected machine is available at many anti-virus sites.
Click here for more details.
|
|
Performance Audit of the Network
XP Software is a fast growing IT services company based at Bangalore. To ensure that their IT Infrastructure kept pace with the upsurge in projects and clients, Yukthi Systems was mandated to do a performance audit of the network, including the LAN and Internet connectivity.
Yukthi studied the existing Network using various measurement and analysis tools and presented a report. It analysed the performance of the various elements, supported by facts and figures.
The report also suggested ways and means to build XP Software's IT Infrastructure capable of meeting its growing business needs. Pleased with the outcome, XP Software further engaged Yukthi to put in place the suggested firewall and e-mail solutions.
This is what Mr. Roger Miners, CEO, had to say about the exercise:
"Being a young & fast growing company, we need to have robust & flexible but cost-effective IT Infrastructure.
The performance audit-driven approach suggested by Yukthi Systems made sense to us since we wanted to ensure the best utilization of existing resources before making further investments."
|
|
 |
|
|
| |
|
|
|
Unsubscribe info: Our relationship with you is very important. If you do not wish to receive this bi-monthly newsletter, please indicate.
Dear [[-FullName-]],
Audit. What was once a purely accounting-related term is now well entrenched in the mainstream IT lingo, albeit with a different personality - as Systems Infrastructure Audit. Just as an accounting audit reveals the financial innards of a company, the Systems Infrastructure Audit gives an educated insight into the status of a company's IT systems - how strong or weak they are. It's an area of critical importance, what with corporates operating in an always-on mode and unpredictable risks that come with it.
This issue of Yukthi Infoswitch is themed on Systems Infrastructure Audit. It throws light on the varied facets of the subject and the hygiene factors necessary to keep the IT systems humming in peak form.
Regards - Ramakant Jawalkar
|
|
|
A quick health check of your IT systems
Are you on the radar of some hacker? Are your defenses being probed?
Is there any unauthorized access to information or other computing resources?
Is all software being used in your company legal? Are all your hardware assets traceable?
Are you having chronic problems with email viruses?
Are you squeezing the best performance from your existing IT investments?
Do you have a Disaster Recovery Plan in place?
Do your users complain about slow servers and applications?
Is your ISP delivering the promised bandwidth? Are you using it efficiently?
Chances are, you may not have very convincing answers to all the above. Which is why you need to approach this issue very systematically.
The Business of Running IT: Client Issues
Like any business activity, the IS organization faces operational and managerial challenges in delivering its services. Their performance is monitored on less tangible notions of performance credibility and business value delivered, which are difficult to quantify and prove. In this context, three issues concern CIOs:
Improving and measuring IS service delivery performance
Managing resources effectively
Minimizing the disruption of regulatory change to the project portfolio
Full article from Gartner/ CIO
The IT Audit approach to review internal controls
This article talks about controls from two perspectives - (1) application and management controls, and (2) preventive, corrective and detective controls. This approach provides an orderly basis for conducting an IT audit. One can draw the parallel of an onion where the various forces eroding data integrity, efficiency and effectiveness of a system must penetrate through the layers of the onion skin. Here are two parts of an article by Jagdish Pathak from the IT Audit website.
Part One: IT audit approach in general terms, and the nature of internal controls.
Part Two: Steps in the IT audit approach, and decisions faced by the IT auditor.
|
|
|
Microsoft warns of widespread Windows flaw
If your Windows computer were a car, it would be in the shop for repairs for about as much time as it spends on the road. This week, Microsoft released a fix for another flaw. The latest vulnerability affects every computer running Windows NT, Windows 2000, Windows XP or Windows Server 2003. If left unpatched, the security hole could allow a worm to spread quickly throughout the Internet, causing an incident similar to the MSBlast attack last summer.
Full article from ZDNet, by Robert Lemos.
|
|
|
Never underestimate the importance of documentation
Is IT documentation worth the time and effort? Yes. There are valid reasons for maintaining systems and procedural documentation. Some are:
Creates an accurate record of systems design, maintenance, upgrade and replication.
Establishes an historical basis for future decisions.
Provides IT staff with a customized knowledgebase of systems configuration data, operational procedures and policy information.
Ensures consistency through staff changes and organizational transitions.
Full article from ITtoolKit.com.
Also read "What's missing in today's documentation efforts?" by Peter Seebach
Security policy? Technology's not the answer
While installing systems, guarding perimeters, repulsing attackers and identifying users as they log on helps, what matters is the kind of policies set up to ensure that the technology actually gets used. Security is not fundamentally about technology. Full article by Peter Judge from ZD Net India..
Business Resumption -- A Cost Benefits Approach
Vital business operations are as vulnerable to disaster as the human body is to bacteria, virus and disease. External or internal forces, including the weather, computer failings, human negligence, or unforeseen causes can cause an interruption of critical business function that can cost an organization dearly. Organizations need to be proactive and plan the effort the organization should expend for business resumption plans.
Business Resumption Plans (BRP) are programs with the primary objective to recover critical business functions in the event that an organization is unable to deliver products or services for an unacceptable period of time. Full article by Bob R.J. Canuel from ISACA.
|
|
| |
|
|
|
Yukthi Infoswitch is brought to you by Yukthi Systems Pvt Ltd. © 2003.
Disclaimer: Readers may note that contents are filtered from third party sources. All Brand Names & Trademarks are acknowledged. Newsletter consultants:
www.knowledgeworkz.com. Content related comments and enquiries may be posted here.
|
|
| |
|
|
