Test your security

Security Planner provides research-based recommendations that are beneficial for a general population of users, most of the time. It is not a security manual for those facing targeted physical and digital threats who need additional support and more specialized advice. Moreover, if you are aware of a targeted effort to compromise your security, or if your security has already been compromised, you should seek additional help.SECURITYPLANNER.ORG

Segregation of Duties under ERP

Segregation of Duties (SoD) separates roles and responsibilities to ensure that an individual cannot process a transaction from initiation through to reporting without the involvement of others and thereby SoD reduces the risk of fraud or error to an acceptable level.For example, no one individual should be able to set up a new supplier, raise a purchase order for that supplier, post and approve the invoice from that supplier, create, approve and record the payment to that supplier. This is because giving a single individual the ability to perform all of the above operations increases the risk of fraud or error. this is a key part of achieving SOX/MiFID/ISO2100 compliance.

Download SOD GUIDE


Oracle flashback is a powerful way to access past or sometimes lost data. Please check these new tools --> Click

Oracl connectivity to Access/SQL server etc securedly

Heterogeneous Services Oracle9i, like previous versions, supports heterogeneous services to allow data in non-Oracle database to be queried using SQL. This support has been in the form of transparent gateways, which are vendor specific, or generic connectivity which uses ODBC or OLEDB to make the connections. The functionality supported by generic connectivity is typically more limited than that possible when using vendor specific gateways, but it is quick and simple to configure.
The steps listed below can be used to connect Oracle to any ODBC compliant database (MS Access, SQL Server etc.) on the local server: Click for More


E-Procurement process in addition to regular web security requires authentication, authorisation, confidentiality and non-repudiation. Also there can be conflicts on timings as the uploading of the documents is banned after bid-submission time. The imporant e-Procurement related security issues are summarised in the presentation --> CLICK


If you want to go into technicalites, please view this link