Search

1 to 10 of 54
Sort by

Blog Entry
Information Security Checklist: Best Practices for SharePoint

IAPP’s web resources will go a long way toward introducing you to privacy and information security. It is imperative that you educate yourself so that you understand the fundamentals of information security and so you can ask the right questions of your IT Department. For both privacy and information security, it is also extremely important to be clear as to policies and procedures to which your organization must and will adhere. Your SharePoint properties should list your privacy policies as well as any other notices relevant to data usage or information security, and these notices should be displayed prominently

Matthew Bretzius's profile image


Blog Entry
How can you secure a mobile, social and cloudy company??

However, help is at hand - a recent AIIM publication "Information Security for the Modern Enterprise" plots a route through this minefield and delivers a series of recommendations for how to start addressing these issues

David Jones's profile image

Blog Entry
Uncovering Office 365, SharePoint Online and My Data

Overview of Office 365, SharePoint Online and My Data A major area of concern about Office 365 is the lack of understanding about how and where the data itself is stored and what proactive measures are being taken to ensure that your data is safe. As part of our research and our...

Errin O'Connor's profile image

Blog Entry
What Do You Do with Audit and Event Logs?

: Logging security related events, used to identify and track external or internal attacks - Information Security Real time intrusion detection logs – Information Security Recording changes made to a system in a log – Change management The creation of an audit trail down to key stroke level – Investigations / Forensics Identifying policy violations – Information Security Optimising system and network performance – Information Technology Identifying operational trends and long term problems - Information Technology The picture doesn’t get any clearer when, as you trawl through the Internet looking for that compelling piece of guidance, law or regulation you constantly return the well meaning commentary, which I broadly paraphrase: developing specific recommendations is very difficult because there is no consensus retain activity logs for 3 to 7 years logs are required to be retained for SOX purposes retain as required by local law or regulation…… … you don’t say… But one thing is clear, amongst the myriad of descriptions and purposes attributed to computer generated logs, there is consensus on a few things across the technology industry: Logs are important – you only need to consider what they could prove or disprove They are big and getting bigger – the logs have a huge propensity to consume storage Some uses are well defined – Information Security for instance Others are less so – for instance the real potential to evidence management control So what is the answer… these logs started out for administrative purposes but are gradually (well, as gradually as the poles are melting) morphing into something else; something far more challenging and interesting to the Records Manager

Roger Poole's profile image

Blog Entry
Coming to a landfill near you: Health Records!

Did I get your attention? Good. You need to pay attention to this message because it not only shows vulnerability and lack of control but reinforces the need for strong governance over records and emphasizes just how much of a positive impact moving to an all digital patient records model will...

Bob Larrivee's profile image

Blog Entry
Information Without Governance Is Like A Kid With Free Reign To The Cookie Jar

Everyone wants information, but no one wants records. The problem with records is that they are inactive, locked in a cabinet and no longer serve a business purpose. Information is active and can go places where records cannot go, such as the cloud and to mobile. Records are tightly managed...

Jeff Lewis's profile image


Blog Entry
Student Perspectives: An Interview with Subba Marellapudi of KPMG

Many students are often open to discussing their perspectives on the training, educational experiences and value they received as a result of attending an AIIM Training program. I recently had the opportunity and pleasure to discuss these with Subba Marellapudi of KPMG and will now share our...

Bob Larrivee's profile image

Blog Entry
We Are In Lockdown

In a recent study by AIIM, respondents cite their top concerns with cloud or SasS applications as content being safe from prying eyes, and storage in a legally compliant way. 1 This to me indicates information security concerns

Bob Larrivee's profile image