Posts

CISA exam passed, now the required experience
August 30, 2014   |   IT Compliance

Update: I published a new post with the most frequently asked questions on this post. Back in the summer 2013, I was interested to pass the CISA exam even if could not obtain the certification without experience. This was a way for me to demonstrate my interest in IT audit to future potential employers.

Continue Reading
Email Security and S/MIME
October 10, 2013   |   Information Security

As I wrote in one of my previous posts, emails are not a secure way to communicate and exchange confidential information but this is not all. In information security, the CIA triad (confidentiality, integrity and availability) is often cited alongside with other key elements such as authenticity and non-repudiation.

Continue Reading
Shared Passwords and Accountability
September 10, 2013   |   Information Security

Accountability is one principle often forgotten in daily business and many employees don’t take seriously their credentials e.g. usernames and passwords. What would be your reaction if an auditor or a person from a law enforcement agency would like to ask you some questions regarding a fraud in your organization?

Continue Reading
Téléphones intelligents et aperçu des notifications
July 14, 2013   |   Information Security

This post was published when this blog was only in French. At the moment, there is no translation available for this post. Pour protéger ses informations, il ne s’agit pas toujours de mettre en place des solutions avancées. En fait, c’est souvent l’ensemble de plusieurs mesures de sécurité qui permettent de protéger globalement l’information.

Continue Reading
Les courriels et la sécurité : quelques notions à savoir
July 4, 2013   |   Information Security

This post was published when this blog was only in French. At the moment, there is no translation available for this post. Que ce soit dans nos vies personnelles ou professionnelles, la gestion des courriels est bien souvent un des premiers services maitrisés sur un ordinateur.

Continue Reading
Banques canadiennes et authentification multifacteurs
June 11, 2013   |   Information Security

This post was published when this blog was only in French. At the moment, there is no translation available for this post. Suite à mon dernier article concernant l’authentification à deux facteurs, j’ai contacté les principales banques canadiennes pour vérifier s’il était possible d’activer une solution d’authentification à multifacteurs avec leurs services bancaires en ligne.

Continue Reading
Principe de base de l'authentification à deux facteurs
June 4, 2013   |   Information Security

This post was published when this blog was only in French. At the moment, there is no translation available for this post. Tout d’abord, il est important de mentionner que l’authentification à deux facteurs n’est aucunement un nouveau concept. Auparavant, les possibilités étaient simplement réservées aux grandes entreprises notamment avec la solution SecurID de RSA Security pour accéder à différents systèmes d’information.

Continue Reading