Skip to main content

Home/ Consitio_20121/ Group items tagged management

Rss Feed Group items tagged

Gonzalo Gandía

A Scrum Master is NOT a Project Manager | Code Enigma - 0 views

  •  
    "Scrum Masters can come from Project Management but that's not a guaranteed fit. Business Analysts and team members can also fit the role. A lot of traditional Project Managers struggle with the transition because they're stepping away from a very structured position, one with them at the helm steering the development and the team towards a pre-defined specification. The often overwhelming change controls imposed in traditional waterfall approaches are no longer there to protect the Project Manager from the risks associated with change. Gone is the over-analysing, form filling approach to change. The Product Owner now has to deal with change, often on a daily basis. Those changes don't have to be a big shift but the decisions made to include them can have a big effect on the end product. Being able to make those decisions is important to the flow of the project to make sure that it A product definition can change massively from the beginning of a project. In fact, a product doesn't need to be fully defined at the outset of an Agile project. That scares the pants off the traditionalists! This is where the Scrum Master plays a vital role. While Agile is becoming a part of many projects, there are still many who shy away from it, are nervous of it or just don't trust it. Often, they see the traditional Project Manager role as far easier to understand. What they don't realise are the restrictions imposed by the old role and approach. The Scrum Master has to coach the Product Owner to help them understand how to achieve their goals and how to continually adapt and prioritise their backlog. He is the link between the Product Owner and the team. The team, depending on their experience will often look for guidance and help in solving issues and blockers. The Scrum Master needs to steer the development through these issues, to resolve any problems that are blocking the development and to involve those in the project with the skills and experience to resolve. There is often
Manuel Carmona

IT risk management - Wikipedia, the free encyclopedia - 0 views

  • Risk management is the process of identifying vulnerabilities and threats to the information resources used by an organization in achieving business objectives, and deciding what countermeasures, if any, to take in reducing risk to an acceptable level, based on the value of the information resource to the organization
  • The IT risk management is the application of risk management to Information technology context in order to manage IT risk, i.e.: The business risk associated with the use, ownership, operation, involvement, influence and adoption of IT within an enterprise
  •  
    "Risk management is the process of identifying vulnerabilities and threats to the information resources used by an organization in achieving business objectives, and deciding what countermeasures, if any, to take in reducing risk to an acceptable level, based on the value of the information resource to the organization"
  •  
    Esta página habla de la Gestión del Riesgo en las TIC así como sus marcos de trabajo más aceptados: ISO 27005 y NIST SP 800 30.
itiooscar

CASOS REALES DE IMPLEMENTACIÓN DE ESTRATEGIAS - YouTube - 2 views

  •  
    Obviando el sesgo mercadotécnico de la compañía, esta presentación muestra la realidad actual en algunas organizaciones, y que según dicha compañía es una tendencia en crecimiento, del uso de dispositivos móviles propiedad de los empleados (BYOD) en un entorno de computación que engloba tanto a los tradicionales data centers de las compañías como el cloud computing y los problemas que presenta en relación con algunos aspectos de la seguridad TIC. Justifica la tendencia de las empresas en permitir, y en muchas ocasiones fomentar, el uso de dispositivos móviles (smarthones, tablets...) propiedad de los empleados para su trabajo en la organización considerando que se favorece, entre otras cuestiones, la productividad de los empleados y la reducción del TCO para la compañía. Asimismo, justifica la inefectiva gestión de seguridad TIC (principalmente el control de acceso a datos y el rechazo de los usuarios a que se gestione completamente SU dispositivo con aplicaciones corporativas pero también aplicaciones PERSONALES) mediante un repaso de cómo se gestionan los dispositivos móviles para garantizar los conceptos señalados anteriormente de la seguridad TIC en la empresa. Propone su solución que se puede resumir de pasar a hacer una gestión centrada en el dispositivo (decive-centric) y mediante MDM, Mobile Device Management) a una gestión centrada en la aplicación (application-centric) y mediante MAM, Mobile Application Management. Para ello se apoya en dos casos reales. Palabras clave: BYOD (Bring Your Own Device), device-centric, application-centric, MDM(Mobile Device Management), MAM(Mobile Application Management), Single sign-on, Trazabilidad y auditoria, OTP (One-Time-Password), SAML (Security Assertion Markup Language), SIEM (Security Information and Event Management).
Gonzalo Gandía

Security risk management - 0 views

  •  
    Where companies fail and succeed 
Gonzalo Gandía

IT Security and Risk Management - 0 views

  •  
    An Overview
guillermo cortina

Preface :: Network security assessment :: Networking :: eTutorials.org - 0 views

  • Assessment is the first step any organization should take to start managing information risks correctly
    • guillermo cortina
       
      Evaluar la red para un responsable de seguridad, es el primer paso a tomar para conocer las vulnerabilidades del sistema. Este libro proporciona una guía informativa de las herramientas y técnicas que los enemigos pueden usar.
  •  
    Edicion inglesa del libro en castellano publicado por ANAYA de Chris Mcnab titulado SEGURIDAD DE REDES Técnicas y herramientas para la evaluación de seguridad de redes
guillermo cortina

ISACA Publica Ediciones en Portugués y Español de la Guía de Seguridad de la ... - 1 views

  • Como la seguridad de la información ha madurado dentro de su propia disciplina, han surgido muchas nuevas oportunidades de carrera
    • guillermo cortina
       
      Guía de Gestión de la Seguridad de la información de ISACA, traducida al español (PDF), necesita de registro previo en la web de Isaca, y pretende dotar al personal de seguridad de las capacidades de gestión (a partir de una certificación dada por Isaca y reconocida por ISO), orientada a ejecutivos y gerentes
Patricia Fernandez

BYOD - Wikipedia, la enciclopedia libre - 0 views

  • Para disminuir los riesgos que implican la adopción de la política BYOD, las empresas han comenzado a tomar algunas medidas para controlar la seguridad:
  • 1- Crear políticas y protocolos de privacidad y seguridad en cuanto al acceso de la información dentro de la corporación. 2- Uso de aplicaciones web, de esta manera, tanto la información como la aplicación reside en un servidor Web seguro, sin dejar nada en el equipo del usuario. 3- Uso de MDM para asegurse que las políticas de seguridad y conexión se ejecuten en la empresa.
  • Bring your Own Device (BYOD), en castellano "trae tu propio dispositivo", es una política empresarial donde los empleados llevan sus propios dispositivos a su lugar de trabajo para tener acceso a recursos de la empresa tales como correos electrónicos, bases de datos y archivos en servidores así como datos y aplicaciones personales.
  • ...1 more annotation...
  • Algunos creen que BYOD ayuda a los empleados a ser más productivos otros creen que eleva la moral de los empleados ya que se permite la flexibilidad dentro de la empresa. De no tomarse controles, esta practica puede ser muy perjudicial para la empresa ya que puede dejar fisuras donde se puede filtrar la información o entrar aplicaciones malignas a la red.
  •  
    Nuevas tendencias pero que complican la seguridad de la empresa
Juan Vicente Lladró

5 Top Trends Redefining CSO Priorities - Microsoft Security Blog - Site Home - TechNet ... - 1 views

  • 1. Consumerization of IT
  • 95 percent of information workers use self-purchased technology for work
    • Juan Vicente Lladró
       
      Cada vez es más popular las políticas de BYOD, Bring Your Own Device, que acrecientan la fragmentación de la seguridad.
  • 2. Cloud Computing
  • ...10 more annotations...
  • 3. Advanced Persistent Threat
  • an enterprise needs to know that resources placed on the cloud have the proper level of security, yet moving to the cloud limits an organization’s ability to control systems and data.
  • The economic case for cloud computing can be persuasive
  • Unlike the highly visible infections of the past, such as the ILOVEYOU virus, an APT is designed to elude detection, making the job of detection and protection all the more difficult.
  • Cyber threat has changed, and the primary concern is no longer malware that incidentally impacts an organization, but rather the threat of very targeted attacks for purposes of industry espionage, cyber crime or – if a company is part of critical infrastructure – cyber war.
  • 4. Expanding Importance of Identity
  • as perimeters fall away and applications migrate to the Cloud, the value of authenticated identity has even more importance
  • NSTIC is the White House initiative to work collaboratively with the private sector, advocacy groups, public sector agencies, and other organizations to improve the privacy, security, and convenience of sensitive online transactions.  Identity management will continue to a top concern for IT departments for the immediate future.
  • 5. Increased Government Role in Cybersecurity
  • “The architecture of the Nation’s digital infrastructure, based largely upon the Internet, is not secure or resilient. Without major advances in the security of these systems or significant change in how they are constructed or operated, it is doubtful that the United States can protect itself from the growing threat of cybercrime and state-sponsored intrusions and operations.” and “Information and communications networks are largely owned and operated by the private sector, both nationally and internationally. Thus, addressing network security issues requires a public-private partnership as well as international cooperation and norms.”
  •  
    Artículo muy interesante sobre las 5 tendencias que están redefiniendo las prioridades del Chief Security Officer
1 - 9 of 9
Showing 20 items per page