Welcome to the third edition of our information risk management newsletter in 2008! - Filip De Wolf (CEO Ascure)

Dear Reader,

“Doing business securely” was one of the first taglines of Ascure in 2000. Today, this tagline is more important in describing Ascure's service portfolio than it has ever been.

Nowadays, we cannot read a newspaper or listen to the news without words like “proper risk management”, "good governance", "liability" or “secure business”. The impact of financial and market risks towards operational, reputational and strategic risks is becoming more clearer.

Management demands that the information, on which they have to base their operational and strategic decisions, is correct, available and confidential. In parallel, continuity of doing business may never become an issue. The Confidentiality, Integrity and Availability (CIA) model is therefore more important in todays secure business. No business accepts nor survives multiple crises at the same time.

Ascure’s confidentiality, integrity and availability specialists can assist you in managing these operational risks. Ascure’s unique Operational Risk Model will help you to control your reputational, facility, information, governance, compliance, crisis and continuity risks. This on a technology level as well as on a business level.

Our proven Ying/Yang (Technology /Business) approach is delivered by experienced and certified consultants. We are proud to say that we have the most certified consultants in the BeNeLux, more than 12 CISSP, 3 CISM, 5 BCI, 5 CIRM, 4 CCSE, 2 MCSE, 3 Lead Auditors and several GHCI, GSCE, GCIA, GSNE certified consultants. Ongoing investments in education, knowledge and experience makes Ascure a unique high quality company. Furthermore, we also share our extensive experience and knowledge with you via our Ascure Academy and BCM Academy, two knowledge management institutes.

Our experienced consultants are looking forward to work together with you and share their knowledge and experience.

Kind regards,
Filip De Wolf

CEO Ascure NV

Schedule Winter 2008

BCM Academy :

Extensive information on the field of study ‘Business Continuity & Crisis Management’ is to be found further on the website (www.bcmacademy.be). For additional information you can always contact us (info@bcmacademy.be or +32 9 220 20 96) or the easy to use BCM Pocketbook and the CM Pocketbook can be ordered as a reference work.

Ascure Academy:

More information: click here and registration: click here.

Ascure Stories: Reflections on workstation security

November 2008, Ghent (Belgium) - Often data security is mainly focused on perimeter security.  Because of the increasing performance and mobility of today’s laptop computers a whole new range of problems can occur ? shifting the emphasis from only perimeter security to a combination of perimeter and workstation security.

Because of the major improvements WITHIN the last year of technology, users aren’t restricted to work in the confined spaces of the company (anymore). Wireless LAN, high capacity USB sticks, MP3-players and cameras  which can act as remote storage devices which make it a lot easier to copy the necessary data to work from home. Unfortunately this also means that, often (sensitive)?, company data travels outside the protected company network. Since external storage devices can generally be used on any computer without restriction worms and viruses can easily be introduced within the company network.  Because of that it is important that a local anti-virus and personal firewall should be installed to protect when your devices are outside the company network or when a threat would pass by the perimeter defense. Additional to keeping unwanted access to your system out a personal firewall, if configured correctly, will also keep your system from accessing other system if it gets corrupted.

For the remainder of the story: click here.

Ascure Stories: Information Security Governance

November 2008, Ghent (Belgium) - In modern society, for many companies and organizations, information is the  fundament on which most product or service delivery supports ?. As such, it is logical that this incredibly important resource is protected.  Due its intangible nature, many don’t succeed in properly protect their information, or even failed to recognize it as a valuable resource. After some notorious incidents that could be traced back to insufficiently protected information, regulators and lawmakers recognized this need and started to define standards, rules, guidelines and governance requirements.  Through this increased concern of regulators and legislation, Information Security Governance significantly has gained attention within public and private sector alike.

For the remainder of the story: click here.    

Ascure new public key infrastructure

November 2008, Ghent (Belgium) - Ascure is pleased to announce the introduction of its new Public Key Infrastructure. This infrastructure will enable Ascure employees to securely communicate internally and with customers by sending digitally signed and encrypted e-mail* increasing the level of confidentiality and authenticity. For Ascure, using Public Key certificates is the next logical step in increasing the level of trust and professionalism when communicating with our clients. In order for you to be able to verify the digital signature, you need to have our Root CA** and Issuing CA certificate***.

These certificates can be downloaded from the following URL’s:

• Root CA: http://crl.ascure.com/Ascure Root CA.crt
• Issuing CA: http://crl.ascure.com/Ascure Primary Issuing CA.crt

(*) To be able to send/receive encrypted e-mail, you need to have your own personal/corporate e-mail encryption certificate.            

(**) The Ascure Root CA certificate needs to be installed in the Trusted Root Certification Authorities store.                                      

(***) The Ascure Primary Issuing CA certificate needs to be installed in the Trusted Intermediate Certification Authorities store.