Tuesday, January 16, 2007
Richard on SAS 70
Here's a lengthy post on SAS 70 from TaoSecurity and the common pitfalls companies are falling into by using SAS 70 to create an illusion of being secure. To summarize, its quite easy for a company to earn a SAS 70 certification and yet not be completely secure at all. Some people are recommending SysTrust or the old ISO 17799, 27001, and 27002.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment