Respecting Users' Privacy
Personally Identifiable Information
You may wish to request information about our products and services. To facilitate the distribution of this content, you are asked to provide information, such as, but not limited to, name, company, title, phone number, e-mail address, site name, URL, and address. Based on the your request, Seven Stones Information Security may also ask for additional information, such as number of page views your site receives, how many orders your site receives, and how you heard about us. This is information is provided by you on a voluntary basis only and is not required by us in order for you to use and enjoy our site.
Collected Personal Data
Seven Stones Information Limited may use the information that we collect on the Site to contact you to further discuss your interest in our company, our services, and to send information regarding our company or partners, such as marketing promotions and events. This information may also be used to improve the services we provide you. The information is collected and stored in a manner that is appropriate for the nature of the data that we collect, and the need to fulfill your request. This information is not provided or sold to third parties for their use. Seven Stones Information Security uses secured server areas and advanced firewall technology to minimize the risk of security breaches for individually identifiable information that is volunteered on the Site. Though we make every effort to preserve user privacy, we may need to disclose personal information when required by law, or in order to comply with a current judicial proceeding, a court order, or legal process served on the Site. We will of course notify you should such a situation occur.
Our Site has security measures in place to help protect against the loss, misuse, and alteration of the data under our control. When sensitive on our Site are accessed using Netscape Navigator, Microsoft Internet Explorer versions 5.0, or higher, Secure Socket Layer (SSL) technology protects information using both server authentication and data encryption to help ensure that the data is safe, secure, and available only to you and us. Seven Stones Information Security also provides unique usernames and passwords that must be entered each time a customer logs on to an Seven Stones Information Security product via this Site. These safeguards help prevent unauthorized access, maintain data accuracy, and help ensure the appropriate use of all data. The webserver is protected by a firewall to provide network access control.
Third Party Sites
Latest Blog Post
Fintechs and Security - Part 4
April 12, 2020, 7:15 p.m.
Notice "Logging" is used here, not "SIEM". With use of "SIEM", there is often a mental leap, or stumble, towards a commercial solution. But there doesn't necessarily need to be a commercial solution. This post invites the reader to take a step back from the precipice of engaging with vendors, and check first if that journey is one you want to make.
Unfortunately, in 2020, it is still the case that many fintechs are doing one of two things:
The process HLD takes into risks from threat modelling (and maybe other sources), and another input from compliance requirements (maybe security standards and legal requirements), and uses the requirements from the HLD to drive the LLD. The LLD will call out the use cases and volume requirements that satisfy the HLD requirements - but importantly, it does not cover the technological solution. That comes later.
Security De-engineering, published by Taylor Francis, covers ubiquitous problems in information security and offers a solution in the final chapter
Areas covered: Penetration testing, Hackers, CASEs (Checklists and Standards Evangelists), IDS, Cloud Security, jobs in security, Identity Management, and organisational elements.