Information Security Management of Web Portals Based on Joomla CMS
This addresses security vulnerabilities for organizations using Joomla CMS, but it is incremental as it applies existing standards to a specific system.
The paper tackles the problem of securing Joomla-based web portals by applying ISO/IEC 27000 series standards to improve information security management, resulting in enhanced protection against threats.
Information is the key asset of all organizations and can exist in many forms. It can be printed or written on paper, stored electronically, transmitted by mail or by electronic means, shown in films, or spoken in conversation. In today's competitive business environment, such information is constantly under threat from many sources, which can be internal, external, accidental, or malicious. Joomla is a very popular Content Management System (CMS) used for web page maintenance. This highly versatile software has found itself in both large corporate web portals, and simple web pages such as blogs. Such popularity increases its vulnerability to potential attacks and therefore needs an appropriate security management. ISO (the International Organization for Standardization) and IEC (the International Electrotechnical Commission) created the series of standards aimed at providing a model for establishing, implementing, operating, monitoring, reviewing, maintaining and improving an Information Security Management System (ISMS). This paper shows how principles set in ISO/IEC 27000 series of standards can be used to improve security of Joomla based web portals.