 |
||||
|
|
|||
|
||||
Here's a sneak peek at our July-August issue: In this issue of Information Security magazine, Burton Group senior analyst Mark Diodati covers the need to secure privileged accounts, such as UNIX root, Windows Administrator accounts or accounts associated with database ownership and router access. These accounts have root access to critical systems, and that access often goes unchecked. Diodati covers the tools, processes and management needs every enterprise needs to consider in securing privileged accounts.
In another article this month, Editor Michael S. Mimoso looks at the security of the Domain Name System and whether the time has come for widespread deployment of DNS Security Extensions (DNSSEC). One year ago, Dan Kaminsky's infamous DNS cache poisoning bug was made public, and thrust DNS security issues into the public eye in a major way. In the year since, talk around DNSSEC, which has been bandied about for 15 years, has grown to new levels. Top-level domains are being signed with DNSSEC and awareness is at an all-time high.
Also, Senior Technology Editor Neil Roiter covers the evolution of unified threat management appliances. The article covers the differences in midmarket- and enterprise-level UTM, what technology considerations you need to make, what security and performances tradeoffs you'll encounter, and what questions you need to ask before buying a UTM appliance.
TABLE OF CONTENTS
Features
Controlling Privileged Accounts
Regulatory requirements and economic realities are pressuring enterprises to secure their privileged accounts. Applied correctly, technology can help offset the risks.
DNSSEC: Has the Time Come?
DNSSEC brings PKI to the Domain Name System and prevents dangerous cache poisoning attacks. Implementation difficulties and political battles, however, keep it from going mainstream.
UTM Should Not Equal Unnecessary Threat Management
Buying the right unified threat management appliance means knowing what--if anything--you actually need beyond a firewall.
ISP shutdown latest cat-and-mouse game with hackers
While the 3FN.Net shutdown had limited impact on cybercriminals, it signaled that the private sector and the government are serious about illegal activity.
Columns
Editor's Desk: Hey Google: Do the Right Thing
Security's leading thinkers ask Google to turn on HTTPS by default for Gmail, Docs and Calendar.
Perspectives: Wrestling Match
Data protection and compliance teams battle for resources but need each other to succeed.
This was first published in July 2009