-
Exploring Google Chrome Frame security
Can legacy Web applications benefit from the Google Chrome Frame security and interoperability capabilities? Nick Lewis gives his take.
-
How to protect a website from malware redirects
Malware redirects are a serious hazard in the jungle of infiltration exploits; Nick Lewis explains how they can be avoided.
-
RTP attacks: Prevent enterprise data exfiltration
How big of an issue are RTP attacks in the context of all attacks via covert channels? Nick Lewis looks at tunneling for enterprise data exfiltration.
-
Thwarting Telnet security risks
The inherently insecure Telnet protocol shouldn’t be used on modern networks. Learn why and what to use in its place.
-
Change default RDP port for virus protection?
Using nonstandard ports for the RDP protocol blocks the Morto worm. But is changing port numbers a virus prevention best practice?
-
Is it possible to prevent DDoS attacks?
A distributed denial-of-service (DDoS) attack can consume all your network bandwidth. Learn how to prevent a DDoS attack in this expert response.
-
SCIM identity management: Is outsourcing now viable?
Randall Gamby outlines the SCIM identity management standard and offers identity management for those enterprises considering outsourcing.
-
Best practices for implementing dynamic authorization
Randall Gamby discusses the advantages of dynamic authorization vs. other access management strategies and implementation best practices.
-
Time to consider image-based authentication?
Randall Gamby addresses the criticisms of image-based authentication and considers if it's a viable enterprise alternative authentication method.
-
Can the cloud replace passwords?
Expert Randall Gamby details key strategies for SaaS access management and contemporary single sign-on technology that's truly interoperable.
-
Can Android virtual patching thwart malware attacks?
Application security expert Mike Cobb weighs the pros and cons of Android virtual patching to thwart Android malware attacks.
-
Explaining how trusted and forged SSL certificates work
Web security relies on valid, trusted SSL certificates, but as Michael Cobb explains, forged SSL certificates undermine the model for trusted Web connections.
-
Software security lifecycle: Gaining executive support?
Recent BSIMM3 study results provide guidelines for why executive support for the software security lifecycle is so important. Michael Cobb explains.
-
BIOS management best practices: Patches and Updates
Amid growing concern over BIOS threats, expert Mike Cobb discusses how organizations should manage BIOS patches and BIOS updates.
-
Dangerous apps: Should enterprises ban IE, Adobe?
CSIS says five dangerous applications are to blame for 99% of malware. Is it time to ban Internet Explorer, Flash and the others in the enterprise?
-
Enterprise user de-provisioning best practices
Misplaced or stagnant employee access can be dangerous; Randall Gamby details user provisioning best practices for setting up a system to combat this risk.
-
How to manage information security legal issues
Dealing with lawyers is often a challenge. Ernie Hayden offers advice for CISOs dealing with enterprise information security legal issues.
-
How to make an enterprise RBAC implementation easier
Learn the benefits of role-based access control based on job functions of network accessing employees, and how to make an RBAC implementation easier.
-
Minimum password length best practices
Should all enterprises mandate 14-character passwords, or are passwords alone not enough? IAM expert Randall Gamby offers his minimum password length best practices.
-
Considerations for cloud endpoint security
Mike Chapple details discuses considerations for using cloud security services, specifically cloud endpoint security.
-
Submit your questions about infosec threats
Nick Lewis is standing by to give you free, unbiased advice on information security threats.
-
Submit your questions about IAM
Randall Gamby is standing by to give you free, unbiased advice on identity and access management.
-
Submit your questions about application security
Michael Cobb is standing by to give you free, unbiased advice on application security.
Security Management Strategies for the CIO