-
Creating a secure intranet with secure file access management
Is it possible to allow employees to access sensitive information via an intranet securely? In this expert response, Randall Gamby explains how Web access management software might help.
-
Who is in charge of the Massachusetts data protection law audit?
Learn more about the process of data protection audits for the Massachusetts data protection law.
-
Using application quality control tools for auditing applications
For auditing applications, most enterprises will find application quality control and assurance tools helpful. In this expert response, Randall Gamby details what types of tools there are and how t...
-
How to stop keylogging malware with more than basic antivirus software, firewalls
Nick Lewis reviews two main desktop-oriented defenses that could be used to stop more sophisticated code like keylogging malware.
-
What are the top three network intrusion techniques?
Nick Lewis reviews the top three technologies used by hackers to cover their tracks after a network intrusion.
-
How do passwordless SSH keys represent an enterprise attack vector?
Passwordless SSH keys represent an attack vector because their safety is determined by the security of the host. Learn how to protect communication between two networked devices.
-
How to prevent rogue antivirus programs in the enterprise
Rogue antivirus programs have preyed on users' fears for several years now, and their presence has increased. Learn how to keep them out of the enterprise.
-
PKI vulnerabilities: How to update PKI with secure hash functions
Learn how to prevent PKI vulnerabilities recently announced by Dan Kaminsky from being exploited at your enterprise with advice from IAM expert Randall Gamby.
-
Disaster recovery and business continuity tabletop exercises
When disaster strikes, will your enterprise be ready? In this security management expert response, David Mortman explains what questions to ask during disaster recovery and business continuity tabl...
-
How to protect a laptop: Biometrics vs. encryption
How has biometrics changed the laptop security landscape? Is full disk encryption even necessary on a laptop with a biometric scanner? Learn more in this expert response.
-
Personally identifiable information guidelines for U.S. passport numbers
Do U.S. passport numbers count as personally identifiable information? Learn more about guidelines for PII in this security management expert response from David Mortman.
-
How to encrypt data-at-rest to meet the HITECH act regulations
What's the best way to encrypt data-at-rest to meet the HITECH act regulations? Learn how to interpret guidance from NIST 800-111 in this security management expert response from David Mortman.
-
Manage access to social networking sites with an acceptable use policy
Social networking sites can cause security issues, but sites like Twitter and Facebook can also open up significant business opportunities. Learn how to manage employee access to social networking ...
-
Encryption of mobile devices under Massachusetts data protection law
BlackBerrys and iPhones are everywhere, but under the new Massachusetts data protection law, is it necessary to encrypt their contents? Learn more in this response from security management expert D...
-
Is KeePass safe? Free password protection programs and enterprise IAM
The lure of free password protection programs such as KeePass can be strong, but are they really up to enterprise security standards? In this response, IAM expert Randall Gamby explains why the bes...
-
How to install a new router to prevent single sign-on problems
Are you receiving router pop-up messages telling you that it is "Unable to do single sign-on or federation"? In this expert response, learn what you need to do to get your router back on track.
-
FERPA regulation guidelines to email student personal data unencrypted
In order to protect student personal data, FERPA was enacted in 1974. But does protecting that data allow for FERPA educational records to be sent unencrypted via email? Find out in this expert res...
-
How to find and remove keyloggers and prevent spyware installation
Keep keyloggers from stealing your users' passwords by learning how to find and remove keyloggers, as well as how to prevent spyware installation in the first place, from IAM expert Randall Gamby.
-
PCI DSS questions: Should full credit card numbers be on a receipt?
Are merchants that fall under PCI DSS allowed to print full credit card numbers on a receipt? Learn more in this response from security management expert David Mortman.
-
How do hackers bypass a code signing procedure to inject malware
In this expert Q&A, Michael Cobb reveals how malicious applications can actually be approved by Symbian's Express Signing procedure.
-
Submit your questions about infosec threats
Nick Lewis is standing by to give you free, unbiased advice on information security threats.
-
Submit your questions about IAM
Randall Gamby is standing by to give you free, unbiased advice on identity and access management.
-
Submit your questions about application security
Michael Cobb is standing by to give you free, unbiased advice on application security.
Security Management Strategies for the CIO