December 2005

  • Quiz: Storage security

    Regulations like SOX and the recently approved Personal Data Privacy and Security Act are bringing the importance of data protection to light. Loss of data – be it inadvertent or surreptitiou...

  • Storage security quiz answers

  • Handling vulnerability assessment activities

    Our security management expert discusses the importance of having a security team that handles vulnerability assessments within in your organization and outlines functions and tasks each division s...

  • The 5 A's of functional SAN security

    This tip examines why admins should follow the 5 A's of SAN security: Authentication, access, audits, alarms and availability, to keep their SAN secure.

  • Effective storage security policies

    In this tip, information security expert Kevin Beaver outlines essential policy creation processes along with specific policies you'll likely need in order to ensure storage security is not kept ou...

  • Stop URL spoofing attacks in their tracks

    Learn how to secure Windows systems from URL spoofing attacks using anti-spoofing browser features, e-mail policy settings and word of mouth.

  • How to prevent poor e-mail practices

    In this Ask the Expert Q&A, our application security expert examines why organizations should implement and enforce an enterprise-wide e-mail encryption security policy.

  • Security Bytes: Exploit code targets older versions of Firefox

    In other news, a flaw is found in Opera and the Cyber Security Industry Alliance tells the federal government to show more leadership on security.

  • Keep attackers from phishing in your waters

    Learn why phishing attacks continue to rise and three steps you can take to mitigate this risk.

  • Secure Sphere 2.0

    In this review, Information Security magazine contributor Peter Giannacopoulos evaluates the strengths and weaknesses of Imperva's SecureSphere 2.0.

  • Microsoft issues critical fix for IE

    In addition to the long-awaited browser fix, the software giant also addressed an "important" Windows kernel flaw involving how certain procedure calls are processed.

  • Titan Rain shows need for better training

    SANS says the Chinese-based attacks demonstrate the growing sophistication of hackers, and the need for IT admins who can articulate the dangers to execs.

  • ISA Server security don'ts

    Use this checklist of configuration don'ts to learn what to avoid when securing ISA Server.

  • Service-level agreement advantages and disadvantages

    Learn about the advantages and disadvantages of service-level agreements.

  • How to overcome Web services security obstacles

    Richard Mackey explains how to build secure Web service applications and the difference between Web service protocols and standards.

  • How to prevent phishing scams and protect customers

    In this tip, Web security guru, Nalneesh Gaur examines how hackers are using phishing scams to exploit financial sectors of the industry, why you should care and what you can do to prevent these at...

  • Secure remote access: SSH Tectia Manager

    In this review, Information Security magazine's senior technology editor examines the strengths and weaknesses of SSH's Tectia Manager.

  • How buffer-overflow vulnerabilities occur

    Learn about buffer-overflow vulnerabilities; how they occur, types of buffer-overflow attacks, and how hackers exploit them to gain access to secure and sensitive files.

  • How FTPS differs from TLS

    Take an indepth look at FTP over SSL, how it works and how it differs from TLS and other protocols

  • How to build a user registration form

    Learn how to build a secure user registration form and some general Web-based system guidelines to guide you through the process.