August 2006

  • biometric payment

    Biometric payment is a point of sale technology in which a customer submits biometric data, such as a fingerprint, to authorize the deduction of funds from a bank account... (Continued)

  • Potential data security law causes concern

    Experts say any attempt by Congress to prescribe data security procedures in legislation would be a disaster. But a standard for the disclosure of data breaches is sorely needed.

  • Survey: Data breaches difficult to spot, prevent

    IT pros worry that false positives and a lack of resources are preventing them from blocking data breaches, according to a survey conducted by the Ponemon Institute.

  • Malware database access sparks debate

    Should an emerging database of more than 300,000 malware samples remain a walled community for trusted users, or is open access the best way to fight off digital desperados?

  • Symantec CIO vies with virtualization, device policy

    Symantec CIO David Thompson says virtualization is a big part of the security giant's future and it has developed a policy to mitigate virtualization security risks.

  • Risk management: Implementation of baseline controls

    This fourth article in the Insider Threat Management Guide examines the implementation of baseline controls.

  • Insider Threat Management Guide

    In this Insider Threat Management Guide, contributor Gideon Rasmussen reviews how to fortify your organization's current insider threat controls and keep internal dangers to a minimum.

  • Risk management references

    References for our Insider Threat Management Guide.

  • How can I protect the sensitive information that resides on my laptop?

    Learn how to safeguard data that resides in your laptop in this Network Security Ask the Expert Q&A.

  • Risk management: Baseline management and control

    Identifying baseline controls is the second step to implementing insider threat controls as described in this article from SearchSecurity's Insider Threat Management Guide.

  • Risk management audit

    This article explores the audit function in the insider threat management process.

  • AT&T breach affects 19,000 customers

    Online outlaws hacked into an AT&T computer system and stole credit card data on thousands of customers. AT&T has offered to pay for credit monitoring services for those affected.

  • Risk management: Data organization and impact analysis

    This first article of the Insider Threat Management Guide explains how to data organization is the first step in implementing insider threat controls.

  • Online crime as ugly as ever

    At this year's Conference on Email and Antispam, one expert said that despite the increasing complexity of online scams and attacks, digital criminals are less about the technology and more about t...

  • Legacy protocol puts IBM mainframes at risk

    The millions of daily transactions processed by IBM mainframes could be at risk, one security researcher says, because of a weakness in a venerable networking protocol.

  • Microsoft probes alleged Internet Explorer flaw

    A research group claims attackers could launch malicious code using a flaw in the way Internet Explorer instantiates certain COM objects' ActiveX controls.

  • Virtualization eases patch management pain

    IT managers are learning that using desktop virtualization software to patch their enterprise desktops has the potential to save time, money and energy.

  • Third-party patching: Prudent or perilous?

    Security patches issued by third parties have become more prevalent in recent months, and while some security pros endorse them, others say they're more trouble than they're worth.

  • Security Blog Log: Opinions abound on IBM/ISS deal

    This week, bloggers ponder what IBM's acquisition of ISS says about the industry as a whole. Is the end in sight for independent security vendors?

  • Mitigate botnets in five steps

    Don't let bots provide back door access to your computing environment. In this tip, Tony Bradley reveals the evolution of bot code, and strategies to mitigate the botnet threat.