August 2006

  • SSO: What verticals are further ahead in deploying this authentication mechanism?

    In this Identity Management and Access Control Q&A our resident expert reviews why the SSO marketplace tends to be vertically integrated and discusses what may occur as SSO shifts to smaller organi...

  • Update: Microsoft's fixes 23 flaws, DHS urges action

    Updated: Microsoft releases a dozen August security updates, nine critical. The Department of Homeland Security says one fix in particular should be implemented immediately.

  • The pros and cons of data wiping

    Weigh the pros and cons of software disk-wiping and determine if it can protect against data compromise in this Platform Security Ask the Expert Q&A

  • Inside MSRC: Time to rethink security workarounds

    Christopher Budd of the Microsoft Security Response Center recommends implementing one of several security workarounds to ensure a secure infrastructure until this month's most important Windows up...

  • Telecommuting security: Protecting sensitive data inside and out

    The rash of laptop thefts in recent months has brought telecommuting and remote access security to the forefront of many information security professionals' minds. In this tip, Joel Dubin examines ...

  • AOL apologizes for exposing search data

    A spokesman for the ISP-turned-portal says the release of keyword search information from about 658,000 anonymous AOL users was a "screw up" that was based on good intentions.

  • How to create an optional login for the same application

    In this SearchSecurity.com Q&A, application security expert Michael Cobb explains how to create optional logins for your applications.

  • Spyware war may be a losing battle, experts say

    Black Hat: Spyware is a top concern among security professionals, but experts say there may be no technology that can stop its spread. Instead, the spyware battle may need to be waged on a differen...

  • RFID tags: Do they have a secure future?

    RFID tags, an automatic identification method can be useful, but do they have a future? In this Identity Management and Access Control Ask the Expert Q&A, resident expert Joel Dubin explains how RF...

  • VA desktop PC stolen, 36,000 could be at risk

    Update: The incident marks the second time in less than three months that a VA device with sensitive information has been compromised. One expert blames the systematic problem of too much internal ...

  • Combating phishing scams

    In this Information Security Threats Ask the Expert Q&A, Ed Skoudis reviews what to do if you've been phished and identifies the phishing coalitions that can help combat this email threat

  • Creating a security awareness program

    In this Information Security Threats Ask the Expert Q&A, Ed Skoudis explains how creating a security awareness program can help thwart the insider threat.

  • RSS, Atom feeds ripe for attack

    Black Hat: A researcher demonstrates how RSS and Atom feeds can spread the payload of a zero-day attack. His advice? Subscribe to feeds with care.

  • How to prevent VoIP phishing

    Don't fall prey to a VoIP phishing scam. In this Information Security Threats Ask the Expert Q&A, Ed Skoudis explains why end-to-end encrypted VoIP phones cannot prevent VoIP scams and how to prote...

  • Security Bytes: CA fixes eTrust Antivirus flaws

    Meanwhile: Online thieves steal $700,000 from personal accounts, researchers expose e-passport vulnerability; and arrests are made in the VA security breach case.

  • Extending SSO outside the company: Is it worth the risk?

    Thinking of extending SSO outside your company? Read this Identity Management and Access Control Ask the Expert Q&A. Resident expert Joel Dubin examines it's potential risks and what organizations ...

  • XP SP2 pushed back

    A network management expert and Windows MVP outlines highlights from the coming release of Microsoft's much-anticipated Windows XP Service Pack 2.

  • Akonix A-Series offers complex, best-of-breed IM security

    Product review: Information Security magazine's Sandra Kay Miller says The Akonix A-Series instant messaging security appliances works well but needs better documentation.

  • Thwarting IM management challenges

    Product review: Information Security magazine's Sandra Kay Miller says Symantec's IM Manager 8.0 has limited public network features, but offers excellent reporting.

  • Security event management, no strings attached

    Product review: Information Security magazine's Joel Snyder says Check Point's vendor-agnostic Eventia Analyzer 2.0/Eventia Reporter is worth consideration despite limited BI options.