Security Management Strategies for the CIO-
Worst Practices: Three big identity and access management mistakes
Simple IAM mistakes such as writing down passwords and unaudited user accounts can allow malicious access into corporate networks. In this tip, contributor Joel Dubin exposes the most common identi...31 Mar 2008
-
What ports should be opened and closed when IPsec filters are used?
In this SearchSecurity.com Q&A, application security expert Michael Cobb explains how to set up separate branch IPsec filters that connect with a head office.28 Mar 2008
-
TJX faces data audits for 20 years under FTC settlement
TJX Cos Inc. agreed to implement tighter security and obtain independent audits every other year for 20 years, according to a settlement reached with the Federal Trade Commission.28 Mar 2008
-
Hannaford breach details indicate inside job
The fact that so many servers were compromised with malware suggests a trusted user on the inside engineered the data breach at Hannaford's, experts say.28 Mar 2008
-
Does FTPS encrypt data packets at the hardware or software level?
If you need to implement FTPS, which delivers a lot of data securely to a server, it might be worth investigating partial or complete hardware acceleration of the crypto-processing. Platform securi...28 Mar 2008
-
Should disks be encrypted at the hardware level?
Disks that automatically encrypt data as they write -- and decrypt when they read -- are appealing for a number of reasons. Platform security expert Michael Cobb explains why.27 Mar 2008
-
Is Triple DES a more secure encryption scheme than DUKPT?
Both DES and TDES use a symmetric key, but Michael Cobb explains their separate and distinct roles in protecting financial transactions.27 Mar 2008
-
Free support doesn't lead to new love for Vista SP1
Microsoft is working hard to nudge customers onto the Windows Vista bandwagon, offering free support for Vista SP1. But users continue to resist full deployments.27 Mar 2008
-
Windows Server 2008 security not as advertised, says researcher
Argeniss founder and CEO Cesar Cerrudo will show off flaws in Windows Server 2008 next month at the HITBSecConf2008 in Dubai. Microsoft says it's reviewing his findings.26 Mar 2008
-
New virtual switch integrates with multiple security vendors
Montego Networks says its HyperSwitch will integrate virtual network policy enforcement and access control into security products from Blue Lane, Catbird, and StillSecure.26 Mar 2008
-
Failure mode and effects analysis: Process and system risk assessment
Information security pros are always trying to assess which systems and processes pose the greatest risk to an organization. In this tip, Gideon T. Rasmussen explains how the failure mode and effec...26 Mar 2008
-
IBM's Watchfire halts network research, focuses on Web apps
Watchfire is halting its network and host-based research to focus solely on Web application security as part of its integration into IBM. The Waltham, Mass-based penetration vendor was acquired las...26 Mar 2008
-
If one server in a DMZ network gets attacked from outside, will the other servers be corrupted?
An attack to a DMZ server is a big security risk. But does it necessarily mean that other servers are infected? Network security expert Mike Chapple weighs in.24 Mar 2008
-
Altor Networks addresses virtual complexities
With virtualization complexities looming, new software and appliance vendors are emerging to address growing security concerns.24 Mar 2008
-
Microsoft warns of actively exploited Word flaw
Microsoft is investigating active attacks on a database engine vulnerability being exploited through malicious Word documents.24 Mar 2008
-
Google hacking exposes a world of security flaws
In this tip, contributor Scott Sidel examines Goolag, a open source security tool that assists security pros in finding flaws in websites through Google hacking.21 Mar 2008
-
What is the purpose of RFID identification?
RFID identification can be used to keep track of everything from credit cards to livestock. But what security risks are involved?20 Mar 2008
-
Will Lockdown customers be left in the lurch?
Analysts aren't surprised Lockdown Networks closed, given the shaky state of the NAC market. The question now is what Lockdown customers will do for product support.20 Mar 2008
-
Microsoft acquires rootkit detection vendor
Rootkit detection vendor Komoku, which does the bulk of its business with the Department of Defense, will be wrapped into Microsoft's Forefront and Windows Live OneCare software.20 Mar 2008
-
Application hardening tools help repel software pirates
Application hardening vendors can make life difficult for software pirates, forcing them to turn to more profitable, low-hanging fruit.20 Mar 2008
-
News
-
Latest Headlines
-
Featured
-
Information Security Magazine
The information security pro’s resource for keeping corporate data, applications and devices secure
Download Now!
-
-
-
Premium
Editorial-
E-Books
-
E-Zines
-
E-Handbooks
-
- Multimedia
-
Security
Topics-
Topics
- Enterprise Data Protection
- Application and Platform Security
- Enterprise Identity and Access Management
- Government IT Security Management
- Information Security Threats
- Information Security Careers, Training and Certifications
- Security Audit, Compliance and Standards
- Security for the Channel
- Enterprise Network Security
- Information Security Management
-
Hot Topics
-
-
Tutorials
-
Advice & Tutorials
-
Technology Dictionary
-
-
Expert
Advice-
Tips
-
Answers
-
Ask a Question
-
-
White
Papers-
Research Library
-
Product Demos
-
Resource Centers
-
- Blogs
-
Certification
Central