Data security strategies and governance

  • January 04, 2007 04 Jan'07

    Cisco software vulnerable to attack

    Cisco's Clean Access software and Clean Access Manager are at risk to attack. A malicious user can access a database snapshot and download it without authentication.

  • December 05, 2006 05 Dec'06

    IBM to acquire compliance software firm

    IBM plans to acquire Consul Risk Management Inc., a Delft, Netherlands-based firm whose software tracks non-compliant behavior of employees.

  • September 14, 2006 14 Sep'06

    Are companies ready to trust DHS database?

    DHS is trying to convince private companies that any information submitted to the National Asset Database will be protected. It remains to be seen if the agency is succeeding.

  • August 18, 2006 18 Aug'06

    Apple fixes Xsan security flaw

    Attackers could exploit a security flaw in Apple's Xsan file system to launch malicious code and crash vulnerable machines, but a fix is available.

  • August 17, 2006 17 Aug'06

    Security Bytes: Symantec patches Veritas NetBackup PureDisk flaw

    Meanwhile: Two MySQL database flaws are fixed, a study finds that many companies have lost laptops and the VA upgrades computer encryption after recent security breaches.

  • August 11, 2006 11 Aug'06

    Symantec fixes Backup Exec flaw

    Attackers could exploit flaws in Symantec Backup Exec 9.1 and 9.2 for NetWare Servers to cause a denial of service, launch malicious code and gain access to vulnerable machines.

  • August 07, 2006 07 Aug'06

    VA desktop PC stolen, 36,000 could be at risk

    Update: The incident marks the second time in less than three months that a VA device with sensitive information has been compromised. One expert blames the systematic problem of too much internal trust.

  • August 03, 2006 03 Aug'06

    Old attack vectors are back in style

    Black Hat: Like hip-huggers and tweed, once-popular attack methods like ciphertext manipulation are finding new life as hackers look to cut through well-worn Web applications.

  • August 01, 2006 01 Aug'06

    Compliance demands a technology toolbox

    There's really no one technology answer for regulatory compliance. That's why experts suggest that a variety of tools are needed to meet the requirements of regulations such as Sarbanes-Oxley.

  • July 13, 2006 13 Jul'06

    NIPP may not address realities of information security

    The Department of Homeland Security has issued the final version of the National Infrastructure Protection Plan, but some say it falls short of being a comprehensive risk management framework for the nation's infrastructure.

  • July 07, 2006 07 Jul'06

    Credant helps IT shops secure mobile technology

    Product review: Though some features need work, Mobile Guardian Enterprise Edition 5.1 achieves its main mission of protecting confidential data on portable devices.

  • June 06, 2006 06 Jun'06

    Easy hacks still tripping up corporate victims

    Analysts at this year's Gartner IT Security Summit explain how thieves are becoming data theft mavens by using freely available tools to hijack sensitive data from stolen PC.

  • May 24, 2006 24 May'06

    Does email archiving mean keep everything?

    An expert at the Storage Decisions conference weighs in on whether it makes sense to keep data forever or if reducing data also reduces risk. Plus dirt on conniving lawyers and dodgy tape practices.

  • May 12, 2006 12 May'06

    Security Blog Log: Data storage bills go to extremes

    This week, lawmakers miss the middle ground when it comes to how long electronic data should be stored. Meanwhile, a hacker defaces electronic subway signs to suggest prime minister is a monster.

  • May 04, 2006 04 May'06

    Where hard drives go to die, or do they?

    A number of enterprises are using asset disposal firms to ensure sensitive corporate data is destroyed, but the process is hardly foolproof. In fact, a convicted felon could have his hands on your data right now.