Security Management Strategies for the CIO
Email Alerts
-
Quiz: Architectural considerations for enterprise antimalware deployments
Test your knowledge of architectural considerations for enterprise antimalware deployments in this short quiz. Quiz
-
NAC security guide: How to achieve secure network access in the enterprise
This multi-part network access control (NAC) security guide covers a variety of NAC-related topics, offering tips and expert advice on how to thoroughly secure network access to the enterprise. Learning Guide
-
Mobile device security needs new approach, experts say
Companies lack the tools to control the onslaught of mobile devices in the enterprise. Feature
-
Phil Agcaoili: Consumerization of IT and enterprise evolution
Consumer devices in the workplace and the shift to cloud services require new security standards and heightened security awareness. Feature
-
Endpoint protection best practices manual: Combating issues, problems
Learn how to employ effective endpoint security controls, technologies and policies, and well as define methods and techniques for a multilayered endpoint defense system. Learning Guide
-
Quiz: Endpoint security on a budget
Take this five-question quiz and test your knowledge of low-cost endpoint security techniques. Quiz
-
Endpoint Security
Read an excerpt from the book, Endpoint Security. In Chapter 3, "Something is Missing," author Mark S. Kadrich reveals a new way of modeling the network. chapter excerpt
-
PING with Christopher Ray
In an exclusive interview with Information Security magazine, Christopher Ray, second vice president of information security for insurance provider AFLAC, explains why endpoint security is more than device integrity checks, for example, it's a combin... Information Security maga
-
Endpoint security quiz answers
SearchSecurity Retention
-
Life at the edge part 4: When things go wrong
A checklist and other hints to protect your Web servers from a worst-case scenario. Security School
- See More: Essential Knowledge on Client security
-
Avast leads, Microsoft free antivirus gaining in AV market share report
An analysis of installed endpoint security applications found Avast with a strong lead in the global antivirus market, followed by Avira, AVG, Microsoft and ESET. News | 12 Mar 2012
-
Remote administration software weaknesses plague businesses
Attackers are finding an easy way into corporate networks often by targeting remote management weaknesses. Poorly configured software can lead to a data security breach. News | 13 Feb 2012
-
HP printer vulnerabilities leave millions of printers susceptible to attack
Researchers at Columbia University have discovered a vulnerability in HP’s LaserJet printers that could allow attackers to gain complete remote control. News | 30 Nov 2011
-
NIST guidelines seek to minimize risk of BIOS attacks
Amid emerging attack methods and the rollout of a new generation of BIOS, NIST offers guidelines to help enterprises reduce the risk of BIOS attacks. News | 21 Sep 2011
-
Intel demonstrates McAfee DeepSAFE security platform
Intel showcases the potential of McAfee's new hardware security technology, but shares few details about its product strategy. News | 14 Sep 2011
-
RSA adds malware domain feeds to CyberCrime Intelligence Service
List of malware domains can be fed into IPS and IDS appliances to disrupt communication between malware and an attacker’s command and control server. News | 17 Aug 2011
-
Symantec turns to reputation security to bolster malware signatures
Symantec Enterprise Protection 12 suite uses new Insight and SONAR technology to monitor executables and provide reputation scoring to its traditional malware signature approach. Article | 14 Feb 2011
-
Consortium to certify integrated endpoint security software
AVG, McAfee and Microsoft Corp. will work with the ISCA Labs to test and certify integrated endpoint security components. Article | 06 Dec 2010
-
How should enterprises respond to Firesheep?
SearchSecurity editors talk about how enterprises can respond to Firesheep and employee use of public WiFi. Also, a discussion on Microsoft's ISP NAC plan and Google's bug bounty. News | 16 Nov 2010
-
At McAfee Focus 10, customers await integrated chip security
Intel's $7.7 billion acquisition of McAfee could broaden chip-based security initiatives across the entire industry, said McAfee CEO Dave DeWalt at the vendor's annual Focus 10 conference. Article | 12 Oct 2010
- See More: News on Client security
-
Enterprise antimalware excess? Managing antimalware security products
Enterprise antimalware has a way of spreading everywhere. Get Diana Kelley's advice on managing antimalware security products efficiently. Tip
-
Mac enterprise security: Going beyond Mac malware scans
More attackers see an opportunity in Mac enterprise environments. Mike Cobb explains how to ensure a Mac enterprise security plan goes beyond Mac malware scans. Tip
-
P2P encryption: Pros and cons of point-to-point encryption
P2P encryption is an emerging technology; one that may be helpful for many companies, especially merchants. Mike Chapple dissects the pros and cons. Tip
-
Antivirus engines: Lessons learned from the Tavis Ormandy Sophos research
Learn how the discovery of several flaws in the Sophos antivirus engine can help advance the state of antimalware software. Tip
-
Windows vs. Mac security: An enterprise endpoint security comparison
Expert Mike Chapple explores the security implications of running Macs on the corporate network in a side-by-side comparison of Windows vs. Mac security. Tip
-
iPad security policy pointers for enterprise iPad endpoint integrity
As enterprise iPad use increases, companies must make decisions about iPad security policy and how to enforce it. Lisa Phifer offers several tactics for ensuring iPad endpoint integrity. Tip
-
Creating a network endpoint security policy for hostile endpoints
The plethora of IP-enabled devices available today makes it harder to discern a friendly endpoint from a hostile one. Learn how to create an endpoint security policy for non-corporate-owned devices. Tip
-
How to keep networks secure when deploying an 802.11n upgrade
Before you upgrade to 802.11n, Lisa Phifer has seven questions that every network security pro should consider. Tip
-
How to defend against rogue DHCP server malware
Rogue DHCP server malware is a new twist on an old concept. The good news is that effective threat mitigation strategies exist; the bad news is that many organizations haven't bothered to deploy them. Tip
-
Three ways to prioritize endpoint security over perimeter defenses
Midmarket organizations should prioritize endpoint security management over perimeter defenses. Tip
- See More: Tips on Client security
-
BIOS management best practices: BIOS patches and BIOS updates
Amid growing concern over BIOS threats, expert Mike Cobb discusses how organizations should manage BIOS patches and BIOS updates. Answer
-
Addressing HP netbook security with webOS discontinued
A company contemplates the security implications of continuing an HP netbook rollout with webOS discontinued Answer
-
How to bolster BIOS security to prevent BIOS attacks
BIOS attacks can be thwarted by implementing NIST guidelines for BIOS security. Answer
-
How the Google malware warning system can help minimize infections
Eventually hackers will manipulate Google’s malware warning feature, but it may help prevent future infections. Answer
-
Will independent endpoint protection review improve products?
ICSA Labs recently announced a new endpoint security certification. Could it help improve endpoint security products? Answer
-
PCI Requirement 12.8.2: When is client compliance necessary?
Expert Charles Denyer addresses whether the PCI 12.8.2 requirement forces an organization working with a payment card merchant to become compliant. Answer
-
Is laptop remote wipe needed for effective laptop data protection?
Expert Michael Cobb explains how laptop remote wipe technology can ease data loss fears, but shouldn’t be solely relied upon. Answer
-
Can any one endpoint security system prevent all types of Web attacks?
Is there one tool that combines all the functionalities needed to protect against Web-based attacks? Expert Nick Lewis weighs in. Answer
-
Microsoft security check: Is a Redmond Internet health check viable?
While it would be nice to check every computer for malware before allowing it on the Internet, expert Nick Lewis details why this is problematic. Answer
-
Can home PCs provide a way for viruses and spyware to enter a corporate LAN?
When considering allowing remote access to a corporate LAN, security concerns are paramount, especially when corporate security pros have no control over the home PCs. Learn how to protect the corporate LAN from viruses and spyware. Ask the Expert
- See More: Expert Advice on Client security
-
buffer overflow
A buffer overflow occurs when a program or process tries to store more data in a buffer (temporary data storage area) than it was intended to hold. Definition
-
email spoofing
E-mail spoofing is the forgery of an e-mail header so that the message appears to have originated from someone or somewhere other than the actual source. Definition
-
phishing
Phishing is an e-mail fraud method in which the perpetrator sends out legitimate-looking email in an attempt to gather personal and financial information from recipients. Definition
-
social engineering
Social engineering is a term that describes a non-technical kind of intrusion that relies heavily on human interaction and often involves tricking other people to break normal security procedures. Definition
-
Wired Equivalent Privacy (WEP)
Wired Equivalent Privacy (WEP) is a security protocol, specified in the IEEE Wireless Fidelity (Wi-Fi) standard, 802.11b, that is designed to provide a wireless local area network (WLAN) with a level of security and privacy comparable to what is usua... Definition
-
brute force cracking
Brute force (also known as brute force cracking) is a trial and error method used by application programs to decode encrypted data such as passwords or Data Encryption Standard (DES) keys, through exhaustive effort (using brute force) rather than emp... Definition
-
Crash Course: Spyware
In general, spyware is any technology that aids in gathering information about a person or organization without their knowledge. Definition
-
Revitalizing endpoint security with VDI desktops
Implementing VDI desktops provides an opportunity to re-architech endpoint security and management. Learn how in this supercast with Eric Ogren. Video
-
Inside the NSA trusted computing strategy
The NSA’s Tony Sager discusses the NSA trusted computing strategy and the importance of finding cost-effective ways to disrupt potential attackers. Video
-
Jaquith on Forrester's endpoint security management Zero Trust Model
At Forrester Research Inc.'s Security Forum 2010 in Boston, Andrew Jaquith, senior analyst with Forrester, spoke with SearchSecurity.com about the research firm's Zero Trust Model for endpoint security. Video
-
Perimeter defense in the era of the perimeterless network
When it comes to perimeter defense, identifying the network edge is a challenge in itself. This video offers insight on defending the enterprise in a perimeterless world, including the issues of a perimeterless network and leading technologies for en... Video
-
Top tactics for endpoint security
The start- and end-points of today's enterprise networks are radically different than they were 10 years ago. IT staffs no longer have control over every endpoint connecting to the network, leading to a host of problems where access control is weak o... Video
-
Smart tactics for antivirus and antispyware
AV has become a commodity service with vendors touting value-added features and the ability to protect other parts of the network. This video addresses AV and antispyware from an architectural perspective. You'll learn the benefits of standalone prod... Video
-
2007 Security 7 Awards
The industry's best and brightest security officers discuss key issues and answer questions during the Security 7 awards at the 2007 Information Security Decisions conference. Video
-
NAC and endpoint security: The hard questions
Joel Snyder covers challenging endpoint security questions and explains how NAC technology can address them. Video
-
Quiz: Architectural considerations for enterprise antimalware deployments
Test your knowledge of architectural considerations for enterprise antimalware deployments in this short quiz. Quiz
-
Enterprise antimalware excess? Managing antimalware security products
Enterprise antimalware has a way of spreading everywhere. Get Diana Kelley's advice on managing antimalware security products efficiently. Tip
-
NAC security guide: How to achieve secure network access in the enterprise
This multi-part network access control (NAC) security guide covers a variety of NAC-related topics, offering tips and expert advice on how to thoroughly secure network access to the enterprise. Learning Guide
-
Avast leads, Microsoft free antivirus gaining in AV market share report
An analysis of installed endpoint security applications found Avast with a strong lead in the global antivirus market, followed by Avira, AVG, Microsoft and ESET. News
-
Remote administration software weaknesses plague businesses
Attackers are finding an easy way into corporate networks often by targeting remote management weaknesses. Poorly configured software can lead to a data security breach. News
-
Mac enterprise security: Going beyond Mac malware scans
More attackers see an opportunity in Mac enterprise environments. Mike Cobb explains how to ensure a Mac enterprise security plan goes beyond Mac malware scans. Tip
-
BIOS management best practices: BIOS patches and BIOS updates
Amid growing concern over BIOS threats, expert Mike Cobb discusses how organizations should manage BIOS patches and BIOS updates. Answer
-
Addressing HP netbook security with webOS discontinued
A company contemplates the security implications of continuing an HP netbook rollout with webOS discontinued Answer
-
P2P encryption: Pros and cons of point-to-point encryption
P2P encryption is an emerging technology; one that may be helpful for many companies, especially merchants. Mike Chapple dissects the pros and cons. Tip
-
HP printer vulnerabilities leave millions of printers susceptible to attack
Researchers at Columbia University have discovered a vulnerability in HP’s LaserJet printers that could allow attackers to gain complete remote control. News
- See More: All on Client security
About Client security
Develop client security and get information on client security software, how to build, implement and maintain secure procedures, awareness training and assessments for keeping your network safe from potentially unsecure laptops, desktops, and other endpoint machines.