Security Management Strategies for the CIO
Email Alerts
-
Enterprise network security visibility: Beyond traditional defenses
Organizations have implemented various network security technologies to gain better visibility into their networks. However, these security technologies place an increased demand on the network. This TechGuide explores how to improve network security... E-Handbook
-
State of the art endpoint management
Employees use cloud services for work whether they’re sanctioned by IT or not. IT's only choices -- aside from blocking every service, which won’t make users happy -- are to embrace these services or develop user- and IT-friendly alternatives. It’s n... E-Handbook
-
Cloud initiatives are changing roles for information security managers
This edition features the results of our 2011 priorities survey. Today's information security managers are getting more of a say in enterprise cloud initiatives and mobile device projects. Plus, learn from the experts about the best ways to enforce ... E-Zine
-
Combatting the new security threats of today's mobile devices
This month’s cover story focuses on the security threats that mobile devices and portable storage introduce. Other articles expound on topics like fraud prevention, security planning, and code outsourcing. Read on to learn about these important subje... E-Zine
-
Comparing seven top integrated endpoint security suites
A colorful array of seven complex integrated endpoint security suites is put to the test. See which fared best. Also in this issue, learn more about revamping remote access, getting to know honeyclients and winning the Web 2.0 tug-of-war. E-Zine
-
Choosing security products: Enterprise antimalware software, appliances
guide
-
Outsourcing security services in the enterprise: Where to begin
Outsourcing security services doesn’t have to mean moving to the cloud. Enterprises have many options for outsourcing security services, including managed and hosted services. Feature
-
Managing BYOD endpoint security
This Security School will break down those challenges and help you develop and over-arching security strategy that cuts across the myriad threats and platforms inside your organization. partOfGuideSeries
-
Quiz: Architectural considerations for enterprise antimalware deployments
Test your knowledge of architectural considerations for enterprise antimalware deployments in this short quiz. Quiz
-
Considerations for antimalware deployments
Early antivirus products were host-based agents that used basic signature detection to scan hard drives for malicious code. Today’s antimalware is more sophisticated with enterprises operating not only within the network perimeter, but on mobile devi... partOfGuideSeries
-
NAC security guide: How to achieve secure network access in the enterprise
This multi-part network access control (NAC) security guide covers a variety of NAC-related topics, offering tips and expert advice on how to thoroughly secure network access to the enterprise. Learning Guide
-
Endpoint protection advice: Improving NAC with secure endpoints
This endpoint protection tutorial discuss several aspects of endpoint protection, including how to use endpoint fingerprinting, how to create an endpoint security lifecycle, how to solve problems related to insecure endpoints. Tutorial
-
Mobile device security needs new approach, experts say
Companies lack the tools to control the onslaught of mobile devices in the enterprise. Feature
-
Phil Agcaoili: Consumerization of IT and enterprise evolution
Consumer devices in the workplace and the shift to cloud services require new security standards and heightened security awareness. Feature
-
Endpoint protection best practices manual: Combating issues, problems
Learn how to employ effective endpoint security controls, technologies and policies, and well as define methods and techniques for a multilayered endpoint defense system. Learning Guide
- See more Essential Knowledge on Client security
-
Secunia: More focus needed on third-party application security
Secunia highlights the growing need for better third-party application security, plus Microsoft's security improvements, and the growing cost of zero-days. News | 14 Mar 2013
-
Blue Coat to acquire UTM networking firm Crossbeam
Blue Coat said Crossbeam gives it a platform for its software and also helps bolster its network optimization strategy in high-end data centers. News | 17 Dec 2012
-
Symantec launches Endpoint Protection 12.1, VDI support
Symantec joins other security firms in supporting VMware vShield Endpoint in a bid to reduce the problem of AV storms. News | 04 Dec 2012
-
Study finds most antivirus products ineffective
Slow updates to signature databases cause some antivirus products to be ineffective against known threats, according to a study by security firm Imperva. News | 27 Nov 2012
-
Malwarebytes Enterprise Edition debuts with features designed for the SMB
The popularity of Malwarebytes Anti-Malware for consumers paved the way for a business version News | 17 Sep 2012
-
Avast leads, Microsoft free antivirus gaining in AV market share report
An analysis of installed endpoint security applications found Avast with a strong lead in the global antivirus market, followed by Avira, AVG, Microsoft and ESET. News | 12 Mar 2012
-
Remote administration software weaknesses plague businesses
Attackers are finding an easy way into corporate networks often by targeting remote management weaknesses. Poorly configured software can lead to a data security breach. News | 13 Feb 2012
-
HP printer vulnerabilities leave millions of printers susceptible to attack
Researchers at Columbia University have discovered a vulnerability in HP’s LaserJet printers that could allow attackers to gain complete remote control. News | 30 Nov 2011
-
NIST guidelines seek to minimize risk of BIOS attacks
Amid emerging attack methods and the rollout of a new generation of BIOS, NIST offers guidelines to help enterprises reduce the risk of BIOS attacks. News | 21 Sep 2011
-
Intel demonstrates McAfee DeepSAFE security platform
Intel showcases the potential of McAfee's new hardware security technology, but shares few details about its product strategy. News | 14 Sep 2011
- See more News on Client security
-
Examining device-based authentication
Combining device-based authentication technology with existing user-based authentication would be appealing for many organizations, but technical details remain unclear. Column
-
Cloud endpoint security considerations: Deployment, alerts and reports
Key functions are missing in many cloud-based endpoint security services. Kevin Tolly of The Tolly Group reviews deployment, alerting and reporting. Tip
-
Technical considerations for selecting the best antimalware technology
Mike Rothman discusses the evolution of malware and how today's antimalware products should handle detection and remediation. Tip
-
Gigabit Wi-Fi security: Is the new 802.11ac standard worth an upgrade?
Will Gigabit Wi-Fi significantly alter network security, or will it mean business as usual? Expert Brad Casey discusses the new 802.11ac standard. Tip
-
After antimalware: Moving toward endpoint antivirus alternatives
Is it time to "cut the cord" with endpoint antimalware? Matthew Pascucci discusses possible antivirus alternatives. Tip
-
Free or paid antivirus: Effective enterprise antivirus at no cost?
When looking for effective enterprise antivirus software, does it matter whether it is free or paid antivirus? Yes it does, says expert Michael Cobb. Tip
-
Enterprise antimalware excess? Managing antimalware security products
Enterprise antimalware has a way of spreading everywhere. Get Diana Kelley's advice on managing antimalware security products efficiently. Tip
-
Mac enterprise security: Going beyond Mac malware scans
More attackers see an opportunity in Mac enterprise environments. Mike Cobb explains how to ensure a Mac enterprise security plan goes beyond Mac malware scans. Tip
-
P2P encryption: Pros and cons of point-to-point encryption
P2P encryption is an emerging technology; one that may be helpful for many companies, especially merchants. Mike Chapple dissects the pros and cons. Tip
-
Antivirus engines: Lessons learned from the Tavis Ormandy Sophos research
Learn how the discovery of several flaws in the Sophos antivirus engine can help advance the state of antimalware software. Tip
-
Windows vs. Mac security: An enterprise endpoint security comparison
Expert Mike Chapple explores the security implications of running Macs on the corporate network in a side-by-side comparison of Windows vs. Mac security. Tip
- See more Tips on Client security
-
How to test antimalware products before a full enterprise deployment
Expert Michael Cobb discusses how to thoroughly test antimalware products before they are deployed in a potentially harsh enterprise setting. Answer
-
Establish a screen timeout period as part of a BYOD security policy
Expert Michael Cobb provides advice on why and how enterprises should establish a screen timeout period as part of any BYOD security policy. Answer
-
BIOS management best practices: BIOS patches and BIOS updates
Amid growing concern over BIOS threats, expert Mike Cobb discusses how organizations should manage BIOS patches and BIOS updates. Answer
-
Addressing HP netbook security with webOS discontinued
A company contemplates the security implications of continuing an HP netbook rollout with webOS discontinued Answer
-
How to bolster BIOS security to prevent BIOS attacks
BIOS attacks can be thwarted by implementing NIST guidelines for BIOS security. Answer
-
How the Google malware warning system can help minimize infections
Eventually hackers will manipulate Google’s malware warning feature, but it may help prevent future infections. Answer
-
Will independent endpoint protection review improve products?
ICSA Labs recently announced a new endpoint security certification. Could it help improve endpoint security products? Answer
-
PCI Requirement 12.8.2: When is client compliance necessary?
Expert Charles Denyer addresses whether the PCI 12.8.2 requirement forces an organization working with a payment card merchant to become compliant. Answer
-
Is laptop remote wipe needed for effective laptop data protection?
Expert Michael Cobb explains how laptop remote wipe technology can ease data loss fears, but shouldn’t be solely relied upon. Answer
-
Can any one endpoint security system prevent all types of Web attacks?
Is there one tool that combines all the functionalities needed to protect against Web-based attacks? Expert Nick Lewis weighs in. Answer
- See more Expert Advice on Client security
-
buffer overflow
A buffer overflow occurs when a program or process tries to store more data in a buffer (temporary data storage area) than it was intended to hold. Definition
-
email spoofing
E-mail spoofing is the forgery of an e-mail header so that the message appears to have originated from someone or somewhere other than the actual source. Definition
-
phishing
Phishing is an e-mail fraud method in which the perpetrator sends out legitimate-looking email in an attempt to gather personal and financial information from recipients. Definition
-
social engineering
Social engineering is a term that describes a non-technical kind of intrusion that relies heavily on human interaction and often involves tricking other people to break normal security procedures. Definition
-
Wired Equivalent Privacy (WEP)
Wired Equivalent Privacy (WEP) is a security protocol, specified in the IEEE Wireless Fidelity (Wi-Fi) standard, 802.11b, that is designed to provide a wireless local area network (WLAN) with a level of security and privacy comparable to what is usua... Definition
-
brute force cracking
Brute force (also known as brute force cracking) is a trial and error method used by application programs to decode encrypted data such as passwords or Data Encryption Standard (DES) keys, through exhaustive effort (using brute force) rather than emp... Definition
-
Crash Course: Spyware
In general, spyware is any technology that aids in gathering information about a person or organization without their knowledge. Definition
-
Malware detection and prevention fundamentals
Learn about the state of the malware landscape as it pertains to small and medium sized businesses and get a rundown on the most common types of malware. Video
-
Revitalizing endpoint security with VDI desktops
Implementing VDI desktops provides an opportunity to re-architech endpoint security and management. Learn how in this supercast with Eric Ogren. Video
-
Inside the NSA trusted computing strategy
The NSA’s Tony Sager discusses the NSA trusted computing strategy and the importance of finding cost-effective ways to disrupt potential attackers. Video
-
Jaquith on Forrester's endpoint security management Zero Trust Model
At Forrester Research Inc.'s Security Forum 2010 in Boston, Andrew Jaquith, senior analyst with Forrester, spoke with SearchSecurity.com about the research firm's Zero Trust Model for endpoint security. Video
-
Perimeter defense in the era of the perimeterless network
When it comes to perimeter defense, identifying the network edge is a challenge in itself. This video offers insight on defending the enterprise in a perimeterless world, including the issues of a perimeterless network and leading technologies for en... Video
-
Top tactics for endpoint security
The start- and end-points of today's enterprise networks are radically different than they were 10 years ago. IT staffs no longer have control over every endpoint connecting to the network, leading to a host of problems where access control is weak o... Video
-
Enterprise endpoint security fundamentals
Video: Mike Chapple offers a "back to basics" look at enterprise endpoint security to identify the crucial components of an endpoint security program. Video
-
Discussing security operations: Security 7 awards video
The industry's best and brightest security officers discuss key issues and answer questions during the Security 7 awards at the 2007 Information Security Decisions conference. Video
-
NAC and endpoint security: The hard questions
Joel Snyder covers challenging endpoint security questions and explains how NAC technology can address them. Video
-
Smart tactics for antivirus and antispyware
AV has become a commodity service with vendors touting value-added features and the ability to protect other parts of the network. This video addresses AV and antispyware from an architectural perspective. You'll learn the benefits of standalone prod... Video
-
How to test antimalware products before a full enterprise deployment
Expert Michael Cobb discusses how to thoroughly test antimalware products before they are deployed in a potentially harsh enterprise setting. Answer
-
Cloud endpoint security considerations: Deployment, alerts and reports
Key functions are missing in many cloud-based endpoint security services. Kevin Tolly of The Tolly Group reviews deployment, alerting and reporting. Tip
-
Enterprise network security visibility: Beyond traditional defenses
Organizations have implemented various network security technologies to gain better visibility into their networks. However, these security technologies place an increased demand on the network. This TechGuide explores how to improve network security... E-Handbook
-
State of the art endpoint management
Employees use cloud services for work whether they’re sanctioned by IT or not. IT's only choices -- aside from blocking every service, which won’t make users happy -- are to embrace these services or develop user- and IT-friendly alternatives. It’s n... E-Handbook
-
Choosing security products: Enterprise antimalware software, appliances
guide
-
Technical considerations for selecting the best antimalware technology
Mike Rothman discusses the evolution of malware and how today's antimalware products should handle detection and remediation. Tip
-
Secunia: More focus needed on third-party application security
Secunia highlights the growing need for better third-party application security, plus Microsoft's security improvements, and the growing cost of zero-days. News
-
Outsourcing security services in the enterprise: Where to begin
Outsourcing security services doesn’t have to mean moving to the cloud. Enterprises have many options for outsourcing security services, including managed and hosted services. Feature
-
Gigabit Wi-Fi security: Is the new 802.11ac standard worth an upgrade?
Will Gigabit Wi-Fi significantly alter network security, or will it mean business as usual? Expert Brad Casey discusses the new 802.11ac standard. Tip
-
Managing BYOD endpoint security
This Security School will break down those challenges and help you develop and over-arching security strategy that cuts across the myriad threats and platforms inside your organization. partOfGuideSeries
- See more All on Client security
About Client security
Develop client security and get information on client security software, how to build, implement and maintain secure procedures, awareness training and assessments for keeping your network safe from potentially unsecure laptops, desktops, and other endpoint machines.