Security Management Strategies for the CIO
Email Alerts
-
An insider look at the Windows Vista security review
Although Windows Vista is seen as a failure in the marketplace, it’s a success in the security world. This month, Information Security Magazine goes behind the curtains of Vista as Paget unveils a firsthand account of her experience, exploring why it... E-Zine
-
Does security make the grade in Windows Server 2008?
In this month's issue of Information Security magazine: Is the security inherent in Windows Server 2008 enough to speed adoption? Learn how data loss prevention (DLP) tools help prevent incidents and assist with data discovery. Read about how Trojans... E-Zine
-
Unwrapping Windows Server 2003: An exclusive first look at Microsoft's new OS
Information Security magazine examines the security capabilities built into the brand new Windows Server 2003. Does it really break new ground in platform security? Also in this issue: over-the-air network security; assessing VoIP security; new threa... E-Zine
-
Trustworthy yet? An inside look at what's changed after a year of Microsoft Trustworthy Computing
When Bill Gates launched Trustworthy Computing at Microsoft, it was meant to fundamentally change the way the software giant operates. But has anything really changed? This month, we examine what's happened in the past 12 months, and the work left to... E-Zine
-
Is RDP secure? Guide to Microsoft RDP security, secure remote access
Is RDP secure? This mini learning guide, which is a collection of both news and technical content from SearchSecurity.com, examines the recent Microsoft RDP security vulnerabilities and how these problems could negatively impact an enterprise, as wel... guide
-
Quiz: Security-related enhancements in Windows Server 2008
Test your knowledge of Beth Quinlan's Windows Server 2008 lesson. Quiz
-
Quiz: Intrusion defense in the era of Windows Vista
A five-question multiple-choice quiz to test your understanding of the content presented by expert Peter H. Gregory in this lesson of SearchSecurity.com's Intrusion Defense School. Security School
-
Windows IIS server hardening checklist
Use this checklist on the job to secure your IIS server. Security School
-
Securing Windows Server 2008
This lesson will provide an overview of the features and enhancements, including read-only domain controllers, Network Access Protection and more. partOfGuideSeries
-
Quiz: Securing Microsoft Exchange
A five-question multiple-choice quiz to test your understanding of the content presented in this lesson of SearchSecurity.com's Messaging Security School. Messaging Security School
-
Authenticating Windows
Three options for Windows authentication with eSSO clients. Information Security maga
-
Web Security School Final Exam Answers
Take this final exam to assess your knowledge of Web Security. Security Quiz Answer
-
SAP Security Learning Guide
This guide pulls SAP security information from both SearchSecurity.com and its sister site, SearchSAP.com, to provide the most comprehensive resource around for all aspects of making your SAP system bulletproof. Learning Guide
-
Incident response process brings ROI and peace of mind
In this excerpt of Chapter 2 from ISACA's Cybercrime: Incident Response and Digital Forensics, author Robert Schperberg looks at the benefits of instituting an incident response process. Reprint
- See more Essential Knowledge on Windows Security: Alerts, Updates and Best Practices
-
Office, 32-bit Windows fixes included in Patch Tuesday update
Microsoft offered five bulletins in June's Patch Tuesday updates, with 19-vulnerability critical Internet Explorer patch and Windows Server 2008 fixes. News | 11 Jun 2013
-
Temporary fix out for Department of Labor website IE8 zero-day
Microsoft is still working on a permanent fix for the IE8 zero-day found in the Dept. of Labor website attack. Also: Adobe preps ColdFusion patch. News | 09 May 2013
-
April Patch Tuesday security update could cause system errors
Microsoft has pulled a faulty security update in MS13-036, part of its April 2013 Patch Tuesday release. Those who had installed it should remove it. News | 12 Apr 2013
-
With Windows XP security updates ending, enterprises must plan ahead
With Windows XP security updates ending in 2014, organizations still running the venerable Microsoft OS should start making transition plans. News | 11 Apr 2013
-
Two 'critical' bulletins planned for April 2013 Patch Tuesday
Microsoft plans to issue nine bulletins for its April 2013 Patch Tuesday release, including two "critical" fixes for Internet Explorer and Windows iterations. News | 04 Apr 2013
-
Brief: Microsoft out-of-band patch addresses IE zero-day
Microsoft has announced it will issue an out-of-band patch to the zero-day flaw affecting Internet Explorer versions 6 through 8. News | 14 Jan 2013
-
Internet Explorer zero-day exploit overshadows light Patch Tuesday fixes
Admins begin the new year with a light Patch Tuesday that includes two critical bulletins, but they'll also want to pay attention to an exploit in IE. News | 09 Jan 2013
-
Internet Explorer vulnerabilities fixed in December 2012 Patch Tuesday
Microsoft released seven security bulletins, addressing flaws in Internet Explorer, Word and Windows kernel-mode drivers. News | 11 Dec 2012
-
Patch Tuesday: Five critical bulletins, Exchange Server fix expected
In addition to Exchange Server, updates fix flaws in Internet Explorer, Microsoft Office and Microsoft Word. News | 06 Dec 2012
-
Windows 8 security features improve, but IT concerns remain
Microsoft made several security improvements in Windows 8, such as adding the new Secure Boot feature. But vulnerabilities remain. News | 19 Nov 2012
- See more News on Windows Security: Alerts, Updates and Best Practices
-
Analysis: Windows 8 security features improve on Windows 7 security
Expert Michael Cobb says Windows 8's security features, like Windows Defender and Secure Boot, are a step forward for desktop and BYOD security. Tip
-
Don't ignore Windows 8 security when reviewing desktop vulnerabilities
Microsoft Windows 8 security may not be at the top of IT admins' to-do lists, but they should pay attention to the OS's features and flaws. Tip
-
Under the Surface: How Windows tablet security meets BYOD challenges
Expert Michael Cobb says the forthcoming Windows tablet security features on Microsoft's Surface could help meet enterprise BYOD challenges. Tip
-
Remote Desktop Protocol security: How to secure RDP network endpoints
What is RDP and why does it pose a security threat? Expert Matt Pascucci explains why it’s needed and how best to secure RDP it in the enterprise. Tip
-
Windows 7 network security: Keys to a Windows 7 upgrade project plan
Ensure Windows 7 network security during your enterprise desktop upgrade with two essential elements for your Windows 7 upgrade project plan. Tip
-
Windows vs. Mac security: An enterprise endpoint security comparison
Expert Mike Chapple explores the security implications of running Macs on the corporate network in a side-by-side comparison of Windows vs. Mac security. Tip
-
Call to action: Is now the time to upgrade from Windows XP to 7?
A disproportionate percentage of PCs infected with rootkits are running Windows XP. Does the upgrade from Windows XP to 7 need to happen now? Tip
-
Assessing Internet Explorer 9 security: Safest browser ever?
Research shows Internet Explorer 9 security identifies as much as 99% of potential malware. So is IE9 now the safest browser out there? Michael Cobb answers that question in this expert tip. Tip
-
A primer for user privilege management in Windows Server 2008
Privilege management can be a troublesome endeavor, but Windows Server 2008 introduces a multi-level privilege attribute system with better limits for standard users. Expert Randall Gamby explains the options in Windows Server 2008 for user privilege... Tip
-
Microsoft IIS 7 security best practices
Are you up to date with Microsoft IIS security best practices? Don't allow your enterprise to become vulnerable. Tip
- See more Tips on Windows Security: Alerts, Updates and Best Practices
-
Advocating for a Microsoft EMET deployment amid configuration issues
Expert Michael Cobb discusses whether EMET configuration issues should deter a security team from pushing for an enterprise EMET deployment. Answer
-
Using EMET to harden Windows XP and other legacy applications
Expert Michael Cobb details how using EMET, a free tool from Microsoft, can harden Windows XP and other legacy applications. Answer
-
Utilize Windows 8 ELAM to secure the boot process, detect rootkits
Expert Michael Cobb details how the Windows 8 ELAM feature can detect rootkits and other malicious drivers, help secure the Windows boot process. Answer
-
Windows Phone 8 security: An enterprise alternative to BlackBerry?
Expert Michael Cobb assesses Windows Phone 8 security to determine whether WP8 devices are safe enough to replace the BlackBerry in the enterprise. Answer
-
Windows RT security: Does Microsoft's mobile OS differ from Windows 8?
How should enterprises prepare for securing Windows RT devices? Expert Michael Cobb discusses the security differences between Windows RT and 8. Answer
-
Adjust security policies to combat Windows password hint attacks
Researchers have revealed potential Windows user password hint vulnerabilities. Expert Michael Cobb discusses how to address such attacks in policies. Answer
-
Preparing for Windows 8 BYOD: Security features on Windows 8 tablets
How should enterprises be preparing for Windows 8 BYOD tablets? Expert Michael Cobb breaks down the security features for Microsoft's upcoming OS. Answer
-
BIOS management best practices: BIOS patches and BIOS updates
Amid growing concern over BIOS threats, expert Mike Cobb discusses how organizations should manage BIOS patches and BIOS updates. Answer
-
Service Pack 1 for Windows 7: What you need to know
Michael Cobb explains why Service Pack 1 for Windows 7 is different than service packs in the past. Answer
-
Microsoft security check: Is a Redmond Internet health check viable?
While it would be nice to check every computer for malware before allowing it on the Internet, expert Nick Lewis details why this is problematic. Answer
- See more Expert Advice on Windows Security: Alerts, Updates and Best Practices
-
principle of least privilege (POLP)
The principle of least privilege (POLP) is the practice of limiting access to the minimal level that will allow normal functioning. Applied to employees, the principle of least privilege translates to giving people the lowest level of user rights t... Definition
-
BotHunter
BotHunter is a type of bot application that looks for other bots by tracking two-way communication flows between active software inside a private network and external entities... (Continued) Definition
-
trusted computing
Trusted computing is a broad term that refers to technologies and proposals for resolving computer security problems through hardware enhancements and associated software modifications... (Continued) Definition
-
security identifier (SID)
In Windows NT and 2000 operating systems, the security identifier (SID) is a unique alphanumeric character string that identifies each operating system and each user in a network of NT/2000 systems. Definition
-
How to use Microsoft's MAP toolkit security assessment application
Video: Keith Barker of CBT Nuggets details how to use Microsoft's MAP Toolkit security assessment application to find and report on vulnerable endpoints. Screencast
-
Researcher lauds Windows 8 memory protections
Video: New memory-based protections in Windows 8 make heap-based buffer overflow attacks much more difficult. Video
-
IE9 security, Apple security issues: Video with Gartner’s Neil MacDonald
In this video, Gartner’s Neil MacDonald discusses patch management, IE9 security, his Windows 8 security wish list and protecting Apple computers. Video
-
Using Windows 7 security features in your data protection program
Lisa Phifer discusses Windows 7 security features like AppLocker, User Access Controls, BitLocker and BitLockerToGo, Volume Shadow Copy and DirectAccess. Video
-
Adobe: Flash security and the Microsoft Active Protections Program
Brad Arkin discusses Adobe's strategy to secure Flash Player and its decision to join the Microsoft Active Protections Program. Video
-
Advocating for a Microsoft EMET deployment amid configuration issues
Expert Michael Cobb discusses whether EMET configuration issues should deter a security team from pushing for an enterprise EMET deployment. Answer
-
Office, 32-bit Windows fixes included in Patch Tuesday update
Microsoft offered five bulletins in June's Patch Tuesday updates, with 19-vulnerability critical Internet Explorer patch and Windows Server 2008 fixes. News
-
Using EMET to harden Windows XP and other legacy applications
Expert Michael Cobb details how using EMET, a free tool from Microsoft, can harden Windows XP and other legacy applications. Answer
-
Temporary fix out for Department of Labor website IE8 zero-day
Microsoft is still working on a permanent fix for the IE8 zero-day found in the Dept. of Labor website attack. Also: Adobe preps ColdFusion patch. News
-
April Patch Tuesday security update could cause system errors
Microsoft has pulled a faulty security update in MS13-036, part of its April 2013 Patch Tuesday release. Those who had installed it should remove it. News
-
With Windows XP security updates ending, enterprises must plan ahead
With Windows XP security updates ending in 2014, organizations still running the venerable Microsoft OS should start making transition plans. News
-
Two 'critical' bulletins planned for April 2013 Patch Tuesday
Microsoft plans to issue nine bulletins for its April 2013 Patch Tuesday release, including two "critical" fixes for Internet Explorer and Windows iterations. News
-
Utilize Windows 8 ELAM to secure the boot process, detect rootkits
Expert Michael Cobb details how the Windows 8 ELAM feature can detect rootkits and other malicious drivers, help secure the Windows boot process. Answer
-
How to use Microsoft's MAP toolkit security assessment application
Video: Keith Barker of CBT Nuggets details how to use Microsoft's MAP Toolkit security assessment application to find and report on vulnerable endpoints. Screencast
-
Windows Phone 8 security: An enterprise alternative to BlackBerry?
Expert Michael Cobb assesses Windows Phone 8 security to determine whether WP8 devices are safe enough to replace the BlackBerry in the enterprise. Answer
- See more All on Windows Security: Alerts, Updates and Best Practices
About Windows Security: Alerts, Updates and Best Practices
Having problems with Windows Vista and XP security? Get tips and tricks on how to repair problems and how to install security patches and updates. Advice is also offered on tools, threats, deployment, features and software.