Security Management Strategies for the CIO-
The case for an iOS and Android BYOD program
All BYOD platform options come with cost and risk. Craig Mathias explains why an iOS and Android BYOD program is viable for most organizations.
-
Assessing the security of Adobe's certificates
After a recent attack on Adobe, what mitigations should be put in place to avoid security issues with Adobe certificates? Expert Nick Lewis advises.
-
Explained: How a NGFW prevents application attacks
Next-generation firewalls can block common yet dangerous SQL-injection and buffer-overflow attacks. Learn how an NGFW stops application-layer attacks.
-
Complying with new COPPA regulations
After 15 years, the FTC announced updated COPPA regulations effective July 2013. Learn how to deal with this updated child Internet privacy mandate.
-
Top five free network intrusion detection tools
Snort is one of the industry's top network intrusion-detection tools, but there are plenty of free alternatives. Matthew Pascucci discusses.
-
How to implement and supplement remote wipe for BYOD
Remote data wipe is key to any BYOD security policy, but each OS handles it differently. Lisa Phifer covers how to use it with other controls to protect data.
-
Windows Server 2012 security: What to expect
Expert Michael Cobb wades through the security features of Windows Server 2012 to find out what's new and beneficial in Microsoft's latest release.
-
The Stored Communications Act and workplace privacy
A state supreme court decision addressing webmail hacking under the Stored Communications Act affects email privacy and the ability to sue hackers.
-
Analysis of new PCI mobile payment security guidelines
The PCI SSC recently released mobile application development security guidelines. Mike Chapple outlines the document and highlights key takeaways.
-
Learn to manage VPN leaks on dual-stack networks
The ongoing transition to IPv6 has revealed security issues with VPN leaks on dual-stack networks. Fernando Gont explains and offers mitigations.
-
Why having a CISO can reduce data breach costs
Filling the CISO position with the right person can reduce the costs a company will experience from a data breach. Expert Ernest Hayden explains why.
-
The Java security crisis: Using the JRE safely
Constant Java security vulnerabilities plague Oracle and enterprises alike. Expert Nick Lewis offers tips on how to use Java and the JRE securely.
-
Validation requirements for PCI DSS-covered merchants
Mike Chapple details the PCI validation requirements for merchants covered by PCI DSS.
-
Windows 8 security: What to expect; how to prepare
Expert Michael Cobb says Windows 8's security features, like Windows Defender and Secure Boot, are a step forward for desktop and BYOD security.
-
After antimalware: Managing the move to what's next
Is it time to "cut the cord" with endpoint antimalware? Matthew Pascucci discusses possible antivirus alternatives.
-
How to properly implement a Web security gateway
In this secure Web gateway overview, learn how to implement, configure and maintain a Web security gateway to support other security devices.
-
How to align an IAM program with business priorities
Randall Gamby says aligning enterprise identity and access management with business and CIO priorities demands a more strategic approach to IAM.
-
SAP security overview: How to deal with SSRF attacks
Expert Michael Cobb provides an SAP security overview, including steps enterprises can take to defend against server-side request forgery attacks.
-
Awareness training for executives: How to get started
Expert Ernie Hayden provides advice for enterprises that are establishing security awareness training for their security-unaware executives.
-
Security big data: How to get started
Learn how security big data initiatives support enterprise information security and how to prepare for a big data collection implementation.
-
Three simple rules for talking compliance with execs
Expert Mike Chapple explains how to communicate the status of a corporate compliance program to the board, including both successes and shortcomings.
-
Advanced malware and threat-detection products emerge
Traditional security tools are no longer sufficient for defending against new breeds of attacks, forcing advanced threat-detection products to emerge.
-
How to deploy network security devices the right way
John Burke offers advice on effectively deploying network security devices to protect sensitive data and manage the mobility boom in the enterprise.
-
Breach crisis: How to get better at intrusion detection
To solve the breach-detection issues highlighted in the 2013 Verizon DBIR, several intrusion detection techniques are needed, says expert Nick Lewis.