Manage
Learn to apply best practices and optimize your operations.
Cloud Data Storage Encryption and Data Protection Best Practices
Password management best practices for financial services firms
Password management is a fundamental tenet of effective information security, but it's harder than it seems to manage passwords correctly, and far too easy to mess it up. In this tip, contributor Tony Bradley shares best practices for effective ... Continue Reading
Is a Master Boot Record (MBR) rootkit completely invisible to the OS?
Whether or not we see widespread attacks that use MBR rootkits will depend upon two factors. Platform security expert Michael Cobb explains them both. Continue Reading
How to install and configure Nessus
Nessus, an open source vulnerability scanner, can scan a network for potential security risks and provide detailed reporting that enables you to remediate gaps in your corporation's security posture. This tip, the first in a series of three on ... Continue Reading
-
Best practices for application-level firewall selection and deployment
Application-level firewalls are an essential aspect of any organization's multi-layered defense strategy, but the implementation process has some security pros scratching their heads. In this tip, contributor Joel Dubin discusses the contrasting ... Continue Reading
Virtualization server security best practices
Avoid server virtualization security bad practices with these dos and don'ts. Get info on virtualization products, segmentation, implementation, avoiding malware, and staging, deploying and patching virtual machines, segmentation and implementation. Continue Reading
Product review: Klocwork Insight 8.0
SOFTWARE SECURITYContinue Reading
What are the pros and cons of zero-knowledge penetration tests?
A penetration tester with no previous knowledge of the site being tested may be able to give some insight unavailable to other forms of penetration testing, but there are pros and cons. Expert Michael Cobb weighs in.Continue Reading
Security breach management: Planning and preparation
All organizations face the risk of an information security breach. While it can be a gut-wrenching ordeal, learning how to manage a breach can make it much easier to contain the damage. In this tip, contributor Khalid Kark unveils several key ...Continue Reading
Webmail security: Best practices for data protection
Webmail has become a popular choice for enterprises looking to provide users with email access outside the office, but deployment of any Web-based email system presents a unique set of security challenges. In this Messaging Security School tip, ...Continue Reading
PCI compliance and Web applications: Code review or firewalls?
The Payment Card Industry Data Security Standard is about to get a new wrinkle involving Web applications. As of June 30, 2008, to achieve PCI compliance, enterprises must either have their custom Web application code reviewed or install Web ...Continue Reading
-
Are Internet cafe users' email credentials at risk?
Most browsers store all Web pages, including a user's message and other information, in a cache from which it is retrievable with relative ease. Expert Michael Cobb explains how to keep the personal data from getting into the wrong hands.Continue Reading
Secure Computing SafeWord 2008 product review
Secure Computing SafeWord 2008 delivers identity management and access control for Windows systems using tokens that generate secure single-use passcodes. Information Security magazine reviews these capabilities.Continue Reading
Face-Off: Is vulnerability research ethical?
Bruce Schneier and Marcus Ranum debate the ethics of vulnerability researchContinue Reading
7 Security Questions to Ask Your SaaS Provider
Outsourcing software as a service (SaaS) puts control over an organization's applications in the hands of others. Learn what questions to ask your provider, how to define security policies, how to understand how service providers handle security and...Continue Reading
5 Steps for Developing Strong Change Management Program Best Practices
Poor change control and configuration management can affect the security of your systems and networks. Follow these five steps for a strong change management program.Continue Reading
Worst practices: Bad security incidents to avoid
Some of information security's worst practices are just best practices ignored. And those guilty of today's big infosec mistakes range from chief security officers to network firewall managers to security staffs at giant financial firms and ...Continue Reading
Which operating system can best secure an FTP site?
In this expert Q&A, platform security expert Michael Cobb explains how a secure FTP protocol can improve websites and Web services.Continue Reading
Varonis DatAdvantage product review
Varonis DatAdvantage data governance software is evaluated on its configuration and management, effectiveness, policy control and reporting.Continue Reading
Companies Collecting Too Much Customer Data Increase Exposure
If the risk of losing customer or partner information outweighs its value, why collect it in the first place?Continue Reading
Worst Practices: Three big identity and access management mistakes
Simple IAM mistakes such as writing down passwords and unaudited user accounts can allow malicious access into corporate networks. In this tip, contributor Joel Dubin exposes the most common identity management and access control blunders, and ...Continue Reading
What ports should be opened and closed when IPsec filters are used?
In this SearchSecurity.com Q&A, application security expert Michael Cobb explains how to set up separate branch IPsec filters that connect with a head office.Continue Reading
Is Triple DES a more secure encryption scheme than DUKPT?
Both DES and TDES use a symmetric key, but Michael Cobb explains their separate and distinct roles in protecting financial transactions.Continue Reading
Misconfiguration issues could have contributed to Hannaford breach
Hannaford takes heat from officials who believe the supermarket chain was slow in disclosing its breach. Meanwhile, one of Hannaford's security vendors gets defensive.Continue Reading
Web scanning and reporting best practices
Implementing a solid Web scanning routine is a key way to avoid corporate Web application attacks. And with industry requirements such as PCI DSS, performing vulnerability scans are also required to stay compliant. In this tip, contributor Joel ...Continue Reading
DMVPN configuration: Should a firewall be between router and Internet?
Cisco's Dynamic Multipoint VPN (DMVPN) product allows the configuration of site-to-site VPNs across WAN connections. Security expert Mike Chapple explains how a firewall fits into this particular network setup.Continue Reading
Misconfigured networks create huge security risks
Security experts say IT pros should be more concerned about the risks created by misconfigured networks than all the flaws and exploit code they read about.Continue Reading
How secure is online banking today?
Most banks take the security of their online services seriously. In this expert Q&A, Michael Cobb explains why online banking is relatively safe -- with the exception of one particular mistake.Continue Reading
SonicWALL NSA E5500 product review
Product review of SonicWALL NSA E5500 security tool basic and advanced firewall features, setup, pricing, VPN and wireless security.Continue Reading
Case Study: Company deploys full disk encryption policy on laptops
One billion-dollar company isn't taking chances with data stored on its laptops. It deployed full disk encryption on every machine, an increasingly popular security strategy.Continue Reading
Comparative Product Review: Six Web Application Firewalls
No longer can security managers focus only on perimeter and host security. The application has become the prime target for hackers. We review six leading Web application firewalls from Barracuda, Bee Ware, Breach Security, Citrix, F5 and Imperva ...Continue Reading
How to protect DNS servers
The DNS database is the world's largest distributed database, but unfortunately, DNS was not designed with security in mind. Application security expert Michael Cobb explains how to keep a DNS server from being hijacked.Continue Reading
How should the ipseccmd.exe tool be used in Windows Vista?
Ipseccmd is a command-line tool for displaying and managing IPsec policy and filtering rules. Expert Michael Cobb explains how to get the scripting utility to work with Vista.Continue Reading
Are encrypted Microsoft Word files safer in transit than PDF files?
In this expert Q&A, Michael Cobb demonstrates how a misconfigured firewall makes it easy for some Microsft Word and PDF files to be sniffed in transit.Continue Reading
Data loss prevention (DLP) tools: The new way to prevent identity theft?
Despite advances in perimeter technologies, data theft has become common in today's enterprises. To protect their confidential information, some security professionals are turning to an emerging technology category: data loss prevention. But don't ...Continue Reading
How would you define the responsibilities of a data custodian in a bank?
Data security is incredibly important for financial institutions, and it's the data custodian's job to make sure that data is safe. Security management expert Mike Rothman explains more.Continue Reading
Challenges behind operational integration of security and network management
The integration of security and network operations holds a great deal of promise thanks to today's security information management technology, but there are a number of hurdles to overcome when it's time to flip the switch. Sasan Hamidi outlines the...Continue Reading
Examine Security Features and Tools of Microsoft Windows Server 2008
Unwrap Windows Server 2008, the first server revision under Trustworthy Computing. Microsoft promises it is secure by design, default and deployment.Continue Reading
Product review: Titus Labs' Message Classification
DOCUMENT CLASSIFICATIONContinue Reading
Data Loss Prevention Tools Offer Insight into Where Data Lives
DLP tools help mitigate incidents and aid with data discovery.Continue Reading
Product review: AlgoSec's AlgoSec Firewall Analyzer 4.0
FIREWALL MANAGEMENTContinue Reading
Five steps to building information risk management frameworks
Implementing a successful enterprise risk management plan can be an overwhelming and harrowing process. In order to make the process work, many aspects need to examined, and all business areas need to be hands on. In this tip, contributor Khalid ...Continue Reading
Developing a patch management policy for third-party applications
Enterprises may push the latest critical Windows patches once a month, but here's a dirty little secret: Most organizations don't bother patching their third-party applications. The diversity of client-side software -- including everything from ...Continue Reading
Information protection: Using Windows Rights Management Services to secure data
Keeping confidential information under wraps is paramount in any business, but finding the right mix of tools or techniques is a common challenge. In this tip, contributor Tony Bradley explains how Windows Rights Management Services (WRMS) can help ...Continue Reading
How Sarbanes-Oxley changed the information security profession
Sarbanes-Oxley empowered information security professionals with the clout they'd sought for so long.Continue Reading
Will one failed drive corrupt the rest of a RAID-5 array?
In this expert Q&A, Michael Cobb explains when it is appropriate to keep a RAID-5 array's failed drive online.Continue Reading
What security issues can arise from unsynchronized system clocks?
Network administrators don't always pay enough attention to the issues of system clock accuracy and time synchronization. Michael Cobb explains why that can lead to security problems.Continue Reading
Lessons learned from TJX: Best practices for enterprise wireless encryption
The TJX data breach revealed all too well the weaknesses of the Wired Equivalent Privacy security model. The retailer's well-documented compromise of more than 94 million credit card numbers proved that intruders can easily take advantage of ...Continue Reading
Preventing spam bots from hijacking an enterprise network
According to security expert Michael Cobb, the likelihood of your enterprise being compromised by a botnet is not a question of if, but when. In this Messaging Security School tip, Cobb discusses how spammers use botnets to corrupt enterprise ...Continue Reading
Sun acquiring Vaau for identity management
To better serve customers preoccupied with regulatory compliance and identity management, Sun has agreed to acquire enterprise role-management vendor Vaau.Continue Reading
Making the case for Web application vulnerability scanners
If a Web application scanner can find common SQL injection flaws, cross-site scripting vulnerabilities, buffer overflows and dangerous backdoors, then why aren't more enterprises using them? In this tip, Michael Cobb not only examines where the ...Continue Reading
SIEM market, log management tools need a standardized log format
Security information and event management (SIEM) systems and log management tools would benefit from standardized log formats.Continue Reading
Honeyclients bring new twist to honeypots
Honeyclients are unpatched web browsers that actively seek malicous websites.Continue Reading
Are challenge-response technologies the best way to stop spam?
Challenge-response spam technology intercepts incoming emails and sends a challenge to the sender, asking him or her to confirm the message's validity. Though the antispam mechanism has gained popularity, there may be more secure alternatives, says ...Continue Reading
Web 2.0 application development techniques introduce new information security risks
Ajax, Java and other dynamic application coding methods have pulled computing power over to the client, introducing new risks and resurrecting old ones.Continue Reading
How to test an e-commerce Web site's security and privacy defenses
Assessing the security of e-commerce sites means checking up on their associated servers, databases and applications. In this expert response, Michael Cobb explains where to start.Continue Reading
What is an ideal patch management process for small businesses?
Patch management and testing can be a time-consuming and resource-hungry task. In this expert response, Michael Cobb demonstrates how to streamline the process.Continue Reading
Can Snort stop application-layer attacks?
Even though Snort can add an important layer of defense for applications, it won't fix the underlying problem of poorly written ones. Michael Cobb reveals a more efficient technique for patching up XSS and SQL injection vulnerabilities.Continue Reading
Preparing for uniform resource identifier (URI) exploits
URIs have always been a user-friendly way to recognize and access Web resources. By crafting malicious URLs and manipulating protocol handlers, however, attackers have devised new attacks that take advantage of the URI's locator functionality. Web ...Continue Reading
Guardium SQL Guard 6.0 product review
Guardium SQL Guard 6.0 is evaluated on its ability to monitor access to SQL databases. SQL Guard ensures a system of checks and balances between the security and database engineering teams.Continue Reading
Proofpoint On Demand Product Review
In this product review, learn about Proofpoint On Demand antivirus and antispam features.Continue Reading
What are the best laptop data encryption options?
When it comes to protecting laptops and hard drives, there are plenty of choices. In this expert Q&A, Michael Cobb lays out some data protection options. And they're not just software-based, either.Continue Reading
How to keep personally identifiable information out of access logs
Are there products available that can hide the internal IP addresses recorded in log files? Maybe not, but in this expert Q&A, Michael Cobb reveals which tools can prevent the transfer of personally identifiable information to third parties.Continue Reading
Can the symmetric encryption algorithm for S/MIME messages be changed?
Encryption algorithm requirements ensure a base level of interoperability among all S/MIME implementations. Email clients, however, can add additional algorithms, provided they correctly identify which algorithms a particular message uses. Expert ...Continue Reading
PCI DSS Requirement 1: Install and maintain a firewall configuration
Simply installing a firewall on the network perimeter won't necessarily get you past PCI DSS Requirement 1. In this guide, Craig Norris explains the extra work that needs to be done.Continue Reading
How to avoid dangling pointers: Tiny programming errors leave serious security vulnerabilities
For years, many have said that there is no practical way to exploit a dangling pointer, a common application programming error. But these software bugs should no longer be thought of as simple quality-assurance problems. Michael Cobb explains how ...Continue Reading
Rootkit detection and removal know-how
Get advice on how to detect malware and rootkits and the best ways to achieve rootkit removal and prevent hacker attacks.Continue Reading
Viewpoint: Correlate SIMs and log management
Logical, physical security integration challenges
Integrating physical and IT security can reap considerable benefits for an organization, including enhanced efficiency and compliance plus improved security. But convergence isn't easy. Challenges include bringing the physical and IT security teams ...Continue Reading
What CISOs need to know about computer forensics
With computer forensics needed for civil litigation, human resources investigations and criminal cases, organizations need to ensure they're prepared and evidence is preserved. This feature details steps involved in computer forensics, common ...Continue Reading
Enterprise risk management frameworks: Controls for people, processes, technology
Once responsibilities and requirements are defined, the next stage in developing a successful risk management framework involves developing controls. As Khalid Kark explains, that includes developing a culture of security, using technology in the ...Continue Reading
How does SSL 'sit' between the network layer and application layer?
SSL is neither a network layer protocol nor an application layer protocol. In this SearchSecurity.com Q&A, Michael Cobb explains how SSL "sits" between both layers.Continue Reading
How secure is the Windows registry?
In this SearchSecurity.com Q&A, platform security expert Michael Cobb explains the weaknesses of the Windows registry and explores other OS alternatives.Continue Reading
Will log-in form data posted to an SSL page always be encrypted?
If a Web page login form is not SSL-protected, but the login data is posted to an SSL page, is the information encrypted and safe? Not at all, says Michael Cobb in this SearchSecurity.com Q&A.Continue Reading
Should third-party software tools be used to customize applications?
Many features and functions required for today's network-ready applications can be purchased at a fraction of the cost that it would take to build them independently. But are they safe enough? Application security expert Michael Cobb explains.Continue Reading
What are the pros and cons of outsourcing email security services?
In this SearchSecurity.com Q&A, application security expert Michael Cobb explains whether it's right for your organization to hand off email security services to another provider.Continue Reading
How to select a penetration tester
Penetration testing tools can simulate attacks and help organizations get an idea of their security vulnerabilities. In this SearchSecurity.com Q&A, platform security expert Michael Cobb explains what you should be getting out of your penetration ...Continue Reading
Editor's Desk: Freeing Julie Amero
Justice ServedContinue Reading
Protecting Your Brand
Customer confidence is at risk when a breach occurs.Continue Reading
M&A: Merging network security policies
Company mergers often call for the consolidation of two different network policies. But before making any final decisions on technology, the staff members of both organizations need to be on the same page. In this tip, contributor Mike Chapple ...Continue Reading
Screencast: How to configure a UTM device
Unified threat management technologies provide protection against various network attacks, but properly configuring UTM boxes can be a whole other battle. In this exclusive screencast, expert David Strom gives an easy-to-follow, on-screen ...Continue Reading
Best practices for compliance during a merger
Company mergers involve more than just aligning two different security infrastructures. When one vendor acquires another, it's the handling of compliance issues that can be an IT security staff's toughest task. In this tip, security expert Joel ...Continue Reading
Product review: RedSeal Systems' RedSeal Security Risk Manager
Red Seal Security Risk Manager allows security administrators to model and manage threats to corporate assets and networks. This product review looks at how the risk management tool rates in effectiveness, ease of setup, reporting and overall ...Continue Reading
Product review: Unified threat management (UTM) devices
Unified threat management devices consolidate several network security functions into one product. This article evalutes six UTM appliances; each had to act as a firewall and virtual private network and provide antivirus, Web content filtering, ...Continue Reading
What are the drawbacks to application firewalls?
Application-layer firewalls examine ingoing and outgoing traffic more carefully than traditional packet-filtering firewalls, so why are some holding back on deployment? In this SearchSecurity.com Q&A, Michael Cobb reveals some cost and performance ...Continue Reading
What should be done with a RAID-5 array's failed drives?
Even one failed drive in a RAID-5 array can present an enterprise with serious data protection concerns. In this SearchSecurity.com Q&A, expert Michael Cobb explains which policies can protect and recover RAID-5 data.Continue Reading
How secure are document scanners and other 'scan to email' appliances?
Copiers and document scanners have always posed challenges for information security teams. In this SearchSecurity.com Q&A, Michael Cobb reveals how the right policies can control the use (and abuse) of these devices.Continue Reading
integrated threat management
Integrated threat management is a comprehensive approach to network security that addresses multiple types of malware, as well as blended threats and spam, and protects from intrusion at both the gateway and the endpoint levels... (Continued)Continue Reading
How can header information track down an email spoofer?
Spammers can use spoofed headers to hide the true origin of unwanted email. In this SearchSecurity.com Q&A, application security expert Michael Cobb explains how to trust where a message is coming from.Continue Reading
Bit9 Parity product review for endpoint security
Product review of Bit9's Parity 3.5, a PC security tool designed to give enterprises control over what users can do on company computers and prevent executables in malware from running on desktops. Automatically installs SQL Server 2005 and Apache ...Continue Reading
Intellectual property protection do's and don'ts
Theft of intellectual property is a growing problem but many companies are not prepared to deal with this security threat. Learn about the risk involved with trade secrets, why companies are failing to protect intellectual property and tips for data...Continue Reading
Are you putting information at risk by using contractors?
Contractors can become the source of a security breach. This feature looks at the risk management steps, including access control and policies, that organizations should take when hiring contractors. A sidebar examines how a health care company uses...Continue Reading
Role-based access controls
Identity management is a critical security challenge, but without viable standards for access control, your best efforts may be just a drop in the bucket.Continue Reading
Can keyloggers monitor mouse clicks and keyboard entries?
Keyloggers may be a security manager's best friend, especially if he or she wants to monitor an employee's keyboard entries. Keyloggers can't do it all, though, says application expert Michael Cobb.Continue Reading
Can ADFS technology manage multiple-user authentication?
In this SearchSecurity.com Q&A, Joel Dubin, expert in identity management and access control, addresses multiple aspects of ADFS systems, including the technology's ability to authenticate multiple users to a Web application.Continue Reading
How to ensure that an SSL connection protects sensitive Web data
In this expert Q&A, application security pro Michael Cobb explains how to secure sensitive Web site data that is sent across the Internet.Continue Reading
Are USB storage devices a serious enterprise risk?
USB drives are common gifts at conferences and trade shows, but how much of a danger are they to your enterprise's network security? In this expert Q&A, Michael Cobb explains the risks of these storage devices and how to control their use.Continue Reading
Defending layer 7: A look inside application-layer firewalls
Run-of-the-mill network firewalls can't properly defend applications. As Michael Cobb explains, application-layer firewalls offer Layer 7 security on a more granular level, and may even help organizations to get more out of existing network devices.Continue Reading
Dynamic code obfuscation: New threat requires innovative defenses
Dynamic code obfuscation used to be a taxing effort, but now even the most junior-level malicious hackers have learned how to effectively hide their code. In this tip, Michael Cobb examines how dynamic code obfuscation works, why it's on the rise ...Continue Reading
Product review: e-DMZ Security's eGuardPost
This product review examines e-DMZ eGuardPost's capabilities that allow security managers to apply granular access controls to remote connections. The appliance also comes bundled with Security's Password Auto Repository (PAR), e-DMZ's flagship ...Continue Reading
DigitalPersona Workstation Pro and Server for Biometric Authentication
This review evaluates DigitalPersona Pro, a single sign-on (SSO) software suite that allows an enterprise to replace passwords with biometric fingerprint readers or provide dual-factor authentication.Continue Reading