Manage

Cloud Data Storage Encryption and Data Protection Best Practices

• Password management best practices for financial services firms

  Password management is a fundamental tenet of effective information security, but it's harder than it seems to manage passwords correctly, and far too easy to mess it up. In this tip, contributor Tony Bradley shares best practices for effective ... Continue Reading

• Is a Master Boot Record (MBR) rootkit completely invisible to the OS?

  Whether or not we see widespread attacks that use MBR rootkits will depend upon two factors. Platform security expert Michael Cobb explains them both. Continue Reading

• How to install and configure Nessus

  Nessus, an open source vulnerability scanner, can scan a network for potential security risks and provide detailed reporting that enables you to remediate gaps in your corporation's security posture. This tip, the first in a series of three on ... Continue Reading

• Best practices for application-level firewall selection and deployment

  Application-level firewalls are an essential aspect of any organization's multi-layered defense strategy, but the implementation process has some security pros scratching their heads. In this tip, contributor Joel Dubin discusses the contrasting ... Continue Reading

• Virtualization server security best practices

  Avoid server virtualization security bad practices with these dos and don'ts. Get info on virtualization products, segmentation, implementation, avoiding malware, and staging, deploying and patching virtual machines, segmentation and implementation. Continue Reading

• Product review: Klocwork Insight 8.0

  SOFTWARE SECURITYContinue Reading

• What are the pros and cons of zero-knowledge penetration tests?

  A penetration tester with no previous knowledge of the site being tested may be able to give some insight unavailable to other forms of penetration testing, but there are pros and cons. Expert Michael Cobb weighs in.Continue Reading

• Security breach management: Planning and preparation

  All organizations face the risk of an information security breach. While it can be a gut-wrenching ordeal, learning how to manage a breach can make it much easier to contain the damage. In this tip, contributor Khalid Kark unveils several key ...Continue Reading

• Webmail security: Best practices for data protection

  Webmail has become a popular choice for enterprises looking to provide users with email access outside the office, but deployment of any Web-based email system presents a unique set of security challenges. In this Messaging Security School tip, ...Continue Reading

• PCI compliance and Web applications: Code review or firewalls?

  The Payment Card Industry Data Security Standard is about to get a new wrinkle involving Web applications. As of June 30, 2008, to achieve PCI compliance, enterprises must either have their custom Web application code reviewed or install Web ...Continue Reading

• Are Internet cafe users' email credentials at risk?

  Most browsers store all Web pages, including a user's message and other information, in a cache from which it is retrievable with relative ease. Expert Michael Cobb explains how to keep the personal data from getting into the wrong hands.Continue Reading

• Secure Computing SafeWord 2008 product review

  Secure Computing SafeWord 2008 delivers identity management and access control for Windows systems using tokens that generate secure single-use passcodes. Information Security magazine reviews these capabilities.Continue Reading

• Face-Off: Is vulnerability research ethical?

  Bruce Schneier and Marcus Ranum debate the ethics of vulnerability researchContinue Reading

• 7 Security Questions to Ask Your SaaS Provider

  Outsourcing software as a service (SaaS) puts control over an organization's applications in the hands of others. Learn what questions to ask your provider, how to define security policies, how to understand how service providers handle security and...Continue Reading

• 5 Steps for Developing Strong Change Management Program Best Practices

  Poor change control and configuration management can affect the security of your systems and networks. Follow these five steps for a strong change management program.Continue Reading

• Worst practices: Bad security incidents to avoid

  Some of information security's worst practices are just best practices ignored. And those guilty of today's big infosec mistakes range from chief security officers to network firewall managers to security staffs at giant financial firms and ...Continue Reading

• Which operating system can best secure an FTP site?

  In this expert Q&A, platform security expert Michael Cobb explains how a secure FTP protocol can improve websites and Web services.Continue Reading

• Varonis DatAdvantage product review

  Varonis DatAdvantage data governance software is evaluated on its configuration and management, effectiveness, policy control and reporting.Continue Reading

• Companies Collecting Too Much Customer Data Increase Exposure

  If the risk of losing customer or partner information outweighs its value, why collect it in the first place?Continue Reading

• Worst Practices: Three big identity and access management mistakes

  Simple IAM mistakes such as writing down passwords and unaudited user accounts can allow malicious access into corporate networks. In this tip, contributor Joel Dubin exposes the most common identity management and access control blunders, and ...Continue Reading

• What ports should be opened and closed when IPsec filters are used?

  In this SearchSecurity.com Q&A, application security expert Michael Cobb explains how to set up separate branch IPsec filters that connect with a head office.Continue Reading

• Is Triple DES a more secure encryption scheme than DUKPT?

  Both DES and TDES use a symmetric key, but Michael Cobb explains their separate and distinct roles in protecting financial transactions.Continue Reading

• Misconfiguration issues could have contributed to Hannaford breach

  Hannaford takes heat from officials who believe the supermarket chain was slow in disclosing its breach. Meanwhile, one of Hannaford's security vendors gets defensive.Continue Reading

• Web scanning and reporting best practices

  Implementing a solid Web scanning routine is a key way to avoid corporate Web application attacks. And with industry requirements such as PCI DSS, performing vulnerability scans are also required to stay compliant. In this tip, contributor Joel ...Continue Reading

• DMVPN configuration: Should a firewall be between router and Internet?

  Cisco's Dynamic Multipoint VPN (DMVPN) product allows the configuration of site-to-site VPNs across WAN connections. Security expert Mike Chapple explains how a firewall fits into this particular network setup.Continue Reading

• Misconfigured networks create huge security risks

  Security experts say IT pros should be more concerned about the risks created by misconfigured networks than all the flaws and exploit code they read about.Continue Reading

• How secure is online banking today?

  Most banks take the security of their online services seriously. In this expert Q&A, Michael Cobb explains why online banking is relatively safe -- with the exception of one particular mistake.Continue Reading

• SonicWALL NSA E5500 product review

  Product review of SonicWALL NSA E5500 security tool basic and advanced firewall features, setup, pricing, VPN and wireless security.Continue Reading

• Case Study: Company deploys full disk encryption policy on laptops

  One billion-dollar company isn't taking chances with data stored on its laptops. It deployed full disk encryption on every machine, an increasingly popular security strategy.Continue Reading

• Comparative Product Review: Six Web Application Firewalls

  No longer can security managers focus only on perimeter and host security. The application has become the prime target for hackers. We review six leading Web application firewalls from Barracuda, Bee Ware, Breach Security, Citrix, F5 and Imperva ...Continue Reading

• How to protect DNS servers

  The DNS database is the world's largest distributed database, but unfortunately, DNS was not designed with security in mind. Application security expert Michael Cobb explains how to keep a DNS server from being hijacked.Continue Reading

• How should the ipseccmd.exe tool be used in Windows Vista?

  Ipseccmd is a command-line tool for displaying and managing IPsec policy and filtering rules. Expert Michael Cobb explains how to get the scripting utility to work with Vista.Continue Reading

• Are encrypted Microsoft Word files safer in transit than PDF files?

  In this expert Q&A, Michael Cobb demonstrates how a misconfigured firewall makes it easy for some Microsft Word and PDF files to be sniffed in transit.Continue Reading

• Data loss prevention (DLP) tools: The new way to prevent identity theft?

  Despite advances in perimeter technologies, data theft has become common in today's enterprises. To protect their confidential information, some security professionals are turning to an emerging technology category: data loss prevention. But don't ...Continue Reading

• How would you define the responsibilities of a data custodian in a bank?

  Data security is incredibly important for financial institutions, and it's the data custodian's job to make sure that data is safe. Security management expert Mike Rothman explains more.Continue Reading

• Challenges behind operational integration of security and network management

  The integration of security and network operations holds a great deal of promise thanks to today's security information management technology, but there are a number of hurdles to overcome when it's time to flip the switch. Sasan Hamidi outlines the...Continue Reading

• Examine Security Features and Tools of Microsoft Windows Server 2008

  Unwrap Windows Server 2008, the first server revision under Trustworthy Computing. Microsoft promises it is secure by design, default and deployment.Continue Reading

• Product review: Titus Labs' Message Classification

  DOCUMENT CLASSIFICATIONContinue Reading

• Data Loss Prevention Tools Offer Insight into Where Data Lives

  DLP tools help mitigate incidents and aid with data discovery.Continue Reading

• Product review: AlgoSec's AlgoSec Firewall Analyzer 4.0

  FIREWALL MANAGEMENTContinue Reading

• Five steps to building information risk management frameworks

  Implementing a successful enterprise risk management plan can be an overwhelming and harrowing process. In order to make the process work, many aspects need to examined, and all business areas need to be hands on. In this tip, contributor Khalid ...Continue Reading

• Developing a patch management policy for third-party applications

  Enterprises may push the latest critical Windows patches once a month, but here's a dirty little secret: Most organizations don't bother patching their third-party applications. The diversity of client-side software -- including everything from ...Continue Reading

• Information protection: Using Windows Rights Management Services to secure data

  Keeping confidential information under wraps is paramount in any business, but finding the right mix of tools or techniques is a common challenge. In this tip, contributor Tony Bradley explains how Windows Rights Management Services (WRMS) can help ...Continue Reading

• How Sarbanes-Oxley changed the information security profession

  Sarbanes-Oxley empowered information security professionals with the clout they'd sought for so long.Continue Reading

• Will one failed drive corrupt the rest of a RAID-5 array?

  In this expert Q&A, Michael Cobb explains when it is appropriate to keep a RAID-5 array's failed drive online.Continue Reading

• What security issues can arise from unsynchronized system clocks?

  Network administrators don't always pay enough attention to the issues of system clock accuracy and time synchronization. Michael Cobb explains why that can lead to security problems.Continue Reading

• Lessons learned from TJX: Best practices for enterprise wireless encryption

  The TJX data breach revealed all too well the weaknesses of the Wired Equivalent Privacy security model. The retailer's well-documented compromise of more than 94 million credit card numbers proved that intruders can easily take advantage of ...Continue Reading

• Preventing spam bots from hijacking an enterprise network

  According to security expert Michael Cobb, the likelihood of your enterprise being compromised by a botnet is not a question of if, but when. In this Messaging Security School tip, Cobb discusses how spammers use botnets to corrupt enterprise ...Continue Reading

• Sun acquiring Vaau for identity management

  To better serve customers preoccupied with regulatory compliance and identity management, Sun has agreed to acquire enterprise role-management vendor Vaau.Continue Reading

• Making the case for Web application vulnerability scanners

  If a Web application scanner can find common SQL injection flaws, cross-site scripting vulnerabilities, buffer overflows and dangerous backdoors, then why aren't more enterprises using them? In this tip, Michael Cobb not only examines where the ...Continue Reading

• SIEM market, log management tools need a standardized log format

  Security information and event management (SIEM) systems and log management tools would benefit from standardized log formats.Continue Reading

• Honeyclients bring new twist to honeypots

  Honeyclients are unpatched web browsers that actively seek malicous websites.Continue Reading

• Are challenge-response technologies the best way to stop spam?

  Challenge-response spam technology intercepts incoming emails and sends a challenge to the sender, asking him or her to confirm the message's validity. Though the antispam mechanism has gained popularity, there may be more secure alternatives, says ...Continue Reading

• Web 2.0 application development techniques introduce new information security risks

  Ajax, Java and other dynamic application coding methods have pulled computing power over to the client, introducing new risks and resurrecting old ones.Continue Reading

• How to test an e-commerce Web site's security and privacy defenses

  Assessing the security of e-commerce sites means checking up on their associated servers, databases and applications. In this expert response, Michael Cobb explains where to start.Continue Reading

• What is an ideal patch management process for small businesses?

  Patch management and testing can be a time-consuming and resource-hungry task. In this expert response, Michael Cobb demonstrates how to streamline the process.Continue Reading

• Can Snort stop application-layer attacks?

  Even though Snort can add an important layer of defense for applications, it won't fix the underlying problem of poorly written ones. Michael Cobb reveals a more efficient technique for patching up XSS and SQL injection vulnerabilities.Continue Reading

• Preparing for uniform resource identifier (URI) exploits

  URIs have always been a user-friendly way to recognize and access Web resources. By crafting malicious URLs and manipulating protocol handlers, however, attackers have devised new attacks that take advantage of the URI's locator functionality. Web ...Continue Reading

• Guardium SQL Guard 6.0 product review

  Guardium SQL Guard 6.0 is evaluated on its ability to monitor access to SQL databases. SQL Guard ensures a system of checks and balances between the security and database engineering teams.Continue Reading

• Proofpoint On Demand Product Review

  In this product review, learn about Proofpoint On Demand antivirus and antispam features.Continue Reading

• What are the best laptop data encryption options?

  When it comes to protecting laptops and hard drives, there are plenty of choices. In this expert Q&A, Michael Cobb lays out some data protection options. And they're not just software-based, either.Continue Reading

• How to keep personally identifiable information out of access logs

  Are there products available that can hide the internal IP addresses recorded in log files? Maybe not, but in this expert Q&A, Michael Cobb reveals which tools can prevent the transfer of personally identifiable information to third parties.Continue Reading

• Can the symmetric encryption algorithm for S/MIME messages be changed?

  Encryption algorithm requirements ensure a base level of interoperability among all S/MIME implementations. Email clients, however, can add additional algorithms, provided they correctly identify which algorithms a particular message uses. Expert ...Continue Reading

• PCI DSS Requirement 1: Install and maintain a firewall configuration

  Simply installing a firewall on the network perimeter won't necessarily get you past PCI DSS Requirement 1. In this guide, Craig Norris explains the extra work that needs to be done.Continue Reading

• How to avoid dangling pointers: Tiny programming errors leave serious security vulnerabilities

  For years, many have said that there is no practical way to exploit a dangling pointer, a common application programming error. But these software bugs should no longer be thought of as simple quality-assurance problems. Michael Cobb explains how ...Continue Reading

• Rootkit detection and removal know-how

  Get advice on how to detect malware and rootkits and the best ways to achieve rootkit removal and prevent hacker attacks.Continue Reading

• Viewpoint: Correlate SIMs and log management

  Continue Reading

• Logical, physical security integration challenges

  Integrating physical and IT security can reap considerable benefits for an organization, including enhanced efficiency and compliance plus improved security. But convergence isn't easy. Challenges include bringing the physical and IT security teams ...Continue Reading

• What CISOs need to know about computer forensics

  With computer forensics needed for civil litigation, human resources investigations and criminal cases, organizations need to ensure they're prepared and evidence is preserved. This feature details steps involved in computer forensics, common ...Continue Reading

• Enterprise risk management frameworks: Controls for people, processes, technology

  Once responsibilities and requirements are defined, the next stage in developing a successful risk management framework involves developing controls. As Khalid Kark explains, that includes developing a culture of security, using technology in the ...Continue Reading

• How does SSL 'sit' between the network layer and application layer?

  SSL is neither a network layer protocol nor an application layer protocol. In this SearchSecurity.com Q&A, Michael Cobb explains how SSL "sits" between both layers.Continue Reading

• How secure is the Windows registry?

  In this SearchSecurity.com Q&A, platform security expert Michael Cobb explains the weaknesses of the Windows registry and explores other OS alternatives.Continue Reading

• Will log-in form data posted to an SSL page always be encrypted?

  If a Web page login form is not SSL-protected, but the login data is posted to an SSL page, is the information encrypted and safe? Not at all, says Michael Cobb in this SearchSecurity.com Q&A.Continue Reading

• Should third-party software tools be used to customize applications?

  Many features and functions required for today's network-ready applications can be purchased at a fraction of the cost that it would take to build them independently. But are they safe enough? Application security expert Michael Cobb explains.Continue Reading

• What are the pros and cons of outsourcing email security services?

  In this SearchSecurity.com Q&A, application security expert Michael Cobb explains whether it's right for your organization to hand off email security services to another provider.Continue Reading

• How to select a penetration tester

  Penetration testing tools can simulate attacks and help organizations get an idea of their security vulnerabilities. In this SearchSecurity.com Q&A, platform security expert Michael Cobb explains what you should be getting out of your penetration ...Continue Reading

• Editor's Desk: Freeing Julie Amero

  Justice ServedContinue Reading

• Protecting Your Brand

  Customer confidence is at risk when a breach occurs.Continue Reading

• M&A: Merging network security policies

  Company mergers often call for the consolidation of two different network policies. But before making any final decisions on technology, the staff members of both organizations need to be on the same page. In this tip, contributor Mike Chapple ...Continue Reading

• Screencast: How to configure a UTM device

  Unified threat management technologies provide protection against various network attacks, but properly configuring UTM boxes can be a whole other battle. In this exclusive screencast, expert David Strom gives an easy-to-follow, on-screen ...Continue Reading

• Best practices for compliance during a merger

  Company mergers involve more than just aligning two different security infrastructures. When one vendor acquires another, it's the handling of compliance issues that can be an IT security staff's toughest task. In this tip, security expert Joel ...Continue Reading

• Product review: RedSeal Systems' RedSeal Security Risk Manager

  Red Seal Security Risk Manager allows security administrators to model and manage threats to corporate assets and networks. This product review looks at how the risk management tool rates in effectiveness, ease of setup, reporting and overall ...Continue Reading

• Product review: Unified threat management (UTM) devices

  Unified threat management devices consolidate several network security functions into one product. This article evalutes six UTM appliances; each had to act as a firewall and virtual private network and provide antivirus, Web content filtering, ...Continue Reading

• What are the drawbacks to application firewalls?

  Application-layer firewalls examine ingoing and outgoing traffic more carefully than traditional packet-filtering firewalls, so why are some holding back on deployment? In this SearchSecurity.com Q&A, Michael Cobb reveals some cost and performance ...Continue Reading

• What should be done with a RAID-5 array's failed drives?

  Even one failed drive in a RAID-5 array can present an enterprise with serious data protection concerns. In this SearchSecurity.com Q&A, expert Michael Cobb explains which policies can protect and recover RAID-5 data.Continue Reading

• How secure are document scanners and other 'scan to email' appliances?

  Copiers and document scanners have always posed challenges for information security teams. In this SearchSecurity.com Q&A, Michael Cobb reveals how the right policies can control the use (and abuse) of these devices.Continue Reading

• integrated threat management

  Integrated threat management is a comprehensive approach to network security that addresses multiple types of malware, as well as blended threats and spam, and protects from intrusion at both the gateway and the endpoint levels... (Continued)Continue Reading

• How can header information track down an email spoofer?

  Spammers can use spoofed headers to hide the true origin of unwanted email. In this SearchSecurity.com Q&A, application security expert Michael Cobb explains how to trust where a message is coming from.Continue Reading

• Bit9 Parity product review for endpoint security

  Product review of Bit9's Parity 3.5, a PC security tool designed to give enterprises control over what users can do on company computers and prevent executables in malware from running on desktops. Automatically installs SQL Server 2005 and Apache ...Continue Reading

• Intellectual property protection do's and don'ts

  Theft of intellectual property is a growing problem but many companies are not prepared to deal with this security threat. Learn about the risk involved with trade secrets, why companies are failing to protect intellectual property and tips for data...Continue Reading

• Are you putting information at risk by using contractors?

  Contractors can become the source of a security breach. This feature looks at the risk management steps, including access control and policies, that organizations should take when hiring contractors. A sidebar examines how a health care company uses...Continue Reading

• Role-based access controls

  Identity management is a critical security challenge, but without viable standards for access control, your best efforts may be just a drop in the bucket.Continue Reading

• Can keyloggers monitor mouse clicks and keyboard entries?

  Keyloggers may be a security manager's best friend, especially if he or she wants to monitor an employee's keyboard entries. Keyloggers can't do it all, though, says application expert Michael Cobb.Continue Reading

• Can ADFS technology manage multiple-user authentication?

  In this SearchSecurity.com Q&A, Joel Dubin, expert in identity management and access control, addresses multiple aspects of ADFS systems, including the technology's ability to authenticate multiple users to a Web application.Continue Reading

• How to ensure that an SSL connection protects sensitive Web data

  In this expert Q&A, application security pro Michael Cobb explains how to secure sensitive Web site data that is sent across the Internet.Continue Reading

• Are USB storage devices a serious enterprise risk?

  USB drives are common gifts at conferences and trade shows, but how much of a danger are they to your enterprise's network security? In this expert Q&A, Michael Cobb explains the risks of these storage devices and how to control their use.Continue Reading

• Defending layer 7: A look inside application-layer firewalls

  Run-of-the-mill network firewalls can't properly defend applications. As Michael Cobb explains, application-layer firewalls offer Layer 7 security on a more granular level, and may even help organizations to get more out of existing network devices.Continue Reading

• Dynamic code obfuscation: New threat requires innovative defenses

  Dynamic code obfuscation used to be a taxing effort, but now even the most junior-level malicious hackers have learned how to effectively hide their code. In this tip, Michael Cobb examines how dynamic code obfuscation works, why it's on the rise ...Continue Reading

• Product review: e-DMZ Security's eGuardPost

  This product review examines e-DMZ eGuardPost's capabilities that allow security managers to apply granular access controls to remote connections. The appliance also comes bundled with Security's Password Auto Repository (PAR), e-DMZ's flagship ...Continue Reading

• DigitalPersona Workstation Pro and Server for Biometric Authentication

  This review evaluates DigitalPersona Pro, a single sign-on (SSO) software suite that allows an enterprise to replace passwords with biometric fingerprint readers or provide dual-factor authentication.Continue Reading