Information Security Policies Procedures and Guidelines

  • December 10, 2007 10 Dec'07

    Pay no attention to the pop-up box behind the curtain

    Bill Clinton may be the world's champion when it comes to parsing words and phrases to suit his own purposes, but to give credit where credit is due, executives from software companies are making ...

  • December 07, 2007 07 Dec'07

    The changing role of the CSO

    In the last few months I've been hearing more and more from CEOs, CIOs and CSOs about the changing role of the CSO (or CISO, depending on your org chart) in the enterprise. In the past, the CSO has ...

  • December 07, 2007 07 Dec'07

    Time to update your Skype

    Skype users will want to upgrade to version for Windows to close a security hole attackers could exploit to run malicious code on vulnerable machines. According to Danish vulnerability ...

  • December 06, 2007 06 Dec'07

    Finding Vista SP1 testers in the blogosphere

    As I noted earlier, Microsoft is about to unleash Vista SP1 release candidate 1. I'll be interested to see if it truly addresses issues IT administrators have noted throughout the run of our Vista ...

  • December 06, 2007 06 Dec'07

    Microsoft rolls out Vista SP1 release candidate 1

    As I've been reporting throughout the course of our Vista deployment series, a majority of IT shops are moving as slowly as possible on their Vista deployments because of compatibility problems and ...

  • November 29, 2007 29 Nov'07

    Where to find the best IT security news roundups

    A couple weeks ago at the monthly meeting of the National Information Security Group (NAISG) in Waltham, Mass., I gave a couple of PowerPoint presentations when the scheduled speaker hit some ...

  • November 27, 2007 27 Nov'07

    SANS Top 20 released, but is it still useful?

    The SANS Institute released its 2007 Top 20 threats list today (They still call it the Top 20, even though there are only 18 items on this year's list), and the main takeaway is pretty much the ...

  • November 26, 2007 26 Nov'07

    RFID security could get better

    Information Security magazine's Senior Technology Editor Neil Roiter wrote a story about University of Massachusetts at Amherst researchers who developed a way to generate a unique set of random ...

  • November 21, 2007 21 Nov'07

    Potential crypto problem in CPUs has potential solution

    Some security experts are counseling a bit of caution about the recent reports of a potential math error in a commercial microprocessor that could lead to mass compromises. The possible ...

  • November 16, 2007 16 Nov'07

    Diving back into the Mac Vs. Windows debate

    After writing about the massive security update Apple released for Mac OS X this week, I've decided to dive back into the never-ending blog debate over whether the Mac is really more secure than ...

  • November 12, 2007 12 Nov'07

    Another sign Visa was on to TJX’s security troubles

    In his StoreFrontBacktalk blog, Evan Schuman offers another historical nugget about how Visa knew as far back as 2005 that TJX's security posture was not even close to upright. According to more ...

  • November 12, 2007 12 Nov'07

    Security consultant hijacked 250,000 machines

    A security consultant based in L.A. has pleaded guilty to leading a double life as a bot herder, infecting 250,000 computers and stealing thousands of identities in the process. John Schiefer ...

  • November 08, 2007 08 Nov'07

    Hot security times in the chilly Second City

    I am just getting back into the swing of things after returning from our Information Security Decisions conference, which was held in Chicago Monday and Tuesday. I've always liked this conference ...

  • November 07, 2007 07 Nov'07

    Social networking backlash

    Social networking sites like Facebook and MySpace aren't very popular in the corporate world, according to a study by Barracuda Networks. Analyzing data from businesses using its Web filtering ...

  • November 06, 2007 06 Nov'07

    Microsoft privacy guru: Cyberspace needs CardSpace

    It's been awhile since I've heard anyone talk about Windows CardSpace, the Microsoft client software Bill Gates has pushed as the best way to do away with passwords. But at the CSI 2007 conference ...