Monday, 21 May 2012
The decision to block or allow consumer applications is seldom black or white. Policies vary according to application, security requirements, and network infrastructure.
For detection, it is great to have antivirus in an enterprise environment running at regularly scheduled times, but it is not the only vector that should be used to identify malware. John Strand reveals some of the others.
You know very little about security other than your business needs it to keep going. Should you go hire yourself a consultant? The book Maximum Internet Security: A Hackers Guide, by Anonymous suggests not necessarily.
There are two general categories of private key algorithms: block and stream cipher. A block cipher encrypts one block of data at a time. DES is an example of a block cipher. A stream cipher encrypts each byte of the data stream individually.
Security for e-mail gateways falls into four general areas: protectingthe server itself, protecting the inside network, dealing with unsolicited commercial e-mail (commonly called 'spam') and remote access to e-mail.
The classic ROI equation doesn't apply to information security, but that doesn't stop management from asking for metrics. Learn how Six Sigma can be used to prove the business value of security.
Companies don't often purchase new information security products, so when they do, it's critical that they get the right product for the best price. In this tip, contributor Mike Rothman explains common mistakes in the security product purchase process, and offers helpful advice on how to evaluate needs, compare products and negotiate with vendors.
Since its flashy launch in June 2007, the Apple iPhone has certainly garnered a great deal of buzz. Almost immediately, hackers searched for exploitable flaws in the product, and they weren't disappointed. In this tip, Ed Skoudis examines iPhone-specific attacks and reveals how organizations can limit their exposure as the popular devices infiltrate the enterprise.
Email has long been a favorite method for malicious hackers looking to launch attacks, and one of the first steps in defending against vicious email threats lies in developing a strong email authentication strategy. In this tip, contributor Noah Schiffman discusses the two most popular and effective types of authentication systems, and unveils the positive and negative aspects of each approach.
With all of the compliance requirements and regulations organizations need to abide by these days, corporate compliance blunders are inevitable. In this tip, security management expert Mike Rothman highlights the biggest compliance mistakes seen in the information security industry, and offers advice on how your company can learn from them.
knowledge_central_tab
Knowledge Central
Less secure than you think 
This white paper examines the changing threat landscape, how the nature of security threats has evolved, and the potential financial impact across vertical markets and organizations of all sizes. This paper will explain why advanced targeted attacks have been extremely effective at breaking through traditional network security and enabling the massive data breaches and intellectual property thefts that are keeping CISOs awake at night.
Trusted Mobility Index
The mobile ecosystem of devices, services and networks is at a critical inflection point.While the mobile revolution is unleashing massive opportunities in both emerging and mature economies, it is also increasing in complexity and confusion. The reality is the lightning-fast adoption of powerful, smart devices is outpacing society’s ability to secure them. Today, trust in mobility hangs in the balance.
MasterCard tackles BYOD with strict conditions
More than a year into its bring-your-own-device program, MasterCard Worldwide continuously assesses the security technology and policies that allow 30 percent of its employees worldwide to use their personal iPhones, iPads and Android devices at work.
HID Global deploys a centralized, web-based IP access control solution at Fuxi Power Plant
Unable to meet the needs for real-time monitoring with its traditional patrol system, China's Fuxi Power Plant has deployed HID Global's VertX V2000.
