Features

Protecting your assets

Protecting your assets

The flooring of the Russian stock exchange by malware earlier this year served as a wake-up call for many financial institutions and at the same time brought to mind a recognised computer attack technique: take a system down prior to launching the 'real' attack.
Phil Gould Mar 7 2006 3:18PM Security
Policies and ethical standards

Policies and ethical standards

As the workplace environment continues to become more complex, there is an increased potential for unethical and inappropriate behavior by employees at all levels of the organization.
Joe Malec Mar 6 2006 10:17PM Security
Books IT security pros need

Books IT security pros need

I went through my library and picked out a few of the books that I think are the most useful and important for the security professional with little time for reading.
Peter Stephenson,CeRNS, Mar 6 2006 10:13PM Security
A marketing strategy is part of the job

A marketing strategy is part of the job

If you want to stay alive and continue to be progressive in this profession, you must be able to create and market your company’s IT security strategy. My suggestions follow.
Randy Sanovic Mar 6 2006 10:02PM Security
Got something to say?

Got something to say?

Send your comments, praise or criticisms to scfeedbackus@haymarketmedia.com. We reserve the right to edit letters.
Staff Writers Mar 6 2006 9:33PM Security
CSO of the year: Thomas Dunbar, global chief security officer, XL Capital

CSO of the year: Thomas Dunbar, global chief security officer, XL Capital

As the global chief security officer at a leading multinational insurance company, Thomas Dunbar has a lot of data to protect, a range of regulations with which to comply and a huge number of employees whose access to corporate IT assets he must manage.
Illena Armstrong Mar 6 2006 8:55PM Security
Thwarting ID thieves

Thwarting ID thieves

David Lazarus is not your typical victim of identity theft. Most notably, he fought back and won — a rarity even in today’s era of heightened government oversight of corporate shenanigans.
Jim Carr Mar 6 2006 8:27PM Security
Peer-to-peer protection

Peer-to-peer protection

For many organizations, instant messaging (IM) and other peer-to-peer (P2P) applications have become instant headaches.
Joseph C. Mar 6 2006 8:17PM Security
A view from the top

A view from the top

Compliance issues and identity theft incidents may have dominated 2005, but other problems will unfold over coming months.
Illena Armstrong Mar 6 2006 8:09PM Security
Forging a national cyber security strategy

Forging a national cyber security strategy

In the face of growing threats to its cyber assets, America requires a cohesive and comprehensive plan to protect its vital and most sensitive data. Here, one of the leading decision makers in the federal government IT arena coveys overarching priorities for securing the country's cyberspace.
Andy Purdy Mar 6 2006 7:59PM Security
Spam finds a way

Spam finds a way

Two years ago, Bill Gates made the brave prediction that spam would soon be “a thing of the past.” But it currently makes up between 60 and 90 percent of the world’s email traffic, and by all accounts is not going away. If anything, this year will see spam reaching new heights.
Rene Millman Mar 6 2006 7:46PM Security
The Common Vulnerability Scoring System: Get your threat priorities right

The Common Vulnerability Scoring System: Get your threat priorities right

Over the years, I’ve seen and used a diverse range of methods to evaluate and explain the risks associated with a particular security threat or vulnerability. Depending on the audience and the nature of the environment being evaluated, there has always been – and always will be – a frequent need to reclassify the severity of a finding. This is particularly relevant when making use of findings derived from automated security tools.
Gunter Ollmann Mar 6 2006 7:04PM Security
Risks and rewards of a wireless LAN

Risks and rewards of a wireless LAN

Wireless local area network (WLAN) technology was deployed at Mount Allison University to enhance on-the-go productivity of our students, faculty, staff and administrators. Whether it’s conducting research, exchanging ideas or gaining access to useful operational information, campus users can now perform such functions in real-time without breaking stride from their daily routines.
Peter Crawshaw Mar 6 2006 6:54PM Security
Naughty but nice

Naughty but nice

The fast-growing popularity of peer-to-peer communication, and particularly IM, is bringing an equal expansion of risk. Janine Milne reports
Janine Milne Mar 6 2006 3:56PM Security
Review: SenSage ESA

Review: SenSage ESA

One of the regular complaints heard from enterprise network staff is how they often struggle to avoid drowning in log files. Threats against compliance, security and uptime are disclosed in event logs, but the staff’s good intentions for investigating those data points collides with the high costs of managing and researching the massive jumble. SenSage clears the way through logjams of enormous size, enabling users to quickly extract hard answers.
Ken Phillips Mar 1 2006 12:00AM Security
Review: eToken

Review: eToken

The use of a token offers interesting possibilities for user authentication and single sign-on to multiple applications. For example, various credentials can be stored on a token and released to applications and services as required. The user may then simply remember a single password for the token which, in turn, will take care of the detailed requirements for each application.
Julian Ashbourn Mar 1 2006 12:00AM Security
Review: OneSign

Review: OneSign

This appliance-based solution does just what its name suggests. A capability such as single sign-on must be robustly managed, and Imprivata provides for this with its dedicated appliance and associated agents, which reside on the user’s workstation.
Julian Ashbourn Mar 1 2006 12:00AM Security
Review: Password Manager

Review: Password Manager

Citrix Password Manager is a robust user authentication mechanism that can be used as a standalone application or as part of the Access Suite, which also provides VPN and presentation server capabilities.
Julian Ashbourn Mar 1 2006 12:00AM Security
Review: PortWise

Review: PortWise

PortWise’s basic tenet is to protect remote access to organisational assets via a combination of both user and device authorisation.
Julian Ashbourn Mar 1 2006 12:00AM Security
Review: RSA Sign-On Manager

Review: RSA Sign-On Manager

This software provides enterprise-level SSO using either conventional passwords or, preferably, two-factor authentication using the RSA SecureID tokens.
Julian Ashbourn Mar 1 2006 12:00AM Security

Log In

  |  Forgot your password?