Offering regional and national programs, CIO (and CSO) events bring together some of the most respected names and thought leaders in information technology and security. Presented by CIOs and other senior level executives, these invitation-only programs offer timely topics and strong networking. Learn More »
Social Responsibility's Strategic Benefits
December 15, 11:30 AM - 12:30 PM US/Eastern (GMT-5)
Join Ed Granger-Happ, CIO of Save the Children, for a discussion of how creating an organization that is socially responsible improves staffing, retention, leadership development and overall corporate health.
Working With and Communicating to Your Board of Directors
January 13, 2009, 4:00 PM - 5:00 PM US/Eastern (GMT-5)
CIO panelists who will share tips and experiences working with their boards: Twila Day of SYSCO; Jeff O'Hare, West Corp.; Marc West, formerly with H&R Block.
IT's Role in Growing Mid-Market Companies
January 14, 4:00 PM - 5:00 PM ET (GMT-5)
Mid-market Council members will share their companies' stories and challenges in driving or coping with growth. Panelists represent Veterinary Pet Insurance, Medicis Pharmaceutical, and Intrax Cultural Exchange.
Learn more about the CIO Executive Council »
Apply today for a FREE subscription to CIO Magazine!
October 15, 2005 — CIO —
This has not been a banner year for information security.
From a stolen laptop full of Social Security numbers to a website that lost oceans of credit card data, commonsense security procedures seem in short supply. "Almost without exception we’re living in a world where no one thinks to lock the stable doors until the horses have escaped," says David Friedlander, a senior analyst at Forrester Research.
CIOs can spend millions on firewalls, intrusion detection systems and whatever else their security vendors are selling, but when that VP of marketing decides to sync his work laptop with his unsecured home PC—and there’s no policy or training to make him think twice—your million-dollar security efforts become worthless.
With that in mind, here are 10 common security ailments and 10 practical remedies. They’re easy and inexpensive, and you can do them right now. All involve some form of user education and training. "How do you stop stupid mistakes?" asks Mark Lobel, a partner in the security practice at PricewaterhouseCoopers. "It’s education and security awareness—basic blocking and tackling—and it does not have to cost a fortune."
Save As...
The Hole | A company familiar to Adam Couture, a principal analyst at Gartner Research, searched its Exchange servers for documents called "passwords.doc." There were 40 of them.
The Problem | Uneducated users. "Some of these [mistakes] are so obvious that you think, ‘Nobody would do that,’" Couture says. "But you give people too much credit." Any hacker, malcontent employee or grandmother with a minimal amount of computer know-how could unlock those documents and ravage your company’s most sensitive applications (not to mention all of your employees’ personal information).
The Solution | First, CIOs need to acknowledge that there might be passwords.doc files on their networks, find them and destroy them. Then, via e-mail or a companywide meeting, they need to explain to users why keeping a file like this on the network is a really, really bad idea.
Ever Heard of "bcc:"?
The Hole | On June 13, 2005, the University of Kansas Office of Student Financial Aid sent out an e-mail to 119 students, informing them that their failing grades put them at risk of losing their financial aid. The e-mail included all 119 students’ names within the e-mail address list.
The Problem | Besides embarrassing their students, U. Kansas administrators may have violated the Department of Education’s Family Education Rights and Privacy Act, which protects the privacy of students’ grades and financial situations.
FORTUNE 100 insurance leaders rely on the Symantec Data Loss Prevention solution to protect sensitive customer data.
Do you know where your confidential data is, where it is going, and how to prevent it from leaving your organization.
Learn what the thought-leaders at PricewaterhouseCoopers have to say on the risks associated with data security.
Incorporate best practices from many companies using DLP solutions as you establish your organization's requirements and safeguard confidential data.
35 U.S. organizations that lost confidential information and had a regulatory requirement to publicly notify affected individuals are studied in this report.
Integrating ActiveRoles With IBM Tivoli Identity Manager 5.0
Quest Authentication Services: Simplify Identity Management
Unlock the Power of Device ID to Combat Online Fraud and Abuse
The Business Case for Web Application Firewalls, by Ken Tyminski, former VP and CISO for the Prudential Insurance Company of America
Quest Authentication and IBM Tivoli Identity Management
Check Point Endpoint Security - Unifying Essential Components
Into the Wild: Managing Laptops Outside the Office
Protecting Sensitive and Confidential Information with Endpoint Security
Revolutionizing Endpoint Security with a Single Agent
How RFID Improves Data Center Efficiency
Building Competitive Advantage with Next-Generation Wireless Infrastructure
Gartner on Data Deduplication Cost Savings
Resource Alerts
Get instant email notifications by topic when white papers, webcasts, and case studies are added to our library.
Server Virtualization: Gartner Predictions Through 2011
Vista SP2: Six Things You Need to Know
Intel, Google Asked to Help Revise EU Data Protection Laws
AMD Lowers Forecast for Q4 Revenue
Apple Comes Out on Top as Smartphone Sales Slow
AT&T to Cut 12,000 Employees Through 2009
Next Google Android Phone "Agora" Due in January '09
Firefox Users Targeted By Rare Piece of Malware
Yahoo Technology Will Offer Abstracts of Search Results
Yahoo Could Open Access to Flickr, Other Technologies
Just the basics, please. Sometimes we all need a refresher or we need to make sure our team and our colleagues are all on the same page.
Over 25 tutorials on everything from business intelligence to virtualization.
- CIO|
- Computerworld|
- CSO|
- DEMO|
- Game Pro|
- Games.net|
- IDG|
- IDG UK|
- IDG Connect|
- IDG Tech Network |
- IDG World Expo|
- Industry Standard|
- InfoWorld|
- ITworld|
- JavaWorld|
- LinuxWorld|
- MacUser|
- Macworld|
- Network World|
- PC World|
- Playlist|
- CIO UK|
- CIO Germany|
- CIO China|
- CIO Sweden|
- CIO Australia|
- Other CIO Sites
