Offering regional and national programs, CIO (and CSO) events bring together some of the most respected names and thought leaders in information technology and security. Presented by CIOs and other senior level executives, these invitation-only programs offer timely topics and strong networking. Learn More »
Portfolio Management Maturity Model at Chevron - Presentation & Discussion
November 13, 11:30 AM - 12:30 PM ET (GMT-4)
The fundamental goal of the model is to help IT become a business partner and earn a seat at the table. Core to the model is to establish a five year IT strategic road map that is owned by the business. Presenter Janinne Franke is manager of strategy, planning & optimization at Chevron's corporate department & services. She will share processes and lessons learned from developing and implementing the model.
Learn more about the CIO Executive Council »
Apply today for a FREE subscription to CIO Magazine!
Spot-On Security Tips for Mac OS X Leopard
Mac OS X is generally unappealing to malicious hackers. But since its popularity is bound to attract notice from the bad guys, the new version of Apple's operating system sports several security features that users and IT departments should know about.
December 14, 2007 — CIO — Now that the honeymoon stage with Mac OS X Leopard has passed, the nuances of its daily use are beginning to come to light. Kinks are getting worked out, companies are updating their Mac-compatible software and all kinds of new and useful features are being unearthed. In the past, Mac OS X has been derided for flawed security while at the same time being lauded as an unlikely target for hackers. Did the release of Leopard finally hit the sweet spot of better security without sacrificing functionality?
What is it about Mac OS X that makes it unappealing to hackers and other Internet interlopers? Nick Selby, senior analyst and director of enterprise security practice with The 451 Group, says it's simply that hackers tend to reach for the lowest-hanging fruit. Selby explains that hackers get the most bang for their buck by developing malicious code designed to infect the most likely combination of software in use today: Microsoft Windows XP or Vista running a version of Internet Explorer's Web browser. "That's where the action and the money are," says Selby. Other combinations—Mac OS X and the Safari browser, for example—just aren't as widely used and therefore are not worth a hacker's time to look for holes to exploit.
That doesn't mean, however, that Leopard users shouldn't take security precautions anyway. "Targeted attacks by motivated and skilled hackers are generally not stoppable," says Selby. "Best practices dictate regular patching, updates, firewalls, port blocking and scanning for activity on known botnet channels."
Ollie Whitehouse, architect with Symantec's Advanced Threat Reasearch Team, agrees. "It's fair to say Mac OS X has not been a significant target for attackers or malicious code authors to date. However, researchers have demonstrated that the potential for susceptibility to the same types of flaws which have plagued Microsoft Windows for so many years does exist to the same extent. We have also seen indications that malicious code authors are kicking the tires with at least one actual attempt through social engineering to get the user to install a Trojan.
"However due to smaller market share, Mac OS X has not been targeted in the same way as Windows. It's reasonable to expect this to change over time, as Apple's market share increases and Microsoft improves Windows security," adds Whitehouse.. Also, there are threats to data which affect all lost or stolen laptops and devices. Even though attackers may not be aggressively targeting Mac OS X, Whitehouse urges IT departments to take responsible steps to protect data while it's at rest, and also put systems and policies in place to ensure that any valuable data is backed up.
Forrester Consulting Study - Total Economic Impac of NeuStar UltraDNS Managed External DNS Service
Managing DNS Services for Greater Network Security and Availability
Managed Internal DNS Service with Integrated DHCP Solution
Managed internal DNS/DHCP Service meets the needs and challenges of IT professionals
Quest Authentication Services: Simplify Identity Management
Quest Authentication and IBM Tivoli Identity Management
The New "Black Art." Learn why few companies do DNS well. Why fewer can scale it.
Advanced DNS and Traffic Management Solutions: The Keys to Enhancing and Securing your Enterprise Network
The State of the Great Windows Vista Migration and the Latest Research on What Real Customers Say
Liberation through Automation: How You Can Automate Your PC Deployment and Help Free Up IT Resources
Windows Vista: Essential Benefits and Deployment Strategies
Grassroots Data Governance with SAP MDM
Resource Alerts
Get instant email notifications by topic when white papers, webcasts, and case studies are added to our library.
African Social-Networking Site Gets New Toolbar
Kenya Yet to Fully Address Internet Governance Issues
Cybersecurity: Users, Other Groups Must Work Together
Microsoft: 'No Interest' in Pursuing Yahoo Deal
Africa Warming to Global Outsourcing Business, CBC Says
African States to Discuss Cybercrime
Music Industry Optimistic About Digital Future
Citrix Previews Project Kensho Open Source Toolkit
Altor Debuts Firewall for Virtual Environments
Extended Gmail Outage Hits Apps Admins
Just the basics, please. Sometimes we all need a refresher or we need to make sure our team and our colleagues are all on the same page.
Over 25 tutorials on everything from business intelligence to virtualization.
