Offering regional and national programs, CIO (and CSO) events bring together some of the most respected names and thought leaders in information technology and security. Presented by CIOs and other senior level executives, these invitation-only programs offer timely topics and strong networking. Learn More »
Portfolio Management Maturity Model at Chevron - Presentation & Discussion
November 13, 11:30 AM - 12:30 PM ET (GMT-4)
Janinne Franke, manager of strategy, planning & optimization at Chevron's corporate department & services, will share processes and lessons learned from developing and implementing the model.
Social Responsibility's Strategic Benefits
December 15, 11:30 AM - 12:30 PM US/Eastern (GMT-5)
Join Ed Granger-Happ, CIO of Save the Children, for a discussion of how creating an organization that is socially responsible improves staffing, retention, leadership development and overall corporate health.
Learn more about the CIO Executive Council »
Apply today for a FREE subscription to CIO Magazine!
June 01, 2002 — CIO — You can’t erase every in-house security threat. But there is software to help you manage the risks. Steve Hunt, an analyst at Giga Information Group, puts the software into four categories.
1. Authentication software
It answers the question Who are you? Includes passwords, smart cards, biometrics and single sign-on technologies. Web single sign-on is often used as a single point of authentication for browser-based users accessing Web-based applications. Leading vendors include Netegrity and Computer Associates.
2. Authorization software
Operating systems such as Unix and Windows NT offer modest protection for controlling who has access to what files. Systems administrators can set permission levels so that certain users can read, write or execute certain files or folders. The problem? The settings are time-consuming to configure and easy for savvy users to override. Authorization software, sold by Computer Associates, IBM and others, enforces the rules you’ve set up.
3. Administration software
This software makes access control a little neater. Sold by Access360, BMC Software, IBM’s Tivoli Systems and others, administration software allows companies to keep track of all their users and what access those users have to specific data. It would allow a security manager to place one call instead of asking 25 systems administrators to change access levels, Hunt says. A company with 30,000 employees would spend about $1 million on software and consulting fees. But even then, Hunt says, a savvy internal hacker could cause problems.
4. Audit software
BindView, Counterpane and PentaSafe offer products and services for answering the question What happened? They report security events, identify anomalies and identify trends. Companies use audit info to improve the quality of their applications as well as security.
Hunt says that CIOs can solve 90 percent of the threat by combining the use of tools such as these with corporate firewalls, internal VPNs and network intrusion detection tools. "That just cost you $2 million if you’re a big company, but you have to ask yourself, What would a competitive espionage breach cost you in market momentum, legal fees or embarrassment?" Hunt asks. "That’s when you take a walk through your cubicles and try to see how disgruntled your employees are." © 2008 CXO Media Inc.
FORTUNE 100 insurance leaders rely on the Symantec Data Loss Prevention solution to protect sensitive customer data.
Do you know where your confidential data is, where it is going, and how to prevent it from leaving your organization.
Learn what the thought-leaders at PricewaterhouseCoopers have to say on the risks associated with data security.
Incorporate best practices from many companies using DLP solutions as you establish your organization's requirements and safeguard confidential data.
35 U.S. organizations that lost confidential information and had a regulatory requirement to publicly notify affected individuals are studied in this report.
Turn your information management best efforts into best practices.
Top 10 Ways to Protect Against Web Threats
Protecting Data in a Highly Networked World
Laptop Security: Where Do CIOs See Weaknesses?
Data Protection Options Explained
Achieve a 50:1 Data Deduplication Ratio
War Gaming: How Intel Turned Its Workforce Into a Security Force
How RFID Improves Data Center Efficiency
Building Competitive Advantage with Next-Generation Wireless Infrastructure
Gartner on Data Deduplication Cost Savings
Into the Wild: Managing Laptops Outside the Office
Revolutionizing Endpoint Security with a Single Agent
Resource Alerts
Get instant email notifications by topic when white papers, webcasts, and case studies are added to our library.
Virgin'S in-Flight Wi-Fi Coming Monday
IT Slowdown Hits Dell'S Revenue, Net Profit
Wall Street Beat: Tech Shares Sink to 6-Year Lows
IT Slowdown Hits Dell'S Revenue, Net Profit
Oracle Subpoenas Firm That Hired Ex-TomorrowNow Workers
Sun Rolls Out Its Own Storage Appliances
Survey: US IT Spending Forecast Worst Since 2001
Google, Others Call for New Broadband, Energy Policies
Growth in US Online Advertising Slows Down Further in Q3
Why I Didn't Skip Microsoft Vista: Security
Just the basics, please. Sometimes we all need a refresher or we need to make sure our team and our colleagues are all on the same page.
Over 25 tutorials on everything from business intelligence to virtualization.
- CIO|
- Computerworld|
- CSO|
- DEMO|
- Game Pro|
- Games.net|
- IDG|
- IDG UK|
- IDG Connect|
- IDG Tech Network |
- IDG World Expo|
- Industry Standard|
- InfoWorld|
- ITworld|
- JavaWorld|
- LinuxWorld|
- MacUser|
- Macworld|
- Network World|
- PC World|
- Playlist|
- CIO UK|
- CIO Germany|
- CIO China|
- CIO Sweden|
- CIO Australia|
- Other CIO Sites
