Offering regional and national programs, CIO (and CSO) events bring together some of the most respected names and thought leaders in information technology and security. Presented by CIOs and other senior level executives, these invitation-only programs offer timely topics and strong networking. Learn More »
Social Responsibility's Strategic Benefits
December 15, 11:30 AM - 12:30 PM US/Eastern (GMT-5)
Join Ed Granger-Happ, CIO of Save the Children, for a discussion of how creating an organization that is socially responsible improves staffing, retention, leadership development and overall corporate health.
Working With and Communicating to Your Board of Directors
January 13, 2009, 4:00 PM - 5:00 PM US/Eastern (GMT-5)
CIO panelists who will share tips and experiences working with their boards: Twila Day of SYSCO; Jeff O'Hare, West Corp.; Marc West, formerly with H&R Block.
IT's Role in Growing Mid-Market Companies
January 14, 4:00 PM - 5:00 PM ET (GMT-5)
Mid-market Council members will share their companies' stories and challenges in driving or coping with growth. Panelists represent Veterinary Pet Insurance, Medicis Pharmaceutical, and Intrax Cultural Exchange.
Learn more about the CIO Executive Council »
Apply today for a FREE subscription to CIO Magazine!
How Microsoft's Patch Tuesday Affects Business Processes and Security
An entire industry has grown up around Microsoft Patch Tuesday: The five-year push for predictable, scheduled security fixes has spawned both Microsoft and third-party vendor tools specifically to deal with the complexity of installing Microsoft security patches.
July 09, 2008 — CIO — Time: The second Tuesday of every month, 10:00 a.m. PST. Like clockwork, Microsoft releases a group of security patches. And like clockwork, that release sets in motion a flurry of events from businesses, security vendors, the media and even hackers.
Microsoft Patch Tuesday, as it is widely known, started in October of 2003 at the request of Microsoft's customers, who preferred to receive patches in an organized way, at a specified time, explains Christopher Budd, Microsoft's security response communications lead. The change was made to make testing and deploying updates easier and more predictable.
In formalizing the process, Microsoft gave customers what they wanted, but in doing so, they also fostered a bustling industry around those monthly patches.
It's a pattern that repeats every month: On the Thursday before Patch Tuesday, the Microsoft Security Response Center (MSRC) issues an advanced notification about what will be included. On Patch Tuesday, customers that have signed up for the Security Notification Service receive a notice alerting them of the newly available security updates. Users can then download the security update using a variety of Microsoft or third-party tools—ones that have sprung up specifically to deal with the complexity of what and how to install Microsoft security patches.
Because of these complexities, an entire industry has grown up around Patch Tuesday. Businesses race to quickly determine which are the most critical for their users and which might inadvertently cause more problems than they solve. Security firms rapidly implement fixes to their own systems and push them out to users. The press floods the public with descriptions and warnings, and hackers work to reverse-engineer the patches to discover and use the vulnerabilities to their own advantage.
"Every Patch Tuesday sets off a race where companies try to get their computers patched before they accidentally hit a website with hacker code," says Brian Livingston, editor of Windows Secrets newsletter.
A Necessary Evil
With all of this activity going on, it's no wonder that many companies don't relish the process of determining which patches are most important to push out to all PCs on the network and which can wait until later. In addition, some patches can cause more problems than they solve, due to incompatibility and instability issues.
"Companies need to learn as much about these patches as they can to know which ones are essential, which can be delayed and which shouldn't be installed under any circumstances," Livingston says.
FORTUNE 100 insurance leaders rely on the Symantec Data Loss Prevention solution to protect sensitive customer data.
Do you know where your confidential data is, where it is going, and how to prevent it from leaving your organization.
Learn what the thought-leaders at PricewaterhouseCoopers have to say on the risks associated with data security.
Incorporate best practices from many companies using DLP solutions as you establish your organization's requirements and safeguard confidential data.
35 U.S. organizations that lost confidential information and had a regulatory requirement to publicly notify affected individuals are studied in this report.
Unlock the Power of Device ID to Combat Online Fraud and Abuse
The Business Case for Web Application Firewalls, by Ken Tyminski, former VP and CISO for the Prudential Insurance Company of America
Quest Authentication and IBM Tivoli Identity Management
Integrating ActiveRoles With IBM Tivoli Identity Manager 5.0
Check Point Endpoint Security - Unifying Essential Components
Turn your information management best efforts into best practices.
Protecting Sensitive and Confidential Information with Endpoint Security
Revolutionizing Endpoint Security with a Single Agent
How RFID Improves Data Center Efficiency
Building Competitive Advantage with Next-Generation Wireless Infrastructure
Gartner on Data Deduplication Cost Savings
Into the Wild: Managing Laptops Outside the Office
Resource Alerts
Get instant email notifications by topic when white papers, webcasts, and case studies are added to our library.
Microsoft Releases Next Wave of Windows Live Services
Report: Former AOL CEO Miller Trying to Buy Yahoo
Sierra Wireless to Buy Wavecom
Zoho Releases SQL-Based Data-Access Service
Open-Source Developers Set Out Software Road Map for 2020
VMware Expands Desktop Virtualization Capabilities
IE Share Slips Under 70% as Firefox Surges Past 20%
Filing: SAP Co-CEO had Concerns About TomorrowNow Deal
Windows Market Share Drops Below 90% for First Time
Apple Quietly Recommends Using Antivirus Software
Just the basics, please. Sometimes we all need a refresher or we need to make sure our team and our colleagues are all on the same page.
Over 25 tutorials on everything from business intelligence to virtualization.
- CIO|
- Computerworld|
- CSO|
- DEMO|
- Game Pro|
- Games.net|
- IDG|
- IDG UK|
- IDG Connect|
- IDG Tech Network |
- IDG World Expo|
- Industry Standard|
- InfoWorld|
- ITworld|
- JavaWorld|
- LinuxWorld|
- MacUser|
- Macworld|
- Network World|
- PC World|
- Playlist|
- CIO UK|
- CIO Germany|
- CIO China|
- CIO Sweden|
- CIO Australia|
- Other CIO Sites
