Security

Tue, September 08, 2009 - A good security manager has to anticipate that unexpected problems will crop up. You have to be alert to the notion that anytime the business makes a move, it could open up a new vulnerability.

Thu, September 03, 2009 - "I read about fraud all the time -- hackers, online gangs, angry employees, etc. It seems like it's on the rise. Why is this so hard to detect and how can we prevent fraud in our organization?"

Thu, September 03, 2009 - We should have eradicated SQL injection attacks by now. SQL injection should be the Internet generation's smallpox or polio -- gone for good. Countermeasures are readily available and understood. They're easy to implement. And yet, I keep seeing headlines like, "Huge Web hack attack infects 500,000 pages."

Wed, September 02, 2009 - I have generally supported the government's border search policies. But I am horrified by the recent DHS Privacy Office's approval of searches of electronic devices without suspicion. It is wrong for many reasons; from the constitutional to the logistical.

Wed, September 02, 2009 - As an IT security professional, I was tasked with evaluating the iPhone's security features for the enterprise. Over the past few weeks, I have been testing different aspects of the new iPhone 3GS, particularly the interaction with Exchange ActiveSync (EAS) and device password policies. During my testing, I discovered some strange behaviors with how the iPhone handles device password policies, as well as passwords altogether.

Tue, September 01, 2009 - Spam costs organizations $712 per employee/per year, according to Nucleus Research. However, these staggering numbers don't even take into consideration one of spam's latest victims: enterprise mobile users. Spam targeted at smart phones is on the rise and becoming a growing security and productivity concern.

Tue, September 01, 2009 - Data leakage or data loss prevention systems have gradually entered the mainstream as their increasing maturity has allowed increasing adoption. From barely registering in our research two years ago, we now find different forms of DLP in about one-third of enterprises in Nemertes Research's spring 2009 benchmark study.

Mon, August 31, 2009 - Many companies have rushed into the cloud without a security strategy, and that's a recipe for trouble.

Fri, August 28, 2009 - This is traditionally a slow news week in IT, and this year did not break with that tradition, leaving us time to enjoy the waning days of warm weather here in Boston between following the flurry of reports about Apple's new OS, which captured the lion's (or the leopard's as it were) share of major headlines. Otherwise, we had some odd stories, what with U.S. governors receiving mysterious shipments of laptops, with a fair bit of news also coming to us out of China.

Thu, August 27, 2009 - As the economy sputters, small business owners remain intently focused on the bottom line. So a conversation about adhering to Web site privacy best practices might seem a bit--well, off topic. However, if your business sells anything online, few things are more important than your online reputation.