HP Throttles Viruses,
Cracks OpenView Identity
The latest security announcements from Hewlett-Packard
Enterprise Systems (12/15/2004)
In
Brief
Charting spyware growth, identity theft at universities, safer Web
browsing
Enterprise Systems (12/15/2004)
Data Compliance? ZIP It Up
The challenges of data protection
must include all levels of competency in the chain of deployment.
IT
Compliance Institute (12/14/2004)
Best Practices for Basel II Outsourcing
Third-party “service banks” may
provide the manpower, but liability remains with the regulated institution.
IT
Compliance Institute (12/14/2004)
New
Enterprise Tools Attack Spyware
Spyware is a moving target. Pushing out one level of filters
just doesn’t cut it any more.
Enterprise
Systems (12/8/2004)
Case
Study: Outsourced Network Security Uses Behavioral Modeling
The Yankee Group predicts that by 2010, 90 percent of all security
will be outsourced. Here's how one company made its decision to choose
a pro-active security solution.
Enterprise
Systems (12/8/2004)
In
Brief
Microsoft, Solaris vulnerabilities; top spyware threats; IPS
use rising
Enterprise
Systems (12/8/2004)
Best
Practices: Coping with SEC E-mail Retention Guidelines
Meeting electronic discovery or regulatory requests for information
with rapid e-mail retrieval
IT
Compliance Institute (12/7/2004)
Q&A:
Can Wireless Networks Be Secured?
Denial is not a legitimate wireless strategy
Enterprise
Systems (12/1/2004)
Case
Study: Securing Network Bandwidth
A packet-shaping tool can help handle worm outbreaks.
Enterprise
Systems (12/1/2004)
In
Brief
Database and Imsecure vulnerabilities, search software flaw
enables sophisticated phishing attack
Enterprise
Systems (12/1/2004)
Case
Study: Finding and Fixing Security-Related Code Defects
Finding code problems was the challenge; a service provider's
analysis held the answer
Enterprise
Systems (11/17/2004)
Microsoft
and IBM Hone Security Warning Systems
Better security updates in the offing
Enterprise
Systems (11/17/2004)
In
Brief
Microsoft ISA vulnerability may lead to phishing attacks, a new
version of MyDoom targets the IFRAME vulnerability in IE, and survey
finds bank clients willing to defect over banks’ lack of ID theft
protections
Enterprise
Systems (11/17/2004)
Buy
time, patch virtually
Is speed the answer for patching Web applications?
SearchSecurity.com
(November 11, 2004)
Best
Practices: Patch Management
To more rapidly test patches and keep network configurations
from drifting, keep a closer watch on every device’s configuration
Enterprise
Systems (11/10/2004)
Does
Open-Source Software Mean Better Security?
Setting the open-source security record straight
Enterprise
Systems (11/10/2004)
In
Brief
Highly critical IE vulnerability lacks patch; new attacks reanimate
mobile AV
Enterprise
Systems (11/10/2004)
Surf's
Up
Matthew Schwartz finds safer alternatives to Internet Explorer
The
Times (11/06/2004)
Bias-Free
Security Testing
New security-risk management tools bridge the security/business gap
Enterprise
Systems (11/3/2004)
Missing
from SOX Compliance Efforts: IM Audits, Archives
With the November 15 deadline looming for many organizations, many companies
still don’t have a plan for auditing and archiving instant messages.
Enterprise
Systems (11/3/2004)
In
Brief
Blame unusable security, not users; Apple worm; high-speed IPS
Enterprise
Systems (11/3/2004)
Banks
Face New Instant-Messaging Rules
The FDIC's latest advisory can have a direct impact on your
compliance efforts.
IT
Compliance Institute (10/27/2004)
Ten
Best Practices to Secure Web Services
As more organizations embrace Web services (which opens back-office
processes to partners and the Internet), a problem is emerging: who
inside the organization is in charge of Web services security?
Enterprise
Systems (10/27/2004)
Google
Desktop Search Tool Raises Security Concerns
Free hard-drive indexing utility raises corporate security and
privacy questions
Enterprise
Systems (10/27/2004)
In
Brief
Antivirus and browser vulnerabilities, unsubscribe may be unwise
Enterprise
Systems (10/27/2004)
Understanding
the 'Hole' Truth
Small to medium-sized businesses (SMBs) have been slow to
tackle known vulnerabilities
SearchSecurity.com
(10/22/2004)
Thwarting
Next-Generation Denial-of-Service Attacks
Domain name registrar copes with DoS spike
Enterprise
Systems (10/20/2004)
Q&A:
Using Business Rules to Tackle Vulnerabilities
Identifying business assets to aid threat mitigation
Enterprise
Systems (10/20/2004)
In
Brief
Top 20 Windows/Unix vulnerabilities, Microsoft flaws and fixes
Enterprise
Systems (10/20/2004)
Endpoint
Security Grows But Interoperability Questions Remain
Increasingly, PCs must prove they're secure before a user
can log onto the network
Enterprise
Systems (10/13/2004)
Case
Study: Credit Union Encrypts Data onto Secure USB Keys
How one financial company distributes secure information to its board
of directors, many of whom work in an insecure environment
Enterprise
Systems (10/13/2004)
In
Brief
Human error and security; AOL's two-factor authentication; September
viruses
Enterprise
Systems (10/13/2004)
Factor
Content Management into Your Compliance Efforts
Organizations may need to invest in new content management software
to comply with Sarbanes-Oxley and HIPAA.
IT
Compliance Institute (10/12/2004)
Best
Practices: Security Budgeting for 2005
IT must cope with under-funded regulations, more CIO leeway
Enterprise
Systems (10/6/2004)
Software
vaults secure sensitive information
Software vaults are increasing the solution for securing passwords,
notes from the board of directors, and more
Enterprise Systems (10/6/2004)
In
Brief
RealPlayer and JPEG vulnerabilities; security insurance
Enterprise
Systems (10/6/2004)
Smart
Cards Gear Up For Biometrics
Smart cards, currently a favorite of governments and large
corporations, are getting more powerful, incorporating Java and USB
technologies.
Enterprise
Systems (9/29/2004)
Patch
or Perish: Symantec Notes Dramatic Increase in Threats
Symantec's assessment of system vulnerabilities in the first half of
this year shows a dramatic increase in the number and potential destruction
of security threats.
Enterprise
Systems (9/29/2004)
In Brief
Banks help ID thieves; unified security appliances; server security
Enterprise
Systems (9/29/2004)
Case
Study: Outsourcing Network Management and Security
How one company found an outsourcer able to mange its network
equipment and offer cogent security advice
Enterprise
Systems (9/22/2004)
Best
Practices: IM Monitoring
Under pressure from such regulations as HIPAA, the Gramm-Leach-Bliley
Act, and Sarbanes-Oxley, companies increasingly have to account for
their corporate instant messaging policies. Yet many organizations don’t
have rules for IM use.
Enterprise
Systems (9/22/2004)
In
Brief
Symantec grabs @Stake; JPEG vulnerabilities; Mozilla holes; Sniffer
worm
Enterprise
Systems (9/22/2004)
Case
Study: Law Firm Isolates Potential Threats
Office uses one-stop monitoring for attacks and vulnerabilities
Enterprise
Systems (9/15/2004)
Inside
Attackers Often Unremarkable, Warns CERT
Most attacks are relatively unsophisticated, planned in advance,
conducted during normal business hours, and start from inside the organization.
The common driver comes as no surprise: money.
Enterprise
Systems (9/15/2004)
In
Brief
New security legislation; the future of e-mail and IM security
Enterprise
Systems (9/15/2004)
Digital
Certificates Get Pentagon, Regulatory Boost
Once they seemed doomed, but public key infrastructure is taking
off, driven by e-commerce servers, Pentagon requirements, and government
regulations.
Enterprise
Systems (9/8/2004)
Yankee
Group Says Security Outsourcing Set to Explode
Managed security service providers to dominate security market
by 2010
Enterprise
Systems (9/8/2004)
In
Brief
Most unsolicited e-mail originates in U.S., survey finds; securing
storage; name-dropping attacks
Enterprise
Systems (9/8/2004)
Isolate
this: Security quarantines grow
Mobile PCs can reintroduce viruses and malware to corporate networks.
In response, more security managers are using network quarantining and
endpoint-security checks to vet PCs before granting full-network access.
Security
Wire Perspectives (September 3, 2004)
Passing
the WLAN Security Buck
Company offers outsourced wireless LAN to overcome security vulnerabilities
Enterprise
Systems (9/1/2004)
Case
Study: Circumventing Web Services Security Problems
Aeroplan adopts an XML firewall
Enterprise
Systems (9/1/2004)
Security
Briefs
Sun Solaris/Apache, Netscape/Sun, Winamp Vulnerabilities
Enterprise
Systems (9/1/2004)
How
secure are you?
A bias-free security testing methodology can help your organization
move beyond general best-security practices, to discern how many systems
are actually protected.
Security
Wire Perspectives (August 30, 2004)
CA
Jumps into Anti-Spyware Market
Acquisition of PestPatrol signals single-console management of viruses,
spam, and spyware may not be far away.
Enterprise
Systems (8/25/2004)
Wild
Kingdom: Life and Quick Death of a Phishing Site
Enterprise
Systems (8/25/2004)
Briefs
More XP SP2 woes, fraud awareness survey, Can-Spam's failure
Enterprise
Systems (8/25/2004)
New
Technology Combats Zero-Day Attacks
Exploits expected to get worse, putting even more pressure on security
managers
Enterprise
Systems (8/18/2004)
Web
Caller-ID Arrests Spoof Sites
New technology in a user-friendly toolbar intercepts users from visiting
such sites
Enterprise
Systems (8/18/2004)
In
Brief
Delaying XP Upgrades, AOL IM Buffer Overflow, Virus Source
Enterprise
Systems (8/18/2004)
Tackling
Compliance for Lotus Notes
Most companies don't know if security information is leaving an
organization via e-mail, and few tools address Lotus Notes specifically.
Here's one that does.
IT
Compliance Institute (8/17/2004)
VoIP
Growth Brings Focus on Security Holes
Use of the Internet for telephone calls brings to the fore how security
concerns could now spread to your once-secure communications system.
Enterprise
Systems (8/11/2004)
Digital
Certificates Secure Web Services, Mobile Communications
Public key infrastructure isn't dead yet.
Enterprise
Systems (8/11/2004)
Briefs
Problems Found in Graphics Library, Mozilla, and PDAs
Enterprise
Systems (8/11/2004)
Case
Study: UCI Cinema Adopts SSL VPN for Anytime, Anywhere Access
With personal e-mail available in an instant from any connected
PC via free Web-mail accounts, users want to know why their corporate
e-mail, applications, and documents can’t behave the same way.
Enterprise
Systems (8/4/2004)
Regulations,
Productivity Spark Enterprise IM Adoption
Free and paid instant messaging use will rise dramatically in
the next four years
Enterprise
Systems (8/4/2004)
In
Brief
Samba Exploits, Dumping IE, and Securing iPaqs
Enterprise
Systems (8/4/2004)
Turn
E-mail Compliance to Your Advantage
The answer isn't to back up everything, but to back up strategically.
Here's one approach.
IT
Compliance Institute (8/3/2004)
Linux
Gets Host Application Security
New modules in the Linux 2.6 kernel make for easier host-based application
security.
Enterprise
Systems (7/28/2004)
Locking
Down Endpoints to Prevent Virus Resurgence
Verifying PC security compliance before granting network access
Enterprise
Systems (7/28/2004)
Briefs
IM Migration Deals, Mobile Viruses, and Zip-File Vulnerabilities
Enterprise
Systems (7/28/2004)
Q&A:
Eradicating Spyware in the Enterprise
Finally there's software to let enterprises remove spyware.
Enterprise
Systems (7/21/2004)
Case
Study: Managing Zip Files with Security Controls
System vulnerabilities can creep in through compressed files.
But does completely blocking their use make for good security policy?
Enterprise
Systems (7/21/2004)
Briefs
Microsoft details vulnerabilities (including extremely critical
IE problems); safeguarding CAD drawings in your browser
Enterprise
Systems (7/21/2004)
Auditing
Data for Regulatory Compliance
Monitoring and securing enterprise
databases to meet SOX regulations
IT
Compliance Institute (7/20/2004)
Best
Practices: Securing IM Against Attacks
Free instant messaging services are just one of the many security
holes facing corporate IT
Enterprise
Systems (7/14/2004)
IT
Turns to SMTP-Level E-mail Blocking
New approaches focus on stopping unsolicited e-mail before it's
even received
Enterprise
Systems (7/14/2004)
In
Brief
Windows XP security best practices, better SAML administration
Enterprise
Systems (7/14/2004)
Web-mail@war
Web-based e-mail giants are up for a fight
The
Times (July 10, 2004)
Corporate
Governance Task Force Pushes Security Best Practices
Security becomes a boardroom issue
Enterprise Systems
(7/7/2004)
Attacks
Against Financial Services Double
Already under the regulatory gun, attacks against
the IT infrastructures of financial services firms have doubled in the
last year
Enterprise Systems
(7/7/2004)
Briefs
A new Internet Explorer security flaw; heading
off phishing attacks
Enterprise Systems
(7/7/2004)
Slipped
disks
Who’s reading your old PC files?
The
Times (July 3, 2004)
Will
spyware whither under new enterprise tools?
Examining solutions to detect and eradicate
spyware
Security
Wire Perspectives (July 1, 2004)
Rethinking
Security/Network Boundaries
IT is reassessing how network administrators and security personnel
can work together more effectively
Enterprise
Systems (6/30/2004)
Wireless
Networks Continue to Bleed Data, Study Reveals
New study says 80 percent of companies have at least some unsecured
wireless traffic
Enterprise
Systems (6/30/2004)
Security
Briefs
Active X Allows File Loading; Defining Spyware
Enterprise
Systems (6/30/2004)
Q&A:
New Technology For Encrypting Sensitive, Stored Data
New approaches make it easier than ever to add network-wide transparent
data encryption
Enterprise
Systems (6/23/2004)
Security
Briefs
Vulnerabilities target mobile devices, RealPlayer; Tivoli adds
.NET support
Enterprise
Systems (6/23/2004)
Q&A:
Top Tips for Outsourcing Security
Symantec's head of Managed Security Services offers his perspective
on what you should look for when considering a move to outsourced security
Enterprise
Systems (6/16/2004)
Used
Laptops Offer Secrets for Sale—Cheap
Even laptops with hard drives that had been erased and defragged
were easily hacked to reveal company secrets
Enterprise
Systems (6/16/2004)
Security
Briefs
New vulnerability erases hard drives; open source tool at risk;
Oracle SQL exposure
Enterprise Systems (6/16/2004)
Survey
Says Infosec Managers Need More Training
Undereducated security workers are the leading cause of security
breaches, according to two new studies.
Security
Wire Perspectives (June 14, 2004)
Q&A:
Stress Testing Your Network Against DoS Attacks
While most companies don’t face worms designed to turn computers
against them, denial-of-service attacks remain a problem. How can organizations
stress test their network against such attacks? We turned to Alan Newman
of Spirent Communications, which manufacturers network stress-testing
appliances and simulation software, for some ideas.
Enterprise
Systems (6/9/2004)
Security
Event Management: It Pays to be Proactive
To resist downtime and attacks, many organizations are turning to security
event management software, which collects and analyzes information from
a variety of devices, PCs, servers, and firewalls, giving security administrators
a consolidated view of network security.
Enterprise
Systems (6/9/2004)
Security
Briefs
Hate sites and corporate liability; weak PDA data protection
Enterprise
Systems (6/9/2004)
Can
an Apple a day keep security issues at bay?
Is the Apple Macintosh and its OS X operating system an enterprise
security contender -- or should it be?
Security
Wire Perspectives (June 3, 2004)
Protecting
Customer Data at the Browser Level
Once information appears in a browser, users can copy or print it as
they please. Security managers have a new option for safeguarding such
content.
Enterprise
Systems (6/2/2004)
Case
Study: Choosing Outside Help to Meet Security Regulations
Finding just the right provider can be tricky. How one company made
its decision.
Enterprise
Systems (6/2/2004)
Security
Briefs
CA's Updates AV, IM Problems Grow, Wardriving Primer Released
Enterprise
Systems (6/2/2004)
Quantifying
the Threat from Insiders
Your greatest security risk may not come from outside attacks but from
your own employees. Setting policies and procedures aren't enough to
stop the problem, but new security event management technology can help.
Enterprise
Systems (5/26/2004)
SCO
Identity Manager Supports Single Sign-on Across Environments
A new Microsoft initiative eases management headaches by building management
features into products that can be accessed by a variety of enterprise
management tools. SCO's Vintela Authorization may give us a glimpse
into how Microsoft networks can finally play nice with other operating
systems.
Enterprise
Systems (5/26/2004)
Security
Briefs: WiFi Attacks, Outlook Vulnerability
DoS attacks possible on 802.11 devices, public access points
particularly vulnerable; tricking Outlook 2003 to download and run files
Enterprise
Systems (5/26/2004)
Security
Companies to Congress: Listen Up
Vendors form Cyber Security Industry Alliance to coordinate Washington,
boardroom approaches to security
Enterprise
Systems (5/19/2004)
Case
Study: Secure IM and Workspaces for Project Teams
Nektar Therapeutics security unites teams inside—and outside—the
company
Enterprise
Systems (5/19/2004)
Security
Briefs
Despite arrest, worm exploits continue; Microsoft Help vulnerability
revealed; Symantec firewall management improved
Enterprise
Systems (5/19/2004)
Dispelling
Log Data Retention Myths
Retaining data isn't enough. IT faces a host of regulations that
address maintaining log files—tracking who did what and when—along
with the requiring access to them in very short order.
Enterprise
Systems (5/12/2004)
Survey:
CEOs Crave Better Perimeter and Access Controls
Not knowing who’s accessing what is a recipe for auditing
disasters
Enterprise
Systems (5/12/2004)
Security
Briefs: Worm Attacks Unpatched Computers; Apple Closes Vulnerability
Global organizations go offline to prevent Sasser damage; Apple
patches QuickTime, OS X to close buffer overflow vulnerability
Enterprise
Systems (5/12/2004)
Case
Study: Mohegan Sun Bets on Virtual Password Vault
The Connecticut casino and entertainment center uses password management
software, which acts as an intermediary with applications, to ensure
passwords are available—and secure—around the clock.
Enterprise
Systems (5/5/2004)
Host
Intrusion Prevention: A New Approach to Keeping Systems Safe
Host-based intrusion prevention runs as a software agent on a
user's system, looking for unauthorized actions
Enterprise
Systems (5/5/2004)
Security
Briefs: April Recap, Can-Spam Charges
Top vulnerabilities include a virus and a Hotmail hoax; FTC charges
spammers
Enterprise
Systems (5/5/2004)
Biometric
IDs OK With U.K.
About 80 percent of 1,000 British adults recently surveyed say they
want a biometric identification card, citing concerns about illegal
immigration and identity theft.
Wired News (April 30, 2004)
Cloaking
Assets With Identity-Level Firewalls
New technology lets you hide and verify network identity inside
the packets themselves.
Enterprise Systems (4/28/2004)
Configuration
Management Goes Mobile
New software fixes mobile computers that deviate from corporate standards
Enterprise Systems (4/28/2004)
Security
Briefs: Two Protocol Vulnerabilities Disclosed
TCP vulnerability exploit found in the wild;
buffer overflow weakness uncovered in Microsoft PCT protocol
Enterprise Systems
(4/28/2004)
Minnesota
Universities Opt for On-Demand CRM
Moves to hosted customer relationship management software are
no isolated occurence, says Ovum senior consultant Alex Kwiatkowsky:
"The whole CRM space is now being turned on its head."
CRM Buyer
(4/27/04)
Q&A:
Securing Mobile Workers
By 2006, over half the U.S. workforce will be mobile. Security managers
face a daunting task.
Enterprise
Systems (4/21/2004)
Disabling
Rogue WLAN Access
Detect, then actively block, unauthorized WLAN users
Enterprise
Systems (4/21/2004)
Worst
Security Problem: Attachments
Security policies and education aren't enough
Enterprise
Systems (4/21/2004)
No
canning, but spammers on notice
New legislation aims to further trim spammers' numbers.
Security
Wire Perspectives (April 15, 2004)
Case
Study: Securing Mail Transactions in Any Form
Encrypting information and keys in hardware
Enterprise
Systems(4/14/2004)
Businesses
Ignore Mobile PDA Threat
When it comes to mobile devices, why do so many companies avoid
the security issues?
Enterprise Systems
(4/14/2004)
In
Brief
Cisco sign-on, IE cross-scripting lead vulnerabilities this week
Enterprise Systems
(4/14/2004)
Case
Study: Stopping Leaks of Program Code
Using pattern matching with information taxonomy tools to track
sensitive information leaving the company
Enterprise Systems
(4/7/2004)
Human
Error Tops List of Vulnerabilities
Only half of respondents in a new survey say their company has a
written security policy. Furthermore, despite the increases in threats,
many organizations have been slow to make the appropriate investments
in time and budget to properly address them.
Enterprise Systems
(4/7/2004)
Security
Briefs: Encrypted Attachments Carry Threats
Sneaking vulnerabilities into the enterprise through encrypted attachments
pose new problems; ISPs will spend $245 million this year to combat
problems, in large part because of home users.
Enterprise Systems
(4/7/2004)
The
Battle Grows Beyond Low Prices
Hosting providers 1and1 Internet and Server4You attack the U.S. hosting
market. To succeed, they'll need more than low prices. (Part two of
two parts. Here's part
one.)
HSPstreet.com
(April 1, 2004)
Q&A:
Single-System Message Management
It's not just a matter of blocking unsolicited e-mail. Today's security
professionals need to protect against outbound as well as inbound problems
Enterprise Systems
(3/31/2004)
Security
Managers Report Virus Problem Worse
New report charts security manager dissatisfaction
Enterprise Systems
(3/31/2004)
F-Secure
Targets Attacks on Linux
As popularity of Linux grows, company predicts increasing attempts
to create malicious programs that will attack it
Enterprise Systems
(3/31/2004)
Memo
to the U.S.: German Hosting Providers Arrive
In the past eight months, two of Europe's largest hosting providers
have hit U.S. shores. Will their low prices entice customers? (Part
one of two parts. Here's part
two.)
HSPstreet.com
(March 30, 2004)
Best
Practices: New Standard Helps Companies Prove Their World-Class Security
Interest is growing in a new British Standard—BS7799—that
is slowly being adopted outside of Britain; companies adopting the standard
may find they've implemented a best-practices security program.
Enterprise Systems
(3/24/2004)
Combating
Apathy with Free Security Check
WholeSecurity gives businesses the ability to offer their customers
an opt-in PC security sweep to quarantine malicious software
Enterprise Systems
(3/24/2004)
Briefs:
Vulnerabilities in CPanel, ISS products, Symantec Internet Security
New warnings about Web hosting control panel protection, ISS server-response
processing, and Symantec's security software
Enterprise Systems
(3/24/2004)
Case
Study: Securing Systems You Don't Directly Control
The University of Colorado Hospital struggled to keep its network
secure to comply with HIPAA regulations, made difficult because IT didn't
have direct control over some connected systems.
Enterprise Systems
(3/17/2004)
ASN
Security Issues Run Deep, Forrester Warns
Security flaws reveal weaknesses in Microsoft's Abstract Syntax
Notation One, a cryptographic and authentication mechanism in use by
every Window operating system. The problem is with the compiler, not
the applications themselves. It's time for developers to patch and recompile
quickly.
Enterprise Systems
(3/17/2004)
New
Breed of Attack Targets Microsoft Outlook XP Users
Microsoft upgrades Outlook XP's vulnerability to "critical" after
researcher finds additional flaws; company urges patch be applied quickly
Enterprise Systems
(3/17/2004)
Europe
Considers Harsh Piracy Law
The European Union will likely enact a law to give local police
more power to seize the assets of suspected intellectual-property thieves.
Opponents say the law is just too severe.
Wired News (March 16, 2004)
Senate
takes aim at spyware
A new federal bill seeks to eliminate spyware, which is often used to
commit identity theft and to steal intellectual property.
Security
Wire Perspectives (March 11, 2004)
Case
Study: Protecting Intellectual Property On the Go
Kettering Medical Center finds a solution
to who sees the data, for how long, and how much data a user can view.
Enterprise Systems (3/10/2004)
Touching
SAP Data: User Access and Biometrics
Enterprises can record when users access data in an SAP system,
but biometrics makes it possible to add physical evidence to the log.
Enterprise Systems (3/10/2004)
Worm
Writers One-Up Each Other
The battle to capture your e-mail address has gone to new levels:
deleting competing worms.
Enterprise Systems
(3/10/2004)
Microsoft
Says Security Improvements Coming
The company is querying its user base for security enhancements;
meanwhile, security option defaults will be changed in future releases
and updates.
Enterprise Systems
(3/3/2004)
Case
Study: Meeting Customer Demand for Secure Statements
Rather than navigating a Web site to see their data, customers at New
York Life Investment Management Retirement Services enter only a username
and password to see statements in an HTML e-mail attachment.
Enterprise Systems
(3/3/2004)
Q&A:
Managing Security Through Enterprise Procurement
Simplifying the time-consuming process of setting up security, and changing
security permissions quickly, can often be handled through procurement
software.
Enterprise Systems
(3/3/2004)
Alerts
New Vulnerabilities Steal Financial Data Via ICQ, Target P2P File Traders,
and Delete Office Files
Enterprise Systems
(3/3/2004)
Case
Study: Fielding Service Calls Securely
Securing common, Internet-connected, mobile devices requires a new
approach. Schindler Elevator Corp. found one.
Enterprise Systems
(2/25/2004)
Briefs
E-mail fraud and vulnerabilities, plus the impact of Microsoft's
source code leak
Enterprise Systems
(2/25/2004)
Alerts
Sarbanes-Oxley; partnering for security; security certification
guide
Enterprise Systems
(2/25/2004)
Bluetooth
hygiene for the enterprise
Security managers must reexamine Bluetooth deployments in the face of
two recent Bluetooth vulnerabilities.
Security
Wire Perspectives (Feb. 23, 2004)
Q&A:
Real-Time Database Monitors May Ease Regulatory Headaches
Near-real-time monitoring may help your company catch attackers and
restore altered data.
Enterprise Systems
(2/18/2004)
Top
Three Security Problems Remain Despite Increased Spending
Companies turn to managed Service providers for help; desktops dominate
security budgets as patches average $234 per machine.
Enterprise Systems
(2/18/2004)
Security
Briefs
Microsoft Warns of Critical ASN.1 Vulnerability; More Doom Unleashed
Enterprise Systems
(2/18/2004)
Beyond
Perimeter Defense: Securing Online Transactions
Encrypting, monitoring, and auditing access to actual data
Enterprise Systems
(2/11/2004)
MyDoom
Details from Kaspersky Labs
Newest vulerabilities feed on old worm to take aim at Microsoft's
Web site
Enterprise Systems
(2/11/2004)
Solving
the Patch Management Headache
Best practices in keeping the desktop secure
Enterprise Systems
(2/11/2004)
Briefs
New Mydoom variants; Vulnerabilities in IE browser, Checkpoint products;
January a banner month for threats.
Enterprise Systems (2/11/2004)
Companies
Defect as Anti-virus Software Struggles with Worms
The latest threats have companies reconsidering their anti-virus
tools, wondering if AV is becoming irrelevant. Increasingly, companies
are looking at application-level personal firewalls and all-in-one gateway
hardware for PCs.
Enterprise Systems
(2/4/2004)
Can-Spam,
Laced with Loopholes, Creates Confusion
New legislation has failed to stem the tide of unsolicited e-mail,
protecting e-mailers who follow the letter but not the spirit of the
law.
Enterprise Systems
(2/4/2004)
First
Worm Outbreak of the Year Packs a Wallop
MyDoom monopolizes Internet via e-mail harvesting, P2P file sharing,
back door
Enterprise Systems
(1/29/2004)
Product
Shootout: Intrusion Prevention
Third-party testing firm analyzes leading IDS products, encounters
surprises.
Enterprise Systems
(1/28/2004)
Guarding
Against Your Partner's Web Services Flaws
Coding errors in Web Services code at your partners can trigger
problems on your own systems.
Enterprise Systems
(1/28/2004)