Stories by: Simson Garfinkel

Amazon.com wants to sell your organization a whole lot more than books, music and electronics. Amazon, the Seattle-based e-commerce giant, wants to rent your organization storage space for your mission-critical data and virtual machines for doing your information processing. The offerings are enterprise-quality, and the prices are astonishingly low. But is it safe to trust your business to Amazon's infrastructure?

Virtualization is the hot new trend in corporate data centers today. Virtualization servers from Microsoft, VMware and XenSource allow many virtual computers to run on a single (real) computer system. In practice, this means that 20 or 30 physical servers in a machine room can be turned into the same number of virtual machines running on a single physical system with two, four or eight processors.

Disk-level encryption provides a safety net without a hassle 

While two-factor authentication schemes face various snags, S/MIME is ready to help secure e-mail today.

Sony, Apple and especially Microsoft illustrate differing approaches to Digital Rights Management.

Organization after organization has disclosed that critical data banks have been compromised by hackers, couriers or consultants. The causes range from lost backup tapes to lost laptops to network hacks. What most of these cases have in common is the lack of strong technical measures to protect data that is by its nature highly sensitive.

With somewhere between 80 percent and 95 percent of all Internet messages now consisting of spam, phishing attacks and e-mail based worms, organizations have been forced to filter their incoming mail more aggressively than ever before.

The old network security model -- perimeter defense -- was a lot like the old physical security model: Put your assets in a secure location, build a wall and use a gate to control who goes in and out. Many today say the perimeter model is obsolete; some even say the perimeter should be removed altogether. While today it's critical to understand the shortcomings of the castle-and-moat model, CSOs should be a long way from tossing their firewalls altogether.

Should software vulnerabilities be discussed in public? Cisco has strong opinions about that, particularly when it comes to its own software.

These long-standing logs can help you monitor your networks and employees. So before you invest in a new kind of data collection system, review your log files. The information you want might already be in there.