Stories about: Amazon.com

An Information Security Policy is the cornerstone of an Information Security Program. It should reflect the organization's objectives for security and the agreed upon management strategy for securing information.

Apple on Monday patched 10 critical vulnerabilities in QuickTime, including one that was hinted at in a Mac hacking book three months ago.

In the early days of computers, many people were suspicious of their ability to replace human beings performing complex tasks. The first business software applications were mostly in the domain of finance and accounting. The numbers from paper statements and receipts were entered into the computer, which would perform calculations and create reports. Computers were audited using sampling techniques. An auditor would collect the original paper statements and receipts, manually perform the calculations used to create each report, and compare the results of the manual calculation with those generated by the computer. In the early days, accountants would often find programming errors, and these were computer audit findings.

Bruce Schneier shared his ideas about the psychology of security, and the need for thinking sensibly about security, in his hometown last week when he gave a lecture at the Weisman Art Museum in the US.

Talk to anyone who attends Black Hat USA conferences and you'll hear about how boring the talks are, how nobody learned anything new, how the hacks were known last year -- not to mention the ridiculous posers. Ask those same attendees if they plan to attend next year, and they say "yeah" as fast as a poker player pushing all in with pocket aces.

Amazon.com wants to sell your organization a whole lot more than books, music and electronics. Amazon, the Seattle-based e-commerce giant, wants to rent your organization storage space for your mission-critical data and virtual machines for doing your information processing. The offerings are enterprise-quality, and the prices are astonishingly low. But is it safe to trust your business to Amazon's infrastructure?

Online attackers have briefly disrupted service on at least two of the 13 "root" servers that are used to direct traffic on the Internet.

While two-factor authentication schemes face various snags, S/MIME is ready to help secure e-mail today.

The security industry has had a hard time defining spyware, much less eliminating it. But according to many, there's one type of spyware that's among the most dangerous: the botnet.

New worms have surfaced that attack a critical vulnerability in Microsoft's Windows 2000 Plug and Play service. Over the weekend, two variants of a new worm, dubbed Zotob, have begun circulating, though neither variant has become widespread, researchers say.