Cloud, mobility and bring-your-own-device (BYOD) computing are providing so many new potential ingress points to your network that it’s getting near impossible to keep up. The solution, as David Braue finds, lies in reconsidering your exposure, revisiting your IAM strategy – and picking your battles carefully.
Information security vendors are telling customers to think in a new way. At the core of their advice is the idea — the admission, if you like — that no matter how good the defences they sell, sooner or later the bad guys will get through.
Oracle on Friday released its February critical patch update for Java 7 two weeks ahead of schedule and days after Apple blocked it for the second time in a month.
Anonymity is an increasingly scarce commodity. Google's latest Transparency Report revealed government requests for data about users of its online services are increasing. It's not hard to find examples of threats to privacy — either intentional or unintentional.
Almost two years after ‘IPv6 day’ in 2011, security professionals cannot confidently manage security threats posed by the replacement to IPv4, according to the SANS Institute's Internet Storm Centre.
A vast majority of today’s workforce use USB memory sticks, they offer unequalled convenience for transferring data. In most situations, if the data is not confidential, a standard USB stick quite acceptable, but what do you use if your data is sensitive?
In order to improve productivity and minimise risk, most organisations need a reliable method of protecting their employees from unwanted email (spam) and malicious software (malware). In addition, it is also necessary to protect the corporate network by restricting access to inappropriate content.
Android doesn't rival BlackBerry when it comes to security and enterprise support. But Android devices can still be reasonably secure. Here are some tips to help you protect your investment, privacy and data.
Ponemon Institute asked 745 information-technology and security managers whether USB drives were important for business use, and if they were secure. What did the survey find?
Bookmarking these sites will help you protect your network, comply with government regulations and stay ahead of all the latest threats.
Stealthy, sometime long-term cyber-espionage attacks to steal sensitive proprietary information -- what some now call "advanced persistent threats" (APT) -- have become a top worry for businesses.
Data security is always top of mind for CIOs and CSOs, and there is no shortage of challenges when it comes to picking the right tool for the job. With network and software vulnerabilities growing at a perpetual rate, good security software can help defend against many of the large-scale threats that occur locally and from all over the Internet. In this edition of 5 open source things to watch, we take a look at security products that will guard against threats without robbing your kitty.
Contributions from free and open software makers can be found throughout the tech world. From your datacenter to the desktop and everywhere in between; there's an open solution to your computing needs. This is no less true in information security. My focus in this article is the several outstanding information security desktop tools that personify the innovation and ingenuity of the FOSS (Free and Open Source Software) world. Please keep in mind that all of these applications (except one) are cross-platform so you can find appropriate versions on whatever you run (BSD, Mac OSX, Linux or Windows). The examples herein, however, will be catered to the largest install base (statistically): Microsoft Windows.
For both enterprises and consumers, one of the big draws of Windows 7 has been its tighter security features.
If you have given your trusted employees and key contractors remote access to your network via a client virtual private network (VPN), congratulations! By now, you have seen the productivity and cost benefits from allowing collaboration that surmounts geographical separation.
The Industrial Revolution transformed four key aspects of society—innovation, transportation, communication and financial markets—changing the world forever. Although it began more than 200 years ago, there are surprising some parallels between this historically transformative period and IT security. The dynamics of the threat landscape and the increasing complexity of IT environments have given rise to a new era: The ‘Industrialisation of Hacking’.
There are three major attack vectors which must remain secure. Insider threats are related to users who interact with data. Opportunistic attacks deal with understanding the threat scape and global threat intelligence. Targeted attacks are related to internal intelligence; for example, where are my critical assets? What are they vulnerable to? Where are my counter measures? With a strong security connected framework we can begin to address all of these with one centralized security solution that is capable of looking at everything from endpoint, network, to data security. This webcast proposes best practices for: • Understanding and protect against insider, opportunistic and targeted attacks • Integrating the threatscape with one security solution that incorporates all types of attacks • Bringing together endpoint, network and data security into one unified control
The Prime Minister’s Department invited submissions to “Cyber Security White Paper” late in 2011. This is Brass Razoo’s submission that prosecuted the case for Australia to adopt a federated multi-factor authentication that could be deployed nationally. By extending existing identification systems administered by Government and Financial Service providers, the nation could build an identification and security system that would be the envy of the world.
The WildList is a compilation of sample viruses that have been submitted by security professionals from around the world. It is published each month to a select group of subscribers. Contributors can be any security professional, but the sample must be submitted by at least two respected sources before it will be included in the list.
Application security is currently one of the major battlegrounds in information security. Compromised web applications are ransacked for credit card numbers, personally identifiable information and is a major vector for spreading crimeware enabling criminals to defraud our banking institutions
Sign up now »
Get identity and password proliferation under control, reduce helpdesk costs and extend secure, single sign-on access to any enterprise application with a single solution.
- FTSenior Field Engineer - MSNSW
- FTSenior Python DeveloperNSW
- FT.NET - Sitecore Developer - Melbourne - PermNSW
- FTR&D EngineerSA
- FTTest Manager - IMMEDIATE STARTNSW
- FTSenior Python DeveloperNSW
- FTOS Web Applications DeveloperNSW
- FTSnr Web Developer PHP/Magento/API integration into E-commerce sites. $100k+SuperNSW
- FTSenior Python Web Applications DeveloperNSW
- FTQuality ManagerSA
- FTLead Software EngineerSA
- FTTechnical Account Manager - MSP + CloudVIC
- FTTest Analyst (MS Environment) .netNSW
- FTSenior Projects EngineerNSW
- FTSenior E-Commerce PHP Developer- North Sydney- E-commerce Software $110kNSW
- FTWeb Developer- Drupal and PHP. Exciting new position- #2 in Dev team.$100k+SuperNSW
- FTTest EngineerVIC
- FTTest Analyst (MS Environment) .netNSW
Incident handling is a vast topic, but here are a few tips for you to consider in your incident response. I hope you never have to use them, but the odds are at some point you will and I hope being ready saves you pain (or your job!).
- Have an incident response plan.
- Pre-define your incident response team
- Define your approach: watch and learn or contain and recover.
- Pre-distribute call cards.
- Forensic and incident response data capture.
- Get your users on-side.
- Know how to report crimes and engage law enforcement.
- Practice makes perfect.
I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.