Wireless / Mobile Security
News
Researcher finds latest Office zero-day was first used in 2009
Attack Word documents designed to lure victims into opening them were crafted to fetch a PNG image file that contained an exploit for vulnerable versions of Office
Location security, app bundling helping St John of God manage mobility
With the 2015 completion of its $430m Midland Public and Private Hospitals on the horizon, Perth-based St John of God Health Care is repackaging hundreds of corporate applications and adding location-based intelligence to its device management to maintain consistent security controls over information no matter where its mobile users are located.
CSO Roundtable : Effective Mobile Security
Although BYOD security gets the headlines, IT managers find issues like device management, scope management and support just as challenging.
At the recent CSO Australia Mobile Security roundtable, held at AusCERT, 21 guests thrashed out their experiences and concerns.
Public comment open as ISP association updates icode for new security threats
The Internet Industry Association (IIA) will accept public feedback for the next three weeks after completing its review of the icode – the ISP association’s voluntary code of conduct – with a view to a major update that will address mobile and other evolving security threats.
Malware’s typical network behaviour makes it easier to spot: Palo Alto
The hardest part of maintaining a security defence is figuring out the things we don’t know – but by applying monitoring to all network traffic and simplifying accessibility to analytics tools, it’s easier than ever to ferret out new malware and seal perimeters that have been compromised by mobile devices, a Palo Alto Networks analyst has advised.
Slideshows
From Anonymous to Hackerazzi: The year in security mischief-making
These days barely a day goes by where there isn’t some sort of network security breach or hack or malfunction of some sort. This year too we had the rise of groups such as Anonymous and Lulz that sought out attention for their activities. Here we take a look at the year in pictures of some of the key security problems that grabbed our attention.
Tips and tricks for protecting Android devices
Android doesn't rival BlackBerry when it comes to security and enterprise support. But Android devices can still be reasonably secure. Here are some tips to help you protect your investment, privacy and data.
USB devices: The big hole in network security
Ponemon Institute asked 745 information-technology and security managers whether USB drives were important for business use, and if they were secure. What did the survey find?
Features
2011's biggest security snafus
Perhaps it was an omen of what was to come when the city of San Francisco on New Year's Eve 2010 couldn't get a backup system running in its Emergency Operations Center because no one knew the password.
Security breach
No company wants to be associated with a data breach, but if your systems are compromised the fallout can sometimes be more damaging than the act itself.
NEWS FEATURE: Debate rages over how to manage personal mobile devices used for work
Increasingly, businesses accept the idea that employees should be able to use their personal mobile devices, such as smartphones and tablets, for work. But debate is raging as to whether these employee-owned devices should be managed and secured exactly as corporate-owned devices might be.
Opinions
Redefining BYOD
More companies are seeing the benefits of allowing their employees to bring personally owned devices into the workplace and onto the corporate network. The familiarity of having your own smartphone for work means that you can work faster and, perhaps cynically from the employer’s perspective, that you are far more likely to work longer.
Six tips for mobile device management security
Six tips to help get the efficient and secure management of mobile devices under control.
The magic of mobility vs the safety of security
Mobility has become a key part of business operations in recent years. Smartphones and tablets have become an accepted part of everyday business as the workforce becomes more and more dispersed, with managers expecting their employees to remain connected and productive while they are away from the office.
Addressing the security risks of BYO device
The head of security hastily leaves the meeting without excusing herself. Her body language indicates that it is an important call. As she walks back in, all eyes in the room subliminally pose the same question. Without further prompting, the head of security says: “The CEO wants to know why she can’t watch a YouTube video on her iPad. It’s against policy, but we have to make it happen. While we’re at it, she also wants to be able to access her email and calendar on her iPhone”. This actually happened at a large financial institution.
Opinion: Fighting the botnet threat
ISPs in Australia have for some time been notifying users about the likelihood that their computers have been compromised by malware. Now under the icode, the system has been formalised. Education and remediation tools are being made available to suspected victims.
Get exclusive access to CSO, invitation only events, reports & analysis. 
Incident handling is a vast topic, but here are a few tips for you to consider in your incident response. I hope you never have to use them, but the odds are at some point you will and I hope being ready saves you pain (or your job!).
- Have an incident response plan.
- Pre-define your incident response team
- Define your approach: watch and learn or contain and recover.
- Pre-distribute call cards.
- Forensic and incident response data capture.
- Get your users on-side.
- Know how to report crimes and engage law enforcement.
- Practice makes perfect.
Warning: Tips for secure mobile holiday shopping
I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.
