Privacy

The NSW Department of Corrective Services will implement mandatory iris scanning and fingerprinting across its 32 prisons to help verify visitor identities.

A year ago, when a Time Magazine reporter told Tan Dailin that he'd been identified as someone who may have hacked the Pentagon, he gasped and asked, "Will the FBI send special agents out to arrest me?"

Many Australian government agencies do not have appropriate controls covering the use of portable storage devices (PSDs) for the handling of personal information which is being lost at an alarming rate, according to new research by the Office of the Privacy Commissioner.

Google has unveiled two new tools to make searching the web for information and images easier.

Microsoft has released a public beta of the next iteration of Exchange, called Exchange Server 2010. This latest release of Microsoft's collaborative and messaging software, currently winning the market share battle with IBM's Lotus Notes, is the first out of the gate among Microsoft's upcoming Office-related products that include SharePoint 2010 and the rebranded Office 2010 (formerly referred to as Office 14). Exchange 2010 will become generally available in the second half of 2009.

Security is on the minds of companies and many are still making room in their budgets to invest in IT security initiatives, according to a survey released Monday by Robert Half Technology.

Spammers have cracked Microsoft's latest defense against abuse of its Live Hotmail e-mail service using a sophisticated network of hacked computers that receive encrypted instructions from a central server, a security company has reported.

Google is taking issue with a report that says click fraud hit a record high in the fourth quarter.

A former Fannie Mae IT contractor has been charged with planting malicious software on the mortgage giant's systems on the day he lost his job last October.

Just two weeks after a task force whose formation was spearheaded by MySpace delivered a report saying that social networking sites were safer from sexual predators than many people had assumed, MySpace finds itself dealing with a new inquiry related to registered sex offenders by Connecticut's attorney general.

New Microsoft technology designed to protect Internet Explorer users from a powerful new Web-based attack will not fix the problem, security experts said Tuesday.

The European Parliament signed up to a plan Wednesday to introduce computerized biometric passports including people's fingerprints as well as their photographs, despite criticism from civil liberties groups and security experts who argue that the move is flawed on technical grounds.

Hackers have seeded LinkedIn, the business networking service, with bogus celebrity profiles.

David Kernell is facing five years in prison for allegedly hacking into Alaska Governor Sarah Palin's Yahoo e-mail account, but lawyers watching the case say that the felony charge against him is a bit of a stretch.

CIO Roxanne Reynolds-Lair of The Fashion Institute of Design and Merchandising wanted to bring both Macs and Windows to her college's students, administrative employees and teachers. She bought a MacBook Pro and tested new-fangled desktop virtualization software that allows her to run both Windows and OS X on a single machine.

False positives and faulty readers are common criticism of biometric security systems. But with the right plan, can they be practical in your security portfolio?

She had me at hello ... or just about. Our conversation had barely started when privacy activist Betty Ostergren interrupted me to say that she had found my full name, address, Social Security number and a digital image of my signature on the Web.

As Cyber Monday approaches, research suggests a majority of workers will use their work computer to shop this holiday season. But despite the continued growth in online shopping, employees and business still don't understand the risk.

Tips to thwart DNS cache-poisoning attacks

Business travelers will soon need to carry the name of their corporate lawyer in addition to their passport when traveling to the United States, and they may need to bring with them a different business laptop as well. This is because US Customs can search and confiscate your laptop without any prior cause, according to policies that have been posted online since a Ninth US Circuit Court ruling in April.

The final installment in a series of articles about generational differences and security. Part one looked at managing workers in different age groups. Part two examined the types of security concerns that are most commonly associated with different generations in the general workforce. This article provides recruiting and retention advice for security employees.

Whether you were born in the swinging sixties or are part of the slacker generation, some security experts say generational social influences can give you bad habits and make you an office liability.

A recent survey released by security software firm Symantec found 66 per cent of Millennial employees, those born after 1980, admit to using Web 2.0 technologies, such as Facebook and YouTube, while at work. The same poll found younger workers also regularly store corporate data on personal devices, such as PCs and USB drives.

Remember the old M&M analogy - security is like an M&M candy, hard shell on the outside, soft on the inside. In other words, put up firewalls, built a strong perimeter and you're good to go. Of course, nobody believes that M&M-type security is sufficient in today's world of insider threats, data leakage, mobile workers, thumb drives and sophisticated malware. So, what's the new metaphor? We asked around and came up with a number of interesting and useful ways to think about enterprise security.

A wiry young man with his head shaved and wearing a tank top points a handgun straight at the camera in a disturbing YouTube video. The man wears what appears to be a wedding ring, and he gazes vacantly away from the viewer.

An employee looking to steal confidential information from his employer sneaks into what should be a secure back room after hours. He pulls charts and files from a top-level financial meeting and slides them into his briefcase before heading back out.

Haven't encrypted your laptop fleet yet? There's no excuse for that choice anymore. Check out today's smart strategies for improving laptop security — before the next machine disappears

CSIRO says the preservation of privacy and data integrity will both be critical to the success of efforts to develop a new form of electronic service delivery for the Australian government.

McAfee is hunkering down to integrate the security technologies it has bought over the past several months into its varied line of security software and appliances. Two trends in the company's activities are developing parallel products for deployment as software on endpoints and as network-based appliances. This week, for instance, the company is announcing that NAC software can be installed on its IntruShield IPS appliance to give customers the option of enforcing NAC policies in the network, not just on the endpoint. The company is bringing management of these platforms under control of its ePolicy Orchestrator (ePO) in an effort to centralize control of network security. Network World Senior Editor Tim Greene spoke with McAfee CEO Dave DeWalt about these efforts as well as other issues facing the company.

The Convention on Cybercrime is the work of the Council of Europe and is aimed at facilitating international cooperation in the investigation and prosecution of computer crimes. Since the Convention came into being in 2001, the COE has been working to address the growing international concern over the threats posed by hacking and other computer-related crimes.

Howard Schmidt today is the CEO of R&H Security Consulting. However, he's better known around the world for working in the White House for 31 years. A former White House security adviser, he was appointed by President Bush as Special Adviser for Cyberspace Security just three months after the terrorist attacks of September 11, 2001.

Internationally renowned security guru, Bruce Schneier, will be encouraging technologists at linux.conf.au to take a lesson from Luke Skywalker, and "feel the force" a little more when it comes to security.

David Holtsman, former CTO of Network Solutions, discusses September 11, the role of the Chief Privacy Officer and other hot-button privacy issues.

The proliferation and popularity of collaborative Web 2.0 sites – there are around 250,000 new registrations to Facebook everyday – has changed the threat landscape and the way businesses need to think about security. Each year, newer technologies and weapons are being unleashed to leave Web users surprised, annoyed and at greater risk.‘Whaling’ or ‘spear phishing’, is one such threat and refers to phishing scams which specifically target high-worth individuals.

Business isn't what it used to be.

Talk to anyone who attends Black Hat USA conferences and you'll hear about how boring the talks are, how nobody learned anything new, how the hacks were known last year -- not to mention the ridiculous posers. Ask those same attendees if they plan to attend next year, and they say "yeah" as fast as a poker player pushing all in with pocket aces.

Harrison Ford is ticked off again. But not because the bad guys have hijacked Air Force One or kidnapped his wife from a Paris hotel room; this time they've swiped his identity to break into the bank where he works and steal millions of dollars.

Companies are not embracing encryption as a way to protect sensitive data. According to Ponemon Institute's 2005 National Encryption Survey, only 4.2 percent of companies responding to our survey say their organizations have an enterprisewide encryption plan.

Within the next 10 years the convergence of multiple technologies will thrust people into a world where nothing is secret

I spent a very interesting hour with Phil Libin, president of CoreStreet, learning about the company's method for providing "massively scalable validation products for identity management and access control" - that's how CoreStreet describes its business. First, though, we had to get over a couple of semantic hurdles which points up one of the things slowing down the convergence of pure security products with pure identity management tools.