Computers, networks, and information security seem to fall comfortably under the heading of science, but science alone is not enough. Security system developer Tripwire recently conducted a survey in cooperation with the Ponemon Institute to find out whether IT professionals consider risk management to be "science" or "art."
BYOD guidelines are just being defined, but one warning must rise above the din: never, ever, try to gain unauthorized access to an employee's private social networking site.
BYOD brings out the classic problem between control of corporate information and individual freedom. It kicks it up to a whole new level because the devices belong to the users, but at least some of the apps and information belong to the company and as such need protection and policy enforcement.
Will BYOD lead to a rash of lawsuits from employees who feel violated? Or maybe a headline-grabbing, class-action lawsuit? Your company better make sure it has an explicit terms-of-use BYOD agreement. Here are ways companies can protect themselves.
Apple came clean that it keeps anonymous Siri data for two years, but that has not quelled fears about corporate data privacy
Revelations over the U.S. National Security Agency's Prism surveillance program have much of the general public in uproar, but in terms of the controversy's impact to enterprise IT, some CIOs have measured, albeit watchful reactions.
'Tis the season to begin ramping up online shopping activity, and for retailers that means doing all they can to ensure their websites are up, highly available and able to handle peak capacity. Looming in many IT managers' minds is the cautionary tale of Target, whose website crashed twice after it was inundated by an unprecedented number of online shoppers when the retailer began selling clothing and accessories from high-end Italian fashion company Missoni.
It's a CIO's worst nightmare: You get a call from the Business Software Alliance (BSA), saying that some of the Microsoft software your company uses might be pirated.
Business travelers will soon need to carry the name of their corporate lawyer in addition to their passport when traveling to the United States, and they may need to bring with them a different business laptop as well. This is because US Customs can search and confiscate your laptop without any prior cause, according to policies that have been posted online since a Ninth US Circuit Court ruling in April.
Sign up now »
Incident handling is a vast topic, but here are a few tips for you to consider in your incident response. I hope you never have to use them, but the odds are at some point you will and I hope being ready saves you pain (or your job!).
- Have an incident response plan.
- Pre-define your incident response team
- Define your approach: watch and learn or contain and recover.
- Pre-distribute call cards.
- Forensic and incident response data capture.
- Get your users on-side.
- Know how to report crimes and engage law enforcement.
- Practice makes perfect.
I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.