With the rise of mobile computing -- first via laptops, then smartphones and now tablets -- the IT landscape changed within the enterprise. No more was IT just about the local network, WANs and security for desktops and servers: it now had to incorporate mobile devices, spanning all manner of manufacturers, operating systems, and platforms and to do so without compromising security. The sheer volume of devices and the different software they run is a natural antithesis to network security. Yet, these devices are integral to the way business works today, and so the IT department must adapt.
I love password managers. When they work well, they make browsing the Web easier, faster, and more secure. And SafeWallet does, indeed, work well. It's not perfect, but SafeWallet has become my new favorite password manager.
Anyone who works in an office will know that when it's time to run to the bathroom, the chances of someone snooping around the computer increases. Whether it's a nosy colleague looking for gossip or a boss checking up on your work, no one wants to be caught out checking Facebook on company time. That's where a small program called WinLock comes in to save you.
Connecting remotely to network servers is a fact of life for millions of end users. Whether working from a PC or a mobile device, users rely on secure, reliable remote connections to maintain their productivity.
Available since Windows Server 2008 R2, Microsofts DirectAccess server role became fully integrated with the OS in Windows Server 2012. DirectAccess is designed to connect a VPN-type session automatically as soon as a compatible Windows client is connected to the Internet.
Most of the products tested (except Windows Server 2012), use Oracle's Java in one form or another, at least for client access and also in some cases within the management interface. With numerous vulnerabilities recently discovered in Java, leading to guidance from Department of Homeland Security and others to disable it entirely, this raised some questions about usability and possibly even security of the devices tested.
Apricorn's Aegis Bio 3.0 pairs solid performance with enhanced security features to create a nice, all-around external hard drive. The Aegis Bio harnesses biometrics to make sure you (and only you) have access to your data.
These days, it's hard for me to imagine life without password-management software. Good "password hygiene" is essential to protect my online data from prying eyes, and it would simply be impossible to handle the dozens of passwords I use every day in a safe way if all I relied on was my poor, overtaxed brain.
If you use the same user name and password on multiple sites, all it takes is for one of them to get cracked, and it doesn't matter how secure your password is or how securely all the other sites store it: You are in trouble. So, you should use a different secure password for each site. Of course, trying to remember dozens or hundreds of different secure passwords borders on impossible.
Sure, those fancy new 802.11ac routers are wicked fast, but the IEEE isn't expected to ratify that standard until later this year. So today's 802.11ac hardware could be rendered obsolete if the standards body changes course between now and November.
Microsoft Office is the most popular word processing suite around, when it comes to generating documents. But a lot of people are completely unaware that, every time you open a document, type in it, edit it, close it, or do anything more than breathe on it, personally identifying data called "metadata" is collected and attached to the document. Disclosure of this information can be very detrimental in certain situations, so it pays to spend an extra few minutes before sending someone the file, to wipe the metadata. A free, small app called Document Metadata Cleaner will help you achieve this.
Like its desktop cousin, Innovationbox's PassLocker for iOS offers a simple and streamlined interface for managing your logins and passwords. Instead of going for lots of features like its many competitors, the app focuses solely on storing your credentials and helping you retrieve them quickly.
These days, it seems that every single website I visit wants me to log in, no matter how trivial the service it offers. Of course, the most basic of cautions dictates that a different set of credentials are created for each site, least I wake up one morning to find out that my bank account was wiped clean because my favorite social network inadvertently leaked my password.
You just read about another online database hack, and now 4 million users' names and passwords are floating around the Internet--and you have a sinking feeling that one of them might be yours. And then there are the security breaches you don't hear about, the ones that leave nasty surprises in your inbox or on your credit card statement.
If you adopt just one security tool this year, make it KeePass. This free and open-source password manager is available for Windows, with unofficial ports for iOS, Android, Linux, and Mac OS X. A secure, lengthy, completely random password goes a long way towards improving your security--and having a separate password for each and every website and service you use is the single most important thing you can do to keep secure.
Kaspersky Internet Security 2013 ($60 for one year and three PCs, as of 12/19/12) is a solid antimalware suite that provides admirable protection and an excellent settings interface. This program looks a little different from the other suites we tested, mainly because of its teal-and-white colors, in contrast to the green-is-good/red-is-bad user interface that most other security packages use. But once you get past the fact that teal is sort of the same as green (trust us, this takes a moment), it's a good program that will keep you safe from most incoming attacks.
Avira Internet Security 2013 is an acceptable antivirus program--if you happen to be an expert in security jargon and working your way through a somewhat unfriendly user interface. This particular security suite passed our tests (though,
Bitdefender Internet Security 2013 ($70 for one year and three PCs, as of 12/19/12) may just be everything that you'd want in a security suite. This program, which earned the highest rating in both our real-world attack test and our system cleanup test, has a user-friendly interface that will appeal to both regular and advanced users. It also comes with several extra services, such as antitheft protection for various mobile devices.
G Data InternetSecurity 2013 ($35 for one year, as of 12/19/12) is a comprehensive security suite with an excellent protection record: It blocked, detected, and disabled all of the malicious files we threw at it, and cleaned up 80 percent of infections in our system cleanup test. However, it's not the most user-friendly suite, with a tedious installation process and an advanced-users-only settings panel. As a result, it ended up toward the bottom of our rankings.
McAfee Internet Security 2013 ($40 for one year of protection on up to 3 computers, as of 12/19/12) didn't manage top marks in our security suite tests, but it's still a fairly proficient antimalware program that will keep you relatively
Sign up now »
Use Splunk to search, alert and report in real time on any user, network, system or application activity, configuration changes, and other IT data from one place.
Incident handling is a vast topic, but here are a few tips for you to consider in your incident response. I hope you never have to use them, but the odds are at some point you will and I hope being ready saves you pain (or your job!).
- Have an incident response plan.
- Pre-define your incident response team
- Define your approach: watch and learn or contain and recover.
- Pre-distribute call cards.
- Forensic and incident response data capture.
- Get your users on-side.
- Know how to report crimes and engage law enforcement.
- Practice makes perfect.
I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.