Microsoft
Here are some of the key reasons why you would want to run Unified Access Gateway with DirectAccess.
Response team boosts open-source security
OCERT steps in to help bridge the communications gaps
May 7, 2008 12:00 PM ETPC World - IT managers often assume that open-source software is more secure than proprietary commercial software. Anyone who uses open source can examine the original code to spot any lurking vulnerabilities, and potentially even fix the vulnerabilities themselves. With proprietary software, you have to trust the vendor to do it all for you.
But open source's supposed security advantage assumes three things: 1) someone is actually looking at the code, 2) security vulnerabilities are getting reported and fixed, and 3) information about those fixes makes its way to Linux distributors and other software vendors, which apply the fixes to their products. But what things aren't happening? As a customer, how can you be sure?
A new initiative aims to help. Founded in March, Open Source Computer Emergency Response Team (oCERT) was specifically created to act as a clearinghouse for security information about all kinds of open-source software.
Say you're a small open-source project -- maybe you only provide a library of code that's used in other larger applications. As a two-person effort, you don't have time to contact everyone who uses your code to let them know about a recent security flaw. That's where oCERT can step in to alert everyone. Similarly, large Linux distributions, which incorporate hundreds or even thousands of different open-source projects' code, can work with oCERT to make sure all the holes get plugged in all the right places.
Open-source users can help the oCERT effort, too, by reporting security incidents. If you're a business that is experiencing a potential software exploit, oCERT can offer reliable security contacts in the open-source community that can help you plan and coordinate your response.
In keeping with open-source tradition (and open-source budgets), oCERT is a volunteer effort, and it provides its services free of charge. The team's operating costs are underwritten by corporate sponsors -- most recently Google Inc., which posted a detailed summary of why this effort is so important to a blog on Monday.
All in all, oCERT sounds like a worthwhile project that will provide a valuable service to the community of open-source vendors and customers. Let's hope it wins enough support to sustain itself for the long run. (That name might be a problem, for starters -- CERT is a trademark of Carnegie Mellon University.)
Reprinted with permission from
For more PC news, visit PCWorld.com.Story copyright 2009 PC World Communications. All rights reserved.
open-source software
Additional Resources
Microsoft
Review how one energy firm tightened protection and simplified IT work using business-ready security solutions.
Sybase
In this white paper, IDC analyzes the role of next-generation mobile enterprise platforms as organizations seek a more strategic deployment of mobile solutions.
Learn the important issues you must consider before starting your next mobility initiative. Get your mobility white paper from IDC now, compliments of Sybase.
Learn the important issues you must consider before starting your next mobility initiative. Get your mobility white paper from IDC now, compliments of Sybase.
White Papers & Webcasts
Master Data Management Projects in Practice - An Information Difference Research Study
Information Difference conducted a survey of both end-user organizations and systems integrators aimed at gaining deeper insight into MDM implementations and their success...
Podcast: Promote your apps and services to the thriving BIRT user community
Listen to this podcast now!
Open Source Master Data Management: The Time is Right
MDM is a natural extension to data integration and data quality. Open source MDM introduces a new, more accessible approach. It reduces implementation...
Enabling Identity and Security Management with Open Source
Watch this complimentary webcast today!
Practical Open Source Data Integration: Case Studies & Implementation Examples
This third volume of Practical Open Source Data Integration: Case Studies & Implementation Examples presents selected case studies, illustrating real-life implementations of open...
Data in Action: Making the Planet Smarter
Register Now
The Top 10 Reasons for Choosing Open Source Data Integration
Are you trying to understand your options for data integration? This White Paper presents the top 10 reasons why organizations are choosing open...
The Benefits of IBM: The Savings of Open Source
Download Now
The Workday User Experience Video
Watch Workday's Creative Director, Scott Lietzke, discuss the business-centered design philosophy at Workday.
Computerworld Reports
Sign up to receive updates on the latest Software resources
Strategic Content ManagementLearn how the right Enterprise Content Management (ECM) solution can start saving you money within a week and pay for itself in as little as three months. These case studies and white papers provide practical information on how to go from theory to reality - to help you put together a plan that will achieve your content management and process automation goals. Enter the Strategic Content Management Zone now |
