More Security In Depth
Put simply, cybercrime, especially financial malware, has the potential to be quite the lucrative affair. That's only because the bad guys have the tools to make their work quick and easy, though. Cripple the automated processes presented by certain malware platforms, and suddenly the threats -- and the losses --aren't quite so serious.
Anything "software-defined"--networks, storage, data centers--is grabbing a lot of attention these days. Security is no exception. Software-defined security (SDS) is an emerging model in which information security is deployed, controlled and managed by software.
A vulnerable person. A sociopath or two on social media tormenting that person without consequence. That's trolling in a nutshell. Mike Elgan explains what you can do about it.
It's no longer unusual to see major, massive hacks make news these days. They affect millions of individuals and cost millions of dollars to rectify.
I recently had the opportunity to speak with two representatives from the Netherlands-based security research firm Fox-IT--Maurits Lucas, InTELL Business Director, and Andy Chandler, VP of WW Sales & Marketing. Collectively, the two shared an in-depth story of cybergang warfare suitable for Hollywood.
The number of phishing sites was up 10.7-percent as of Q1 this year (over last year) while at the same time almost 32.7-percent of PCs globally were infected with malware, including adware and spyware, indicating that phishing is an increasing issue for the enterprise, according to a report from the Anti-Phishing Working Group of the Internet Engineering Task Force.
The corporate firewall is like a dike keeping out a raging sea of malware. Where does it all come from?
As businesses integrate vast quantities of new consumer data they need to think through privacy and transparency issues.
So OKCupid has rushed to Facebook's defense by announcing that it, too, experiments on users' profiles. Is this any way to run a social site?
One seemingly unshakeable truth about the online world since it began is this: The Internet never forgets. Once you post anything online, it is recoverable forever -- the claims of former IRS official Lois Lerner about "lost" emails notwithstanding. Even promises of photos disappearing after a few seconds have been shown to be bogus.
Mike Elgan would like to find a social network that doesn't lie to users, doesn't experiment on users without their clear knowledge, and delivers by default all the posts of the people they follow.
Only one person clicks on a bad link, and she had all her files properly backed up. Maybe employees aren't a security manager's nightmare after all.
There are known, proven approaches to reduce those risks without disabling the benefit of consumerization
Before flying from Rome to Philadelphia earlier this summer, I stopped in the hotel lobby to print my boarding pass. The hotel had one computer dedicated solely to this task. It was the only public computer available to guests. I could access only airline websites and input my name and confirmation number for the ticket. That was it.
Don't let the word "virtual" in virtual servers fool you. You're the only one who knows it's virtual. From the perspective of the virtual server itself, the devices connected to it, applications running on it, end-users connecting to it, or security threats trying to compromise it, the server is very, very real. A new survey from Kaspersky Labs found that many IT professionals understand that securing virtual environments is important, but don't fully understand the threats or how to properly defend against them.
A gold rush of next-gen authentication technologies yields biometric systems, ID bracelets, new standards and more. Insider (registration required)
Redirected Net searches, unexpected installs, rogue mouse pointers: Here's what to do when you've been 0wned
Four companies that have been at BYOD for a while talk about how their programs have changed with the times. One key takeaway: Don't expect to save bundles of money. Insider (registration required)
Implementing a security awareness program seems rather straightforward, until you actually start to implement one - factoring in things like resources and the people (users) to be trained. At that point, it can seem complicated, costly, and unnecessary. However, the process doesn't have to be a logistical and expensive nightmare, and it's certainly worth it in the long run.
Few security executives at global enterprises--or even at smaller organizations--have not had to deal with issues related to social media, mobile technology, big data/analytics, or cloud computing.
Yes, users sometimes do stupid things. Some always will. But developers need to do more to save users from themselves.
Getting employees to take security seriously can be a game that everyone wins.
Most of us would love a break on our health insurance. We would generally appreciate the convenience of seeing ads for things we're actually interested in buying, instead of irrelevant "clutter." A lot of us would like someone, or something, else keeping track of how effective our workouts are.
Companies including MITRE are looking at privileged access and how to better lock it down -- without stopping employees from doing their jobs.
Doors just stop working when one old PC in a storage closet dies.
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!
- IT Certification Study Tips
- Register for this Computerworld Insider Study Tip guide and gain access to hundreds of premium content articles, cheat sheets, product reviews and more.
- Securing Mobile App Data - Comparing Containers and App Wrappers
- Analysts agree that Mobile Device Management (MDM) is not enough when it comes to securing app data. Although it remains a critical component...
- PCI 3.0 Compliance
- In this white paper, learn how PCI-DSS 3.0 effects how you deploy and maintain PCI compliant networks using CradlePoint devices.
- Mitigating Security Risks at the Networks Edge
- This white paper provides strategies and best practices for distributed enterprises to protect their networks against vulnerabilities, threats, and malicious attacks.
- 5 Strategies for Modern Data Protection
- Read the five strategies for modern data protection that will not only help solve your current data management challenges but also ensure that...
- Defense throughout the Vulnerability Life Cycle with Alert Logic Threat and Log Manager
- New security threats are emerging all the time, from new forms of malware and web application exploits that target code vulnerabilities to attacks... All Security White Papers
- Business-driven data protection Setting up data protection infrastructures with your organizations' core mission or business in mind is key. In this webinar, the ARCserve team will...
- On-Demand Webinar: Mind the Gap! Watch the webinar featuring Bob Janssen, CTO and Co-Founder of RES Software, to start building a solid foundation for business and IT to...
- On-Demand Webinar: Beyond the Enterprise App Store If you already have a few projects that are RED on your project timeline then join us so you can free up your...
One Storefront to Rule Them All
Take the load off managing mobile users with IT service request and delivery across all platforms!
Give your users the on-demand, enterprise app...
Don't Believe the Hype: Not All Containers are Created Equal
Hear executives discuss the 3 C's of Secure Mobility-content, credentials, and configurations-and learn the inherent security risks to your organization of using MDM...
- All Security Webcasts