Blame unusable security, not users; Apple worm; high-speed IPS
Free hard-drive indexing utility raises corporate security and privacy questions
As more organizations embrace Web services (which opens back-office processes to partners and the Internet), a problem is emerging: who inside the organization is in charge of Web services security?
How one financial company distributes secure information to its board of directors, many of whom work in an insecure environment
Knowing how today's hackers think and work is the first step to combating their attacks.
Software vaults are increasingly the solution for securing passwords, notes from the board of directors, and more
Smart cards, currently a favorite of governments and large corporations, are getting more powerful, incorporating Java and USB technologies.
Most attacks are relatively unsophisticated, planned in advance, conducted during normal business hours, and start from inside the organization. The common driver comes as no surprise: money.
Most unsolicited e-mail originates in U.S., survey finds; securing storage; name-dropping attacks
Once they seemed doomed, but public key infrastructure is taking off, driven by e-commerce servers, Pentagon requirements, and government regulations.
Aeroplan adopts an XML firewall
This XP Service Pack should be called a Security Pack
Public key infrastructure isn't dead yet.
Free instant messaging services are just one of the many security holes facing corporate IT
New approaches make it easier than ever to add network-wide transparent data encryption
Even laptops with hard drives that had been erased and defragged were easily hacked to reveal company secrets
Once information appears in a browser, users can copy or print it as they please. Security managers have a new option for safeguarding such content.
How can you know you haven't been connected to a look-alike server, and how does it know your device isn't infected with malware? New hardware specification models from the Trusted Computing Group may help.
Host-based intrusion prevention runs as a software agent on a user's system, looking for unauthorized actions