Security


Security Vulnerabilities Down but Still Strong

Although the frequency of security vulnerabilities continues to decline, vendors were still preoccupied with patching last year.

Q&A: Best Practices for Enterprise-Scale Identity and Access Management Systems

What is IAM and how can you make an IAM project a success?

Overcoming Security Pains in UNIX Environments

Getting a handle on UNIX vulnerabilities is no easy task.

Firewalls Get Failing Marks; Enterprise Security Flunking, Too

Why does IT pass the buck to other internal groups when it comes to safeguarding enterprise security?

How to Mitigate Smartphone Threats to Your Corporate Network

These tips can help you minimize mobile threats.

CA Courts SecurID Customers

Who said hardware authentication tokens are infallible? CA's new program contrasts the advantages of its software-based approach with RSA Security's hardware-based SecurID model.

Auditors, Employers at Odds Over Security

A new survey shows a disconnect between the security-first mentalities of auditors and the compliance-driven concerns of their employers.



Integrating Physical and Logical Access Control

Two security approaches, working in tandem, provide superior enterprise protection.

Slowly but Surely, IT Addresses Mobile Security Threats

Nine out of ten enterprises say they plan to invest in new endpoint security technologies to help them better manage mobile devices

How Mobile Computing, Not Windows Desktop, Will Transform Cybercrime

As mobile devices become more ubiquitous, they and not the Windows desktop will become Ground Zero for attacks and exploits.

Microsoft's March Security Update is Light

Contains only three fixes.

How to Secure Data in the Cloud and Beyond

Next-generation tokenization has the potential to help businesses protect sensitive data in the cloud in a more efficient and scalable manner than encryption and first-generation tokenization.

How Continuous Monitoring Can Help Financial Services Firms Avoid Cyber Attacks

Follow these steps to achieve comprehensive visibility. They aren’t easy but they are necessary.

DDoS Unbound

DDoS attacks are bigger and more frequent than ever, and a lack of insight into IPv6 security is particularly worrisome.

The Emerging Crimeware Market

The availability and sophistication of crimeware kits has contributed to the rapid evolution -- as well as the increasing sophistication -- of cybercrime itself.

Q&A: Real-World Security Decisions

How do you secure an environment in which risky behavior is business as usual?

White House E-Mail Cyber Attack Allegedly Originated from China

Officials in the UK now suggest that a cyberattack from purported White House e-mail accounts actually originated from China, and the perpetrator used a hoax e-mail address that resembled a White House account.

Fixing the "Everyone" Problem in Windows Server

How to take control of default group access permissions settings for Windows Server.

7 Steps for Dealing with the People Component of Data Security

We outline seven steps that help you address the people aspect of data security.

New Year, New Threats: The Emerging Security Risks of Social Networking

Completely blocking access to social networking sites or online communities is not necessarily the only -- or the best way -- to stop these threats before they affect your business. The answer may lie in educating your workforce.