Security: Access

Security Lax with Wireless Routers

Are companies’ current wireless router security practices sufficient? Security policies are too often manually applied, and it shows.

The Push for Federated Identity Management

The growth in Web Services and service-oriented architectures enables businesses to more quickly and automatically trade information and computing resources. Now it’s up to federated identity management to secure it.

The Shape of Endpoint Security to Come

Will 2006 be the year of endpoint security? A number of network-access-control approaches are finally coming to fruition.

Case Study: Wireless Provider's Remote Access Success

Giving mobile users access to enterprise applications and internal portals via an SSL VPN can be tricky. Midwest Wireless' implementation was exceptionally smooth. What's their secret?

Oracle Database Passwords Vulnerable to Attack

Using a password hash, attackers can crack a database in about four minutes

Q&A: Monitoring What Web Applications Divulge

Watching inbound and outbound Web applications communications for signs of attack

Case Study: Furthering Role-Based Access

Securing access in the post-mainframe world

Q&A: Harnessing Trusted Computing Modules

Planning identity management or authentication rollouts? Don’t forget to factor in the Trusted Computing Modules now built into many PCs.

Web Services: Where Identity Management Goes From Here

SAML, Liberty, WS-Federation—a number of Web Services standards are competing for security managers’ attention. Here’s how to differentiate between the options.

Case Study: Polysius Takes Layered Approach to Endpoint Security

The term “endpoint security” includes new types of technology, which makes sense when Polysius’ manager of IT details the myriad, evolving threats to his corporate network, and the company's defenses.

Securing Admin Passwords: It Takes a Vault

It's difficult to audit administrative passwords if you're not managing them properly. That's what drove Manitoba Lotteries Corp. to employ a password vault.

Q&A: Workarounds for Active Directory's Limitations

Too often, Microsoft’s Active Directory and its Group Policy Objects don't offer the granularity security administrators need.

Q&A: Are Fingerprints the Next Smart Card?

More organizations are using fingerprints for logging onto PCs and into sensitive applications.

Enterprises Struggle with Identity Management Roles

Identity management software adoption is increasing, but many organizations still rely upon too many group permissions to effectively manage their implementations.

CSO Worries High, Actions Lax

CSOs worry about infected or unknown PCs logging onto their networks, but only one-third of companies are doing something about it

Q&A: Moving to Web Services Identity Management

Architecting fine-grained access to Web Services for many users at multiple organizations is difficult to implement or audit using identity management software. We discuss alternatives.

How to Lower Security Compliance Costs

How organizations can get (and stay) compliant while spending less

Q&A: Sorting Out Desktop Protection Technologies

The differences between signature-based, access control, and intrusion prevention products

In Brief

CA Antivirus Vulnerabilities; AOL Patches New Netscape; Beware Phishing E-mails Bearing Keylogging Software; New Trojan Encrypts PCs

Case Study: Continental Secures Remote Access, Trims Costs

Sometimes the drive for better security can also bring cost savings.