When risk is present it calls for treatment, and security is a never-ending process... right? Yes, but as a security professional, it's easy to become focused on the hard problems (download PDF) of security -- falling into the arms race for more, more, more security controls -- and lose sight of the impact of the controls themselves.
Jon Espenschied | 25 Jun | Read more
Security assessment and deep testing don't require a big budget. Some of most effective security tools are free, and are commonly used by professional consultants, private industry and government security practitioners. Here are a few to start with.
Jon Espenschied | 28 May | Read more
Neither information technology nor security managers fire people in most organizations. That plain reality seems to escape some in the industry, where offended security administrators declare that disabling the anti-virus program is grounds for demotion or an IT manager finding unlicensed media makes arrangements for someone to make the cardboard box commute.
Jon Espenschied | 20 Mar | Read more
A child with a chocolate-smeared shirt says, "I didn't do it." The phone rings, and Mum assures you, "There's nothing to worry about." A systems administrator carrying a box of tapes says, "We'll have everything back up in a few minutes." Sometimes the first words you hear -- despite their distance from the truth -- tell you everything you need to know.
Jon Espenschied | 15 Aug | Read more
Tony Soprano's dislike of computers is well-known, but in 2007, it's hard to keep a business running without one. (Another argument for creator David Chase ending the show after five seasons, but too late now.) Tony knows that yesterday's bookie can't compete with a txt-ing young punk offloading his risky punts on Betfair, and that though tradition's important, sometimes old-school thinking just doesn't cut it. To stay on top, a business has to move with the times.
Jon Espenschied | 10 Apr | Read more
My heart sank when I first saw Al Gore pull out his BlackBerry. It was in the waning weeks of the 2000 US presidential campaign, and there he was on the TV, tapping away on his then-novel converged device. Though I had no evidence, I was positive that whatever he was reading had already been perused by some conservative skunk works, with his responses scrutinized not long after. Given recent revelations about the opposition's ethics and panting obsession with domestic spying, I still suspect that any eavesdropping technically possible at the time was probably being done.
Jon Espenschied | 27 Mar | Read more