One of the foundational elements of ecommerce is the web of trust enabled by digital certificates. When you go to a web site, you can feel confident that it's legitimate because it has a certificate from a recognized certificate authority that validates it. But the certificates themselves can be vulnerable. Case in point: Security firm Malwarebytes recently discovered some malware in the wild with a valid, signed digital certificate.
Thor Olavsrud |
05 Feb |
Read more
EMC is building on its acquisition of the Syncplicity file-sharing and collaboration service by combining it with its Isilon scale-out NAS to provide the enterprise what the storage giant claims provides the convenience of a cloud-based file-sharing service with the administrative and governance capabilities of an on-premise solution.
Thor Olavsrud |
15 Jan |
Read more
For years, information security experts have predicted a spike in mobile malware. Will 2013 be the year of mobile attacks? And what other security threats are on the horizon?
Thor Olavsrud |
09 Jan |
Read more
As 2012 comes to a close, it's time to reflect on the security trends of the year with this look at the hottest security slideshows of 2012.
Thor Olavsrud |
24 Dec |
Read more
The holidays are nearly here and 2012 is on the way out. It's time to reflect on some of the most popular security stories and tips of the year as we prepare for 2013.
Thor Olavsrud |
20 Dec |
Read more
Sales of mobile devices are expected to surge this holiday season. Whether your firm has embraced bring-your-own-device (BYOD) or elected to look the other way that means many of your employees can be expected to upgrade their tablets and smartphones. But what about their old devices? Will they be decommissioned properly?
Thor Olavsrud |
13 Dec |
Read more
Aiming to help IT administrators manage security for physical and virtual desktops from a single pane of glass, Symantec joins the ranks of enterprise security providers optimizing their endpoint security offerings for virtual desktop infrastructure (VDI).
Thor Olavsrud |
03 Dec |
Read more
Thanksgiving is just around the corner in the U.S., and so are Black Friday and Cyber Monday, two of the busiest shopping days of the year. It's also a peak period for malware, phishing and spam. Since employees are increasingly using their own devices to access corporate resources (or simply using a work PC to sneak in a little shopping on Cyber Monday), it's a good idea to share some best practices with your users to help protect them and your network from threats.
Thor Olavsrud |
21 Nov |
Read more
Studies show that employees are engaging in rogue use of the cloud, even when IT organizations say they have clear formal cloud policies and penalties for violation of the policies.
Thor Olavsrud |
13 Nov |
Read more
The promise of big data is enormous, but it can also become an albatross around your neck if you don't make security of both your data and your infrastructure a key part of your big data project from the beginning. Here are some steps you can take to avoid big data pitfalls.
Thor Olavsrud |
08 Nov |
Read more
Hurricane Sandy left devastation in its wake, first pounding the Caribbean and then pummeling the Mid-Atlantic and Northeast regions of the U.S. People and businesses are now struggling to get back on their feet. As a CIO or IT leader, you need to ask yourself: Will your organization be prepared for the next disaster?
Thor Olavsrud |
06 Nov |
Read more
If your IT security team must comply with regulations like PCI-DSS or HIPAA, you need to know who accesses your data and what they do with it, even if they're using a mobile device to do it. But performing forensic investigations on mobile devices is trickier than it is on PCs.
Thor Olavsrud |
16 Oct |
Read more
Since 2011, security firm Blue Coat Systems has been tracking malnets: extensive distributed network infrastructures embedded in the Internet and designed to deliver mass-market attacks on a continuous basis. These malnet infrastructures are like the proverbial Lernaean Hydra--chop off one head, like a botnet it has produced, and two more spring up to take its place.
Thor Olavsrud |
05 Oct |
Read more
Attackers are increasingly exploiting a combination of connected systems, poor policy enforcement and human error to cause data breaches, but there have been some information security successes: Spam and phishing attacks are down, reported SQL injection vulnerabilities are on the decline and sandboxing technology is making it safer to open documents like PDFs again.
Thor Olavsrud |
20 Sep |
Read more
Your sensitive data is only as secure as the weakest link in your organisation, and in many cases the weak link is your employees. A properly established security awareness and training program can pay huge dividends.
Thor Olavsrud |
15 Aug |
Read more