Security Implications of the Humble Computer Clock
If your company's computer clocks aren't in sync, forensics, backups, and much more can suffer. Simson Garfinkel on getting the time right.
Simson Garfinkel | 03 Mar | Read more
If your company's computer clocks aren't in sync, forensics, backups, and much more can suffer. Simson Garfinkel on getting the time right.
Simson Garfinkel | 03 Mar | Read more
Jeremiah Grossman wants you to know that firewalls and SSL encryption won't prevent a hacker from breaking into your e-commerce website, compromising your customers' data and possibly stealing your money. That's because most website attacks these days exploit bugs in the Web application itself, rather than in the operating system on which the application is running.
Simson Garfinkel | 14 Jun | Read more
Amazon.com wants to sell your organization a whole lot more than books, music and electronics. Amazon, the Seattle-based e-commerce giant, wants to rent your organization storage space for your mission-critical data and virtual machines for doing your information processing. The offerings are enterprise-quality, and the prices are astonishingly low. But is it safe to trust your business to Amazon's infrastructure?
Simson Garfinkel | 01 Mar | Read more
Virtualization is the hot new trend in corporate data centers today. Virtualization servers from Microsoft, VMware and XenSource allow many virtual computers to run on a single (real) computer system. In practice, this means that 20 or 30 physical servers in a machine room can be turned into the same number of virtual machines running on a single physical system with two, four or eight processors.
Simson Garfinkel | 31 Jan | Read more
Disk-level encryption provides a safety net without a hassle 
Simson Garfinkel | 21 Sep | Read more
While two-factor authentication schemes face various snags, S/MIME is ready to help secure e-mail today.
Simson Garfinkel | 20 Apr | Read more
Sony, Apple and especially Microsoft illustrate differing approaches to Digital Rights Management.
Simson Garfinkel | 05 Apr | Read more
Organization after organization has disclosed that critical data banks have been compromised by hackers, couriers or consultants. The causes range from lost backup tapes to lost laptops to network hacks. What most of these cases have in common is the lack of strong technical measures to protect data that is by its nature highly sensitive.
Simson Garfinkel | 05 Jan | Read more
The old network security model -- perimeter defense -- was a lot like the old physical security model: Put your assets in a secure location, build a wall and use a gate to control who goes in and out. Many today say the perimeter model is obsolete; some even say the perimeter should be removed altogether. While today it's critical to understand the shortcomings of the castle-and-moat model, CSOs should be a long way from tossing their firewalls altogether.
Simson Garfinkel | 10 Nov | Read more
With somewhere between 80 percent and 95 percent of all Internet messages now consisting of spam, phishing attacks and e-mail based worms, organizations have been forced to filter their incoming mail more aggressively than ever before.
Simson Garfinkel | 02 Dec | Read more
Should software vulnerabilities be discussed in public? Cisco has strong opinions about that, particularly when it comes to its own software.
Simson Garfinkel | 04 Aug | Read more
These long-standing logs can help you monitor your networks and employees. So before you invest in a new kind of data collection system, review your log files. The information you want might already be in there.
Simson Garfinkel | 19 May | Read more
Skype is a great way to communicate. But CSOs should know that it also brings auditing and monitoring challenges.
Simson Garfinkel | 17 Mar | Read more
You can wirelessly sync your mobile phone with your laptop. You can use the phone's built-in modem to put your laptop on the Internet. With speed. Without cables. But be aware, even with security built in from the get-go, Bluetooth has problems
Simson Garfinkel | 03 Mar | Read more
Security flaws in high-profile products like Microsoft's Passport led experts and vendors to find new ways to disclose bugs
Simson Garfinkel | 20 Jan | Read more