For all its efforts to protect citizen privacy, the revelation that the passwords of many Australian Tax Office (ATO) business customers had been stored in plain text highlighted the persistent ability of human error – in this case, at an ATO subcontractor with data stored external to the organisation – to compromise security measures.
David Braue | 20 Jun | Read more
Attack Word documents designed to lure victims into opening them were crafted to fetch a PNG image file that contained an exploit for vulnerable versions of Office
Although BYOD security gets the headlines, IT managers find issues like device management, scope management and support just as challenging. At the recent CSO Australia Mobile Security roundtable, held at AusCERT, 21 guests thrashed out their experiences and concerns.
Richard Chirgwin | 07 Jun | Read more
It may have started out as a way of simplifying an increasingly complicated IT environment, but Brisbane law firm Cooper Grace Ward (CGW) has found its virtual desktop infrastructure (VDI) investment is also delivering improved remote-access security, data protection and integrity of sensitive information.
David Braue | 17 May | Read more
Cloud, mobility and bring-your-own-device (BYOD) computing are providing so many new potential ingress points to your network that it’s getting near impossible to keep up. The solution, as David Braue finds, lies in reconsidering your exposure, revisiting your IAM strategy – and picking your battles carefully.
David Braue | 15 May | Read more
Mobile telecommunications carriers like Vodafone will increasingly play a role in normalising bring your own device (BYOD) programs by using deep packet inspection (DPI) technology to prevent the compromise and exploitation of mobile devices outside the corporate network, the head of security supplier BAE Systems Detica has predicted.
David Braue | 02 May | Read more
The “fundamentally broken” security model of Google’s Android operating system makes bring your own device (BYOD) strategies too risky for companies to implement safely, a senior security researcher with Romanian security vendor Bitdefender has warned.
David Braue | 24 Apr | Read more
Australian organisations’ growing comfort with the security of hosted cloud services is paving the way for increased investment in local data centre space and new approaches to cloud-related infrastructure models as Verizon, Rackspace and others push new facilities into an ever-busier market.
David Braue | 18 Apr | Read more
Information security vendors are telling customers to think in a new way. At the core of their advice is the idea — the admission, if you like — that no matter how good the defences they sell, sooner or later the bad guys will get through.
Stilgherrian | 01 Apr | Read more
Recent attacks on the New York Times and Wall Street Journal Web sites have proved nothing if not that information security efforts are still falling short, <a href=”http://www.cso.com.au/article/452679/chinese_attacks_show_up_useless_infosec_again/”>some have argued</a>.
David Braue | 12 Feb | Read more
Remote-access vendor LogMeIn is playing on its security credentials as it targets small businesses with Cubby, a cloud and local file-syncing tool that is, in the words of its Australian head, designed to "out-Dropbox Dropbox".
David Braue | 07 Feb | Read more
Recent attacks on US newspapers are further proof that, despite making billions, the information security industry is pretty much screwed.
Stilgherrian | 04 Feb | Read more
Anonymity is an increasingly scarce commodity. Google's latest Transparency Report revealed government requests for data about users of its online services are increasing. It's not hard to find examples of threats to privacy — either intentional or unintentional.
Rohan Pearce | 30 Jan | Read more
An online survey of IT managers polled more than 2000 companies, each with 500 or more employees, in several countries—Australia, Canada, the United States, Germany, UK, France, Brazil, and India. 225 firms were surveyed in Australia.
Aside from the hard lesson learned that failure to plan and prepare will most certainly lead to disaster, there are some important lessons on governing and best practice implementation security professionals need to take from the Click Frenzy event, according to cloud computing and security experts.
The cloud market can be a big, daunting place. Seemingly every tech vendor has a cloud strategy, with new products and services dubbed "cloud" coming out every week. But who are the real market leaders? Research firm Gartner's answer lies in its Magic Quadrant report for the infrastructure as a service (IaaS) market.
Brandon Butler | 07 Nov | Read more
The accelerated nature of cloud computing is presenting new security challenges, attendees at the Evolve.Cloud conference heard in Canberra recently.
Canberra's EVOLVE.Cloud hit the streets with topline speakers
Around 50 Australian and New Zealand IT executives have indicated in the latest SafeNet Cloud Security Survey that they are not using cloud services but this number could be less because some companies are bypassing the IT department to buy services online, according to SafeNet CTO Russ Dietz.
Hamish Barwick | 17 Oct | Read more
PhoneFactor provides “out of band” authentication via voice, text or an app for access to a range of corporate applications or banking services. On Thursday it became Microsoft’s two-factor solution.