INFORMATION

Site Map - IT Security

The 39 Steps to IT Security

- The IT Governance Institute (ITGI) has released a downloadable publication to help executives prevent data loss resulting from viruses, hacks, or theft. The paper, aimed at senior executives, offers a host of questions that senior executives need to ask about their company's IT .@ Get the documents at SM Online.

DEFINING MOMENTS

- Test your knowledge of tech terms. Pour a quart of juice into an eight-ounce glass and most of the juice will end up on the counter. Similarly, when more information comes into a computer program’s temporary data-storage area than was meant to fit, some of that data will spill over and could corrupt or even overwrite the data in adjoining areas. Savvy attackers use this flaw to gain access to systems or destroy data. What are these attacks called? Hint: The first word rhymes with slang for golfer; to get the second word, think of what happens to the juice in the eight-ounce glass. Answer: Buffer Overflow

Quick Bytes: Government report card

- It's government IT security grade time again, and as always, the news is not good. Seven agencies received a grade of F, including two-Commerce and Veterans Affairs-that respectively had a C- and a C in 2003. But there were improvements. The Agency for International Development received an A+, and the Department of Justice jumped from an F to a B-. @ The scorecard is available through SM Online.

Worth a Look

- One of the most ballyhooed differences is security; IE has been famously prone to flaws, while Firefox has remained largely outside of the virus and worm threatscape in part because it has fewer flaws and in part because it has fewer users and is not yet attracting the attention of hackers. That’s subject to change, of course, as more people adopt it.

Government report card.

- It's government IT security grade time again, and as always, the news is not good. Seven agencies received a grade of F, including two-Commerce and Veterans Affairs-that respectively had a C- and a C in 2003. But there were improvements. The Agency for International Development received an A+, and the Department of Justice jumped from an F to a B-. @ The scorecard is available through SM Online.

Worth a Look.

- One of the most ballyhooed differences is security; IE has been famously prone to flaws, while Firefox has remained largely outside of the virus and worm threatscape in part because it has fewer flaws and in part because it has fewer users and is not yet attracting the attention of hackers. That's subject to change, of course, as more people adopt it. Firefox has some differences that truly make it more secure, however. For example, it doesn't automatically load ActiveX controls, tiny programs that have been the cause of many of IE's security holes. Pros. Better security and the ability to precisely customize it to your wants and needs make Firefox a pleasure to use. Cons. Since Firefox doesn't automatically load ActiveX controls, there are some pages that simply won't load in the browser, or won't work properly. For these pages, you'll have to open IE. Where to get one? The browser is available for free from Mozilla's Web site.

DEFINING MOMENTS

- It might seem odd to dedicate network resources to actually try to attract hackers, but that’s exactly what these servers, attached to the Internet, do.

Worth a Look

- A new portable storage device called Outbacker by Memory Expert International (MXI) is a bit bigger than a flash drive—it’s about the size of a deck of cards—but it makes up for its size with an incredible 20 GB of storage space (a model with twice as much storage is also available).

Making a Federal Case of IT Security

- The federal government needs to play a greater role in protecting the IT infrastructure of the United States, according to two recent reports. The first report, from the President’s Information Technology Advisory Committee (PITAC), a group of independent experts appointed by the president to provide advice on IT issues, warns that the nation’s IT infrastructure “is highly vulnerable to attack.”

When Good Software Goes Bad

- Why it’s so hard to create secure software, how to hack Google, Sarbanes Oxley costs, a secure and portable storage device, and more from the digital world

Making a Federal Case of IT Security

- The federal government needs to play a greater role in protecting the IT infrastructure of the United States, according to two recent reports. The first report, from the President’s Information Technology Advisory Committee (PITAC), a group of independent experts appointed by the president to provide advice on IT issues, warns that the nation’s IT infrastructure “is highly vulnerable to attack.” Read the The PITAC report, Cyber Security: A Crisis of Prioritization, and the CRS report, Creating a National Framework for Cybersecurity.

Worth a Look

- Rom viruses to spyware to Trojan horses, there’s an abundance of ways for your computer to be rendered unusable or for its data to be corrupted. If you’re lucky enough to have the help of IT professionals, you might be able to get things back to normal without too much trouble. But if you’re on your own, you might wish that you could somehow turn back the clock to the days when the computer was working properly.

The Race to Deface

- Defacements of Web sites hit a new peak in December 2004, according to statistics compiled by zone-h.org, which has a database of what it calls “Web server cybercrimes.”
 




Beyond Print

SM Online

See all the latest links and resources that supplement the current issue of Security Management magazine.