INFORMATION

Site Map - IT Security

Arming the Road Warrior

- When employees travel on business, companies must ensure that their mobile computing does not put corporate data at risk.

The Price of Wireless Security

- A new survey finds companies will spend 10-20 percent more on security next year to protect their wireless networks and technology.

Does Cyberwar Violate Human Rights?

- Over at Reason, Michael Weiss has an intriguing argument in relation to the cyberattacks on Estonia this spring: Cyberwar violates human rights.

Behind the Numbers: A Surge in Phishing Attacks

-

A Site to See

- Machine agents such as robots or crawlers (called bots) visit millions of Web sites daily. Sometimes the use is benign, as when search agents use them to update their information. But these programs can also be harmful. They can be used to hunt for Web site vulnerabilities or harvest e-mail addresses for future spamming. They can also reduce a Web site’s bandwidth. A new site keeps an updated list of bad bots and crawlers. Web site host managers and business owners can download data for free from Botslist.com that can then be configured to block bad robots. It’s this month’s A Site to See.

IT Security

- What’s the number one threat to corporate security in 2007? While many believe it’s Web viruses, a new survey of European high level IT managers says it’s removable media devices.

IT Security

- The three biggest data security concerns for businesses: outside data harvesting attacks, exposing sensitive information to unauthorized users, and accidental loss of employee data. Read more about the report here.

A Site to See

- In order to ensure that your PC is protected from malware, it helps to run a few tests. Auditmypc.com offers just that: a handful of free, relatively quick self-assessments. Options include testing the strength of your firewall and your protection against pop-ups.

Drive-By-Downloads

- About ten percent of Web pages contain malicious code, according to a Google study.

Business PC Risk

- Thirteen percent of corporate PCs have had unauthorized USB devices attached to them, creating the risk for data loss and malware to enter the corporate system.

Crooks Zero in on Valuable Data

- Zero-day attacks - the name given to exploits of vulnerabilities for which no patch is available - are the bête noires of IT security. Unfortunately, discoveries of not-yet-patchable vulnerabilities are on the rise, raising the specter of more zero-day exploits. Learn more about zero-day attacks and what you can do to combat them here.

Security and Outsourcing: Negotiate Early

- As a growing number of U.S. companies outsource software creation and data-handling functions to service providers located in other countries, the issue of data protection has gained prominence. One such problem is that 'backdoors' could be inserted in code for later use and that personal financial data could be stolen.

Insights on Internet Investigations

- The National Institute of Justice has issued another in its series of reports on investigating high-tech crimes. It provides guidance on such issues as tracing an Internet address to its source. It also looks at specifics with regard to various issues such as Web site capture tools and Web archiving sites that may help an investigator determine the content of a site at the time the crime was committed. It likewise discusses the unique concerns involved in investigations of instant messenging (IM), chat rooms, and Internet Relay Chat. It notes, for example, "Service providers are not required to retain IP address information. Therefore, when an IM program is involved, time is of the essence." Read the complete report.
 




Beyond Print

SM Online

See all the latest links and resources that supplement the current issue of Security Management magazine.