INFORMATION

Site Map - IT Security

IT Security

- The three biggest data security concerns for businesses: outside data harvesting attacks, exposing sensitive information to unauthorized users, and accidental loss of employee data. Read more about the report here.

A Site to See

- In order to ensure that your PC is protected from malware, it helps to run a few tests. Auditmypc.com offers just that: a handful of free, relatively quick self-assessments. Options include testing the strength of your firewall and your protection against pop-ups.

Drive-By-Downloads

- About ten percent of Web pages contain malicious code, according to a Google study.

Business PC Risk

- Thirteen percent of corporate PCs have had unauthorized USB devices attached to them, creating the risk for data loss and malware to enter the corporate system.

Crooks Zero in on Valuable Data

- Zero-day attacks - the name given to exploits of vulnerabilities for which no patch is available - are the bête noires of IT security. Unfortunately, discoveries of not-yet-patchable vulnerabilities are on the rise, raising the specter of more zero-day exploits. Learn more about zero-day attacks and what you can do to combat them here.

Security and Outsourcing: Negotiate Early

- As a growing number of U.S. companies outsource software creation and data-handling functions to service providers located in other countries, the issue of data protection has gained prominence. One such problem is that 'backdoors' could be inserted in code for later use and that personal financial data could be stolen.

Insights on Internet Investigations

- The National Institute of Justice has issued another in its series of reports on investigating high-tech crimes. It provides guidance on such issues as tracing an Internet address to its source. It also looks at specifics with regard to various issues such as Web site capture tools and Web archiving sites that may help an investigator determine the content of a site at the time the crime was committed. It likewise discusses the unique concerns involved in investigations of instant messenging (IM), chat rooms, and Internet Relay Chat. It notes, for example, "Service providers are not required to retain IP address information. Therefore, when an IM program is involved, time is of the essence." Read the complete report.

Wireless Intrusion Prevention WIPing Into Shape

- Major companies pay increased attention to preventing wireless network intrusion.

A Site to See

- Hak.5 calls itself “a television show for geeks, hackers, and do-it-yourselfers” that is distributed online in short YouTube segments. Find out more about the exploits that are coming your way by visiting Hak.5., this month’s Site to See.

Software Security: Building Security In

- McGraw goes into detail not only about writing secure code but also about key related areas, which he terms “the seven touchpoints of software security.”

Cybersecurity Progress

- The Homeland Security Department is still struggling to fulfill its cybersecurity responsibilities, according to this report from the Government Accountability Office.

A Site to See

- A television show for geeks.

A Healthy Way to Protect Patient Data

- A healthcare organization found that it needed a way to control the use of removable media to ensure that patient data remains protected.
 




Beyond Print

SM Online

See all the latest links and resources that supplement the current issue of Security Management magazine.