INFORMATION

Site Map - IT

DOT’s Security Off Track

- When the Zotob worm appeared only days after Microsoft released a patch that would have prevented infection, 700 Department of Transportation (DOT) computers were infected after a contractor connected a laptop to the DOT’s network against the department’s policy.

Worth a Look: Fencing Out Malicious Code

- Wayward wireless networks, a quarantine for malicious code, and infosec troubles at the Department of Transportation.

The Perils of Wireless Networking

- Wayward wireless networks, a quarantine for malicious code, and infosec troubles at the Department of Transportation.

Zero-day approaches

- The time between the disclosure of a computer vulnerability that can allow infection by a worm or virus and the release of an exploit that can attack that vulnerability has dropped from 6.4 days to 6.0 days. Meanwhile, the average time between the appearance of a vulnerability and the release of a patch is 54 days. Those statistics, which come from antivirus vendor Symantec’s most recent Internet Security Threat Report, are even more frightening when you consider that 1,862 new vulnerabilities were found in the first half of 2005. @  The Symantec report is available at SM online.

Password frustration

- How many passwords do you need to remember? A survey by RSA Security Inc. of 1,700 enterprise technology end users found that 71 percent had as many as 12, and almost one-quarter had more than 15. To keep track of these, the majority of users said that they keep a record on a PDA or a document on their PC; 19 percent keep a note attached to their computer or have another type of paper record in their office. @ More details of the RSA's security survey are at SM online.

A Site to See

- Web-page bookmarks are a great way to keep track of your own frequently traveled Web sites. But how can you find out what sites are most popular with other people? “Social bookmark” sites allow anyone who stumbles across an interesting site to immediately bookmark it and then post it to a central Web site to encourage others to visit it as well. One of the most prominent of these sites is del.icio.us, which posts hundreds of bookmarks each day. Posters can add comments to their bookmarks and categorize them under any number of different tags, including security, software, and hacks, that allow other users to search for new sites in specific categories. The del.icio.us site also provides a location for saving personal bookmarks that can be accessed from any computer so that if you’re on the road and want to visit a bookmarked page but don’t have your regular computer, you can find the links easily nonetheless. Best of all, the site is completely free.Social bookmarking is a great way to find new sites in any category of interest to you, and that makes del.icio.us A Site to See. @ Get there via SM Online.

Intrusion Prevention Fundamentals: An Introduction to Network Attack Mitigation with IPS

- The principal benefit of the book might be its good organization. Intrusion prevention is introduced in the first part, followed by an explanation of the two levels of intrusion prevention in Part Two. The final part of the book is devoted to sample deployment solutions.

Enemy at the Water Cooler: Real-Life Stories of Insider Threats and Enterprise Security Management Countermeasures

- New tomes on executive protection, homeland security, and the rise of private military companies in the post-9-11 world draw rave reviews.

@ Worth a Look

- Each time a laptop is stolen from a public- or private-sector employee, there is a hue and cry about whether it was encrypted or password protected or otherwise had its data secure from prying eyes. These high-tech solutions sometimes overshadow the low-tech equipment that could have prevented the theft in the first place.

New in Plaintext

- True to the title, this book is easy to understand, and the projects are easy to follow. They range from customizing the desktop panel with shortcuts to installing and running new applications. There’s even a chapter on learning to use the dreaded Terminal.

Security Goes to School

- New rules for the discovery of electronic evidence go into effect this month. Also, a range of laptop locks, and a study of data theft from higher-education institutions.

Top 10 Performing Security Stocks for November 2006

- Top 10 Performing Security Stocks for November 2006

Outbound Data

- Iowa State University conducted a survey and found that only 30 percent of companies monitor the content of outbound e-mails. See further findings online.
 




Beyond Print

SM Online

See all the latest links and resources that supplement the current issue of Security Management magazine.