INFORMATION

Site Map - IT

Does SSL Lock Trouble In?

- SSL traffic is all but invisible to an enterprise, according to a survey of 319 IT security and networking professionals by Blue Coat Systems. More than 72 percent said they had no way to look inside SSL traffic, a situation that nearly 90 percent of the respondents said was risky, particularly as it can pass through firewalls unseen and untouched.

Defining Moment

- Every document file (for example, those such as .doc, .txt, .xls, and so on) could be sucked off your computer’s hard drive and onto an iPod in under two minutes, according to Abe Usher of Sharp Ideas, LLC, who created a proof-of-concept application to do just that.

Road of Risks

- Quarantining these laptops when they are attached to the network is a good way of preventing these backdoor attacks.

Numbers

- people who receive at least one phishing e-mail every day on a work computer

Delete, Now Erase

-

More Compliance, Less Security?

- Can regulatory compliance be reducing security? Plus, guidelines on media sanitization, more devious virus attacks, and quarantining mobile devices.

A Site To See

- Every day, analysts and security experts—all volunteers—from the SANS Internet Storm Center dissect the latest threats, monitor for Web-based “storms” such as virus or worm outbreaks, and dig through sanitized intrusion-detection and firewall logs sent in from people around the world. The incident “handlers” at the Internet Storm Center maintain a regular diary of security incidents and information, from how and where to submit tips about child pornography to details and screenshots of the latest phishing attempts. The site also includes lots of graphics showing, for example, the most targeted ports or where in the world most port scans originate. It’s this month’s A Site to See. @ Get to the Internet Storm Center via SM Online.

Does SSL Lock Trouble In?

- SSL traffic is all but invisible to an enterprise, according to a survey of 319 IT security and networking professionals by Blue Coat Systems. More than 72 percent said they had no way to look inside SSL traffic, a situation that nearly 90 percent of the respondents said was risky, particularly as it can pass through firewalls unseen and untouched.@ Highlights from the survey are at SM Online.

Old problems remain unsolved

- Half of 218 companies surveyed admitted that they had active user accounts belonging to former employees (an increase of 6 percent from 2004); nearly a quarter identified unauthorized personnel with administrator rights (a 4 percent increase); and more than half had worms compromise their networks. If there was a bright spot in the 2006 Mazu Networks Internal Threat Report, it was that 71 percent of worm infections were remediated in less than 24 hours. The IT professionals who responded to the survey came from 18 industries and government agencies. @ The full report is at SM Online.

More Compliance, Less Security

- Threats to your computer can range from gnatlike annoyances such as pop-up ads to the pointed hooks The Forsythe survey notes that 28 percent of the respondents had little or no confidence that they had detected all significant security breaches in the past year; even more alarming was that a similar number rated their current IT environment as more vulnerable than a year before. That, says John Kiser, CEO of Gray Hat Research Corporation, may be a sign that time or money spent by IT professionals on ensuring compliance to top management are resources taken away from other crucial security tasks.

What Are Your Weaknesses?

- The first step that a company can and should take along the road to better data security is to conduct a formal IT assessment.

New Threats

- Consumer Internet Threat Meter educates consumers on online risks.

Travel Tips

- Utimaco Software has listed Top Tips for Mobile Computing.
 




Beyond Print

SM Online

See all the latest links and resources that supplement the current issue of Security Management magazine.