Friday, July 29, 2011

The 5 biggest IT security mistakes

Prototype drive-by attack shows mobile threat | Exploit demo on tap at Black Hat could 'make your water undrinkable'

Network World Compliance

Forward this to a Friend >>>


The 5 biggest IT security mistakes
Like cleaning the windows, IT security can be a thankless task because they only notice when you don't do it. But to get the job done in the era of virtualization, smartphones and cloud computing, you've got to avoid technical and political mistakes. In particular, here are five security mistakes to avoid. Read More


WHITE PAPER: Qwest

Manage Complexity, Cost and Compliance
To outsource or not to outsource IT security—that is the question for enterprises as they face increasingly complex cyber threats. Managed security services can help organizations alleviate the cost and complexity of proactively securing the IT infrastructure. Read Now.

WHITE PAPER: Fujitsu

New TPC-E Benchmark Results Revealed
A "glue-less" design, where no additional hardware is necessary to run all eight CPUs and all memory slots enable the shortest route between processors, memory modules and I/O hubs inside a single chassis. It's just one of the many reasons Fujitsu servers are leading the way in TCP-E benchmarks and overall price/performance. Read now!

Prototype drive-by attack shows mobile threat
In an analysis of current mobile security, one firm finds 8 percent of apps send off sensitive identifiers and demonstrates a possible drive-by attack vector. Read More

Exploit demo on tap at Black Hat could 'make your water undrinkable'
A demo at Black Hat next week will remotely hack a car alarm, unlock the doors and start the vehicle, but that's just a parlor trick to call attention to a bigger problem that has the Department of Homeland Security on alert. Read More

Sniffer hijacks secure traffic from unpatched iPhones
Almost anyone can snoop the secure data traffic of unpatched iPhones and iPads using a recently-revised tool, a researcher said today as he urged owners to apply Apple's latest iOS fix. Read More

20 of the weirdest, wackiest and stupidest sci/tech stories of 2011 (so far!)
From IT geeks winning millions to Google mush-brain syndrome, 2011 is shaping up to be one wacky year Read More


WHITE PAPER: Extreme Networks

Identity-Aware Networking
Download this whitepaper today discover how IT can integrate identity and networking, enabling new business processes and easing regulatory compliance while improving security. Read now!

IT security's scariest acronym: BYOD, bring your own device
The torrent of smartphones and tablets entering companies has created some interesting challenges for security managers. The new devices introduce new operating systems, new development environments and new security risks, but no new control. The scariest acronym in security might well be "BYOD," or "bring your own device." As companies develop security and mobility strategies to deal with these devices, it is worth bearing in mind the lessons learned from managing laptops. But it is also worth applying some of the new lessons from smartphones on the laptops, too! Read More

Black Hat: Embedded Web servers open printer, scanner security holes
It's fairly simple to find corporate or consumer printers and scanners online and, without breaking into them, get a hold of documents that these devices recently processed. Read More

Debate rages over how to manage personal mobile devices used for work
Increasingly, businesses accept the idea that employees should be able to use their personal mobile devices, such as smartphones and tablets, for work. But debate is raging as to whether these employee-owned devices should be managed and secured exactly as corporate-owned devices might be. Read More

HBGary Federal legal threats, not Anonymous chase Aaron Barr out of Defcon security conference
Aaron Barr, the tech executive who bailed out of a talk at the Security B-Sides conference after the hacker collective Anonymous attacked the company he worked for, is bailing out of yet another conference, this time chased away by his former boss. Read More


WHITE PAPER: Quest Software

5 Tips for Effective Backup & Recovery
In this Quest white paper, discover proven techniques to maximize and secure your virtual investments. Learn to increase backup speed, maximize throughput, and minimize performance drains while reducing costs. Read the white paper today. Read More.

Black Hat Pwnie Award winner will be a criminal
Law enforcement may be interested to see if anyone actually shows up to this year to accept the annual Pwnie Award for Epic Ownage at Black Hat, since all the nominees face possible criminal charges. Read More

Swartz, guilty as charged?
Aaron Swartz, founder of progressive action group Demand Progress, has been a bad boy, but how bad? Read More

Is your IT support making you vulnerable to hackers?
Data breaches are more prevalent and more costly than ever. Smarter technologies seem to breed smarter hackers, making it difficult for IT to keep up. But sometimes IT unwittingly helps the bad guys by improperly using core tools, such as remote support mechanisms. Read More

Shrinking IT staff leaves security projects in the lurch
Lately, I've been struggling with trying to get resources for my security projects. As my security program continues to grow and develop, I'm at the stage where I'm rolling out new security technologies, but I'm starting to run into roadblocks when it comes to getting server, network and desktop team support. It's ironic: I got the budget I need to buy security technologies, and I bought the products, but they're not installed yet because we don't have people available to do it. Read More



GOODIES FROM THE SUBNETS
Up for grabs from the Subnets: Cisco Subnet: 15 copies of IPv6 for Enterprise Networks books. Enter here.

SLIDESHOWS

The Geekiest iPad Apps Ever
We scoured the App Store to find the "geekiest" apps out there for the true purveyor of all things geek.

MOST-READ STORIES

  1. Wham Bam Google Ban: No Pseudonyms on Google Plus Profiles
  2. The 5 biggest IT security mistakes
  3. How to implement IPv6 in a Windows environment: an expert guide
  4. Why I was banned on Google+ (and how I redeemed myself)
  5. 15 incredibly useful (and free) Microsoft tools for IT pros
  6. Cisco rival Juniper lands Microsoft's Muglia
  7. Law firm rallies AT&T customers to block T-Mobile merger with lure of cash
  8. 10 technologies that will change the world in the next 10 years
  9. 10 things you shouldn't be able to buy online
  10. The problem with weak passwords and hijacked Hotmail

Do You Tweet?
Follow everything from NetworkWorld.com on Twitter @NetworkWorld.

You are currently subscribed to networkworld_compliance_alert as networking.world@gmail.com.

Unsubscribe from this newsletter | Manage your subscriptions | Subscribe | Privacy Policy

If you are interested in advertising in this newsletter, please contact: bglynn@cxo.com

To contact Network World, please send an e-mail to customer_service@nww.com.

Copyright (C) 2011 Network World, 492 Old Connecticut Path, Framingham MA 01701

** Please do not reply to this message. If you want to contact someone directly, send an e-mail to customer_service@nww.com. **


No comments: