Friday, April 30, 2010

Tips for using "anti-social" networks; US Air Force caught in own phishing net

US Air Force phishing test transforms into a problem | Security pros, meet your new best friend: the CFO

Network World Compliance

Forward this to a Friend >>>


Tips for using Twitter, Facebook and other "anti-social networks"
Corporations should institute daily one-minute Internet safety lessons that users must complete before they are allowed online, a security expert told Interop attendees this week, but he said even that might not work because attackers pay more attention to the advice than those it is intended to protect. Read More


WHITE PAPER: ArcSight

Building a Successful Security Operations Center
This paper outlines industry best practices for building and maturing a security operations center (SOC). For those organizations planning to build a SOC or those organizations hoping to improve their existing SOC this paper will outline the typical mission parameters, the business case, people considerations, processes and procedures, as well as, the technology involved. Building a Successful Security Operations Center

In this Issue


WHITE PAPER: Microsoft

Extended Security Features of Windows 7
Microsoft has added significant security enhancement to Windows 7. This Gartner research note details the capabilities available (many are only available to EA/SA subscribers), which features should be activated and where some security holes still remain. Read More.

US Air Force phishing test transforms into a problem
Sorry Airman Supershaggy, "Transformers 3" is not coming to Andersen Air Force Base. And by the way, you've been phished. Read More

Security pros, meet your new best friend: the CFO
Executives in charge of information security should make friends with the CFO, who can give them a broad overview of corporate priorities and see to funding the most important IT projects that protect corporate data. Read More

Symantec encryption buyouts raise open source, overlap questions
Symantec's announced acquisitions Thursday of data encryption specialists PGP Corp. and GuardianEdge Technologies have industry watchers wondering which products will stay and go, and how open source PGP will fare in the wake of the buyouts. Read More

Diary of a mad McAfee antivirus victim
As if McAfee's bad antivirus update last week wasn't bad enough, some customers were none too happy with how the security vendor's tech support handled the situation either. Read More

Symantec buying PGP Corp., GuardianEdge for $370 million
Symantec Thursday announced plans to acquire PGP Corp. and GuardianEdge Technologies for approximately $370 million, a move that will give Symantec a firm foothold in the encryption technology market. Read More


WHITE PAPER: ManageEngine

5 Keys to Preventing Application Delay
Examine the 6 challenges organizations face from application delays, as well as the 5 capabilities needed to effectively address and overcome problems. Read More

New tool makes end users responsible for data loss prevention
When there is a real-time alert, someone in IT has to make a decision: let the action go or quarantine the data. This is too time-consuming, and it requires IT to inspect the data. Check Point Software Technologies just introduced a DLP solution that puts the onus for remediating the alert onto the worker who triggered it. Read More

Inside Oracle's security assurance program
Oracle CSO Mary Ann Davidson walks SOURCE Boston attendees through her company's evolving secure coding effort. Read More

Terry Childs juror explains why he voted to convict
Terry Childs' guilty conviction struck a nerve with IT staffers this week. Read More

PDF exploits explode, continue climb in 2010
Exploits of Adobe's PDF format jumped dramatically last year, and continue to climb during 2010, a McAfee security researcher said. Read More

What's wrong with the PCI security standard
The security standard used to protect credit cards isn't up to the task and upgrades that are planned for this fall do virtually nothing to improve it, a security expert told Interop attendees this week. Read More


WHITE PAPER: Fluke Networks

Ethernet Performance Metrics
Ethernet performance measurement can help. Various metrics can quantify and characterize performance. Test plans can be written to satisfy varying organizational objectives. This white paper will describe advancements in field measurement of end-to-end Ethernet performance. Read More!

Encryption high-priority for Massachusetts
The Massachusetts data-privacy law that kicked in this March requires, among other things, the encryption of personally identifiable information when sent over the Internet. Government agencies have also been given their own guidelines by the state's governor, which has prompted new encryption technology deployments. Read More

Smartphone management becoming a nightmare
A survey of 475 Interop attendees pegged mobile device management as the biggest mobile concern, with 200 people saying that is their top worry. Read More

Computer contractor gets five years for $2M credit union theft
For the second time this week, companies are getting a stark reminder of the danger posed to enterprise networks and assets by insiders with privileged access. Read More

Glype 'anonymous' proxy may not cloak your identity
A widely used proxy service thought to provide anonymous Web surfing and used to skirt network administrator bans on access to sites like Facebook frequently reveals sensitive information about its users, according to a Swiss security researcher. Read More

Researcher: Social networks shouldn't reuse private info
A Microsoft researcher argues that user data should not be reused by social networks Read More

Opt-in ISP-level Internet filter wasn't feasible: Academics
An opt-in/opt-out ISP-level filter, first suggested in the February 2008 Feasibility Study into ISP Level Content Filtering, was never a feasible alternative to the current ACMA blacklist, according to academics and industry experts. Read More

Google patches Chrome for second time this month
Google patched three vulnerabilities in the Windows version of Chrome earlier in the week, marking the second time that it's plugged security holes this month. Read More



Join us on LinkedIn

Discuss the networking issues of the day with your colleagues, via Network World's LinkedIn group. Join today!
- Jeff Caruso, Executive Online Editor

Today from the Subnet communities

15 copies of CompTIA A+ study kits (book, video, flash cards) are available from Cisco Subnet.Deadline April 30. 15 books on Microsoft Systems Center Enterprise suite are available, too.

SLIDESHOWS

Confessions of tech hoarders
How much hardware do you have hidden in your home's nooks and crannies? One tech hoarder shares pictures of his stash, as well as those of some readers.

Interop history quiz
The venerable networking tradeshow Interop convenes this month in Las Vegas. Answer the following 10 questions about Interop, keep score and see how you stack up at the end.

MOST-READ STORIES

  1. Apple comes down hard on iPhone leakers
  2. Jon Stewart assails Apple for becoming "big brother"
  3. Texas man to plead guilty to building botnet-for-hire
  4. Admin who kept SF network passwords found guilty
  5. Is Sprint finally rebounding?
  6. Google Apps vs. Microsoft Office
  7. IPv6 tutorial
  8. FAQ: HP-Palm buy
  9. Microsoft patch causes hiccup in Cisco WAAS
  10. How to fix anything

Do You Tweet?
Follow everything from NetworkWorld.com on Twitter @NetworkWorld.

You are currently subscribed to networkworld_compliance_alert as security.world@gmail.com.

Unsubscribe from this newsletter | Manage your subscriptions | Privacy Policy

If you are interested in advertising in this newsletter, please contact: bglynn@cxo.com

To contact Network World, please send an e-mail to customer_service@nww.com.

Copyright (C) 2010 Network World, 492 Old Connecticut Path, Framingham MA 01701

** Please do not reply to this message. If you want to contact someone directly, send an e-mail to customer_service@nww.com. **


No comments:

Post a Comment