Security truths get lost in the cloud

	Report blames IT staff for school Webcam 'spying' mess | 10 hot energy projects that could electrify the world
	Network World Security: Identity Management				Forward this to a Friend >>>
	Security truths get lost in the cloud There was an awkward moment during the keynote address for The Experts Conference last week. Conrad Bayer, Microsoft's general manager for identity and access, was addressing the delegates of the Directory and Identity track and, while talking about enterprise and organization movement to cloud computing, put up a slide that compared the migration to the cloud of small, midsize and large organizations. Read More WHITE PAPER: Oracle Business Agility Strategies For Midsize Organizations Midsize businesses have enormous IT pressures: building an infrastructure that is flexible, designed to accommodate rapid growth and meets compliance challenges with resources nowhere near larger enterprises. This video whitepaper explains how Oracle is delivering applications specifically for midsize businesses. Learn More In this Issue Report blames IT staff for school Webcam 'spying' mess 10 hot energy projects that could electrify the world Wi-Fi key-cracking kits sold in China mean free Internet Keep Your Personal Data Off the Market Agencies struggle to meet Obama's Open Government Directive U.S. Treasury Web sites hacked, serving malware Clear gearing up to return to airports Fast-spreading P2P worm targets USB drives FireEye malware blockers don't rely on signatures 5 Technology Security Myths, Busted WHITE PAPER: Riverbed Overcome Two Key Challenges with Virtualization How do you accelerate virtualization for your enterprise - and take IT flexibility and cost savings to the next level? Start by downloading this whitepaper from Riverbed. WAN optimization is a class of technology that has rapidly been adopted across enterprises in order to address the challenges of bandwidth limitations and latency over the WAN. Click here! Report blames IT staff for school Webcam 'spying' mess The IT department of the Pennsylvania school district accused of spying on students using their school-issued laptops took the brunt of the blame in an independent report released Monday. Read More 10 hot energy projects that could electrify the world There are thousands of projects underway to change the way the U.S. and the world produces and uses energy. Start-ups are looking to harness the world's ocean waves and build advanced fuel cell that produce data center-class electricity. Read More Wi-Fi key-cracking kits sold in China mean free Internet Dodgy salesmen in China are making money from long-known weaknesses in a Wi-Fi encryption standard, by selling network key-cracking kits for the average user. Read More WEBCAST: Webroot Anatomy of a Complete Security Solution Today's malware threats use any number of guises - viruses, phishing scams, network propagation, USB infection - but their motive is usually the same. Steal sensitive information. Attend this webinar to find out how to protect your organization against today's complex malware threats. Register now! Keep Your Personal Data Off the Market In 2003, author and security pioneer Simson Garfinkel conducted a study of data he found on second-hand hard drives. On eBay, Garfinkel bought the hard drive from an old ATM machine; it held 827 bank account PINs. Another drive he purchased on eBay had previously been owned by a medical center and contained information on 31,000 credit card numbers. Read More Agencies struggle to meet Obama's Open Government Directive An audit of efforts by government agencies to meet the Obama administration's Open Government Directive found some agencies have created strong plans while others are having problems. Read More U.S. Treasury Web sites hacked, serving malware Three Web sites belonging to the U.S. Department of the Treasury have been hacked to attack visitors with malicious software, security vendor AVG says. Read More WEBCAST: Actuate Solve Data Needs: BIRT Defined This webcast will give you a primer on BIRT including the technology and the community. BIRT can help you overcome the challenge of delivering accurate and meaningful data to users while minimizing IT development efforts. Learn more today! Clear gearing up to return to airports Clear is back. The troubled U.S. company that, for a fee, bumped travellers to the front of airport security lines has found a new owner and is now gearing up operations, according to its newly reactivated Web site. Read More Fast-spreading P2P worm targets USB drives A crafty new P2P worm appears to be spreading quickly among users of a range of popular file-sharing programs. Read More FireEye malware blockers don't rely on signatures FireEye Wednesday unveiled its first appliances built for in-line blocking of Web and e-mail malware using wholly non-signature-based detection methods. Ordinarily placed behind an organization's Internet perimeter firewall, the three versions of FireEye's Malware Protection System (MPS) can each detect and block inbound malware. They also monitor for any outbound communications from malware, such as bots trying to contact their master, on Windows-based machines that might have become infected. FireEye's previous intrusion prevention systems were limited to monitoring malware but not blocking it. "This is preventing malware and things missed by signature-based approaches," says Marc Maiffret, chief security architect. FAKE SIDE: Learn more about Maiffret and other White Hat hackers http://www.networkworld.com/slideshows/2010/041510-white-hat-hackers.html The three FireEye MPS models are designed to perform in-line at varying speeds, with open failover. The MPS 2000 Series operates at 50Mbps; the FireEye MPS 4000 Series at 250Mbps; and the FireEye 7000 Series at 1Gbps. Blocking traffic, as many intrusion-prevention systems http://www.networkworld.com/news/2010/031810-hackers-offered-100000-for-browser.html do today often using a mix of signature- and behavior-based recognition methodologies, is always problematic due to the question of false positives, and possibly blocking good traffic as well as bad. Maiffret said it's anticipated there may be some false positives with the in-line MPS but that the level will be very low. The underlying proprietary technology that FireEye has developed makes use of what Maiffret calls a virtual-machine detection method that basically mirrors real-time traffic inside the MPS appliance and replays it against many applications on it to see if they're compromised or attacked. A decision is made to allow or block the traffic in near real-time. Maiffret said the FireEye appliances are primarily intended to intercept the majority of Web-based attacks. The FireEye in-line MPS products cost from $24, 950 to the low hundred thousands depending on the model. 12 White Hat hackers you should know http://www.networkworld.com/slideshows/2010/041510-white-hat-hackers.html Hackers offered $100,000 for hacker and phone exploits http://www.networkworld.com/news/2010/031810-hackers-offered-100000-for-browser.html For once, a windows debacle not Microsoft's fault http://www.networkworld.com/community/node/60481?t51hb Read More 5 Technology Security Myths, Busted Think you can hide behind the privacy of an "unlisted" cell phone number? Think again. Maybe you believe you don't need security software on a Mac or iPad. You'd swear that Firefox is the safest browser in town. Wrong on both counts. Read More
	Join us on LinkedIn Discuss the networking issues of the day with your colleagues, via Network World's LinkedIn group. Join today! - Jeff Caruso, Executive Online Editor Today from the Subnet communities 15 copies of CCNP ROUTE study kits available and 15 copies of Unix and Linux System Administration Handbook up for grabs, too.Deadline May 31. SLIDESHOWS Geeky Weddings, Birthdays, and Funerals If you've ever dreamed of marrying a video-game character, having your ashes put in a computer, or holding your wedding on the deck of Star Trek's USS Enterprise, you're not alone. 2010 'Geek and Tech' Summer Movie Preview It's summer movie time again, time for the movie studios to trot out its blockbusters with explosions and all sorts of fun. Here's our picks for the favorite movies that techies and geeks (comic book fans, unite!) will be lining up for. MOST-READ STORIES Report blames IT staff for school Webcam 'spying' mess Erasing your digital tracks on the Web Dear Apple: Please make 'magical' disappear from iPad pitches U.S. Treasury Web sites hacked, serving malware 5 reasons why Google Chrome will crush IE in browser war 5 things you didn't know you could do with Google Apps Who owns www.cloud.com anyway? Geeky weddings, birthdays and funerals Dissecting Microsoft Office 2010 5 technology security myths, busted
	Do You Tweet? Follow everything from NetworkWorld.com on Twitter @NetworkWorld. You are currently subscribed to networkworld_security_identity_management_alert as security.world@gmail.com. Unsubscribe from this newsletter | Manage your subscriptions | Privacy Policy If you are interested in advertising in this newsletter, please contact: bglynn@cxo.com To contact Network World, please send an e-mail to customer_service@nww.com. Copyright (C) 2010 Network World, 492 Old Connecticut Path, Framingham MA 01701 ** Please do not reply to this message. If you want to contact someone directly, send an e-mail to customer_service@nww.com. **