Security Now Blog: Addressing Today's Information Security Issues

If your business partners are accessing your sensitive data on your mission critical servers, you may find yourself living in excessively interesting times. (more…)

This gathering of information security experts revealed issues that will impact us all. IT personnel must stay on top of them in the years ahead to secure their organization’s information assets. (more…)

The more complicated something is, the more likely mistakes were made in its making. Mistakes facilitate security breaches. All-in-one security appliances consist of millions and millions of lines of software code. They are extremely complex. A software mistake in just one of the applications (anti-virus, router, firewall, anti-spam, URL filtering, network intrusion prevention, VPN, etc.) or functions of an all-in-one security appliance can compromise all of the other applications. There are examples in the NIST National Vulnerability Database of vulnerabilities in one application that would compromise the others.

(more…)

In general, IT personnel are far more knowledgeable and skilled than end-users when it comes to information security. Consequently, IT personnel prefer to limit what end-users can do on their assigned endpoints by provisioning end-users without administrative privileges. This sounds reasonable: the less users can do to alter their machines, the less likely they are to expose their networks and systems to security breaches. By the way, minimizing dependence on end-users making correct information security decisions is almost always good policy.

(more…)

Many perceive anti-virus software as providing ‘fire and forget’ endpoint protection. It does not!

Many factors can interfere with the proper operation of these and other security tools such as anti-spyware, personal firewalls, and disk encryption.

(more…)