Our Security Blog with topical news and information will keep you in the know.
We need a fresh start in endpoint security. Recently tested legacy AntiVirus products detected 30% of malware, which is less accurate than the 50% one might get from tossing a coin to decide if something is malware. (more…)
If your business partners are accessing your sensitive data on your mission critical servers, you may find yourself living in excessively interesting times. (more…)
This gathering of information security experts revealed issues that will impact us all. IT personnel must stay on top of them in the years ahead to secure their organization’s information assets. (more…)
Search the national vulnerability database (http://nvd.nist.gov/nvd.cfm) for medium and high severity vulnerabilities involving “ActiveX”. You would find dozens of examples in 2008 alone that could enable a hacker to “own” one or more endpoints in your organization. Hackers can use these to steal information from your PCs, infect others, and steal data from whatever servers those PCs interact with. Good news: you can do something about it!
(more…)
In general, IT personnel are far more knowledgeable and skilled than end-users when it comes to information security. Consequently, IT personnel prefer to limit what end-users can do on their assigned endpoints by provisioning end-users without administrative privileges. This sounds reasonable: the less users can do to alter their machines, the less likely they are to expose their networks and systems to security breaches. By the way, minimizing dependence on end-users making correct information security decisions is almost always good policy.
