JOURNAL ARTICLE - Like his counterparts at many universities, Bill Jiminez, systems architect at the University of the Pacific, has to balance security with the desire of faculty and students for openness.
Posted: September 15, 2008 | Published: September 1, 2008


Topics:  Security Best Practices | Security Managers | Security Policies

JOURNAL ARTICLE - A little more than a year ago, I wrote a Perspectives column about the role of ethics in information security certifications offered by ISACA, GIAC, (ISC)2 and ASIS.
Posted: September 15, 2008 | Published: September 1, 2008


Topics:  Security

JOURNAL ARTICLE - I've forgotten passwords before, but recently I actually forgot an account. I have a password scribbled on a note, and I have no idea what account name or system it's for.
Posted: September 15, 2008 | Published: September 1, 2008


Topics:  Password Synchronization | Passwords

JOURNAL ARTICLE - In this month's Viewpoint:<br> Bug Finding: Ethical and Necessary, plus Upfront Data Protection
Posted: September 15, 2008 | Published: September 1, 2008


Topics:  Credit Cards | Data Security | Data Stewardship | Error Handling

JOURNAL ARTICLE - While governance, risk and compliance tools over-promise, organizations need to streamline and break away from their siloed approaches.
Posted: September 11, 2008 | Published: September 1, 2008


Topics:  Compliance (Systems Operations) | Compliance Best Practices | Security Best Practices | Security Policies | Security Standards

JOURNAL ARTICLE - Three organizations reveal how they use a combination of frameworks such as COBIT or ISO 27001 along with GRC tools to satisfy overlapping industry and federal regulatory demands.
Posted: September 11, 2008 | Published: September 1, 2008


Topics:  CobiT | Security Best Practices | Security Management

JOURNAL ARTICLE - The security features in SQL Server 2008 are well thought out and properly implemented, by far the most significant change over its predecessors is its granular data security features: encryption, key management and meta data security enhancements.
Posted: September 11, 2008 | Published: September 1, 2008


Topics:  Database Management | Database Performance Management | Database Performance Management Software | Database Security | Database Server Software | Metadata | Secure Content Management Software | SQL | SQL Server

JOURNAL ARTICLE - This paper explains 4 organizations sharing the challenges and rewards of NAC implementations.
Posted: September 11, 2008 | Published: September 1, 2008


Topics:  Access Control | Network Security | Security Policies

WEBCAST - This webcast looks at five common pitfalls, drawn from lessons learned by four organizations that have deployed NAC.
Posted: September 9, 2008 | Premiered: September 24, 2008


Topics:  Access Control Software | Cost Benefit Analysis | IT Managers | Network Management | Network Operating Systems | Security

JOURNAL ARTICLE - Feature-rich suites are putting a face on integration and interoperability.
Posted: September 4, 2008 | Published: May 1, 2008


Topics:  Compliance Best Practices | Identity Management

JOURNAL ARTICLE - Poor change control can send your organization's security tumbling. Follow these 5 steps for a strong change management program.
Posted: September 4, 2008 | Published: May 1, 2008


Topics:  Change Management | Configuration Management

JOURNAL ARTICLE - Research ups awareness on backdoors that present attackers with a cheaper means of malware distribution and system access.
Posted: September 4, 2008 | Published: May 1, 2008


Topics:  Security Threats

JOURNAL ARTICLE - Security and privacy teams must work together to protect personal information in the digital age.
Posted: September 4, 2008 | Published: May 1, 2008


Topics:  Information Security | Privacy Rights

JOURNAL ARTICLE - Securing corporate networks against insider attacks is a difficult challenge to be sure. But how do you prevent such attacks on 1.5 million ATMs worldwide?
Posted: September 4, 2008 | Published: May 1, 2008


Topics:  ATM Networks | Security Software

JOURNAL ARTICLE - Outsourcing an application means your organization relinquishes some control; don't, however, loosen your grip on security.
Posted: September 4, 2008 | Published: May 1, 2008


Topics:  Email | Phishing

JOURNAL ARTICLE - The standard way to take control of someone else's computer is by exploiting a vulnerability in a software program on it. This was true in the 1960s when buffer overflows were first exploited to attack computers.
Posted: September 4, 2008 | Published: May 1, 2008


Topics:  Vulnerability Management

JOURNAL ARTICLE - We look at three GRC products and the distinct ways these tools can help organizations navigate the complicated regulatory game.
Posted: September 3, 2008 | Published: June 1, 2008


Topics:  Compliance Best Practices | Risk Management

JOURNAL ARTICLE - Nothing circumvents pricey defense-in-depth faster than people; educating workers about security is essential.
Posted: September 3, 2008 | Published: June 1, 2008


Topics:  Email Archiving | Security

JOURNAL ARTICLE - Compliance and security are business issues that require business solutions.
Posted: September 3, 2008 | Published: June 1, 2008


Topics:  Business Processes | Compliance Audits

JOURNAL ARTICLE - Virtualization changes the game for enterprise IT, but security doesn't have to be a barrier to implementation.
Posted: September 3, 2008 | Published: June 1, 2008


Topics:  Data Centers | Databases | Security | Web Applications Software

JOURNAL ARTICLE - Today's financial system makes identity theft inevitable by relying on none-too-secret identifiers.
Posted: September 3, 2008 | Published: June 1, 2008


Topics:  Financial Systems | Identity Theft

JOURNAL ARTICLE - Analytics is just a disciplined approach to doing data analysis. Some call it the science of data analysis, but it's basically taking the data you have and having a disciplined control methodology around how you look at the data and analyze it.
Posted: September 3, 2008 | Published: June 1, 2008


Topics:  Metrics

JOURNAL ARTICLE - Spam hasn't been "solved"; in fact, the scourge has grown worse as attackers continually trump counter-measures and refine their focus on high-value targets.
Posted: September 3, 2008 | Published: June 1, 2008


Topics:  Email Security | Spam

PODCAST - In a question and answer format, this podcast will explain the concept of a read-only domain controller and why security professionals should recommend its use.
Posted: September 2, 2008 | Premiered: September 2, 2008


Topics:  Intrusion Detection | Intrusion Prevention

EDITORIAL RESOURCE GUIDE - Log management presents enormous challenges. Automated log management products (and managed services) can provide considerable relief. This eBook examines log management's challenges and how your organization cut them down to size.
Posted: August 8, 2008 | Published: August 8, 2008


Topics:  Databases | Enterprise | HIPAA | Network Management | Regulations | Regulatory Compliance | Security | Server Management