WHITE PAPER - Check out this expert eBook and learn about best practices and techniques for protecting your company's data with encryption technology.
Posted: October 28, 2008 | Published: October 28, 2008


Topics:  Data at Rest | Data Encryption | Data Encryption Software | Database Security | Information Security | Intrusion Detection Systems | Intrusion Prevention Systems | Payment Card Industry Data Security Standard Compliance

JOURNAL ARTICLE - Chris Nickerson is your worst nightmare. He's the guy you never see coming, the one who can slip into your data center, install malware on any server he chooses and ease out without so much as a shadow on your security cameras.
Posted: October 14, 2008 | Published: October 1, 2008


Topics:  Data Centers | Industrial Espionage | Malware | Outsourcing | Security Best Practices | Security Management | Security Systems | Security Threats

JOURNAL ARTICLE - Unravel the ins and outs of how your organization should deploy encryption.
Posted: October 14, 2008 | Published: October 1, 2008


Topics:  Data Encryption | Encryption Standards | Information Security | Security Best Practices | Security Infrastructure | Security Management | Storage Security

JOURNAL ARTICLE - Read personal essays from the 2008 Security 7 Award winners to learn more about history, convergence, information sharing, relationship management and developing strategic plans.
Posted: October 14, 2008 | Published: October 1, 2008


Topics:  Converged Networks | CRM | Project Management | Regulatory Compliance | Security | Security Industry | Strategic Planning

JOURNAL ARTICLE - Read what security people have to say. They want to be heard. They want to talk to the CIO, whisper in the CFO's ear, croon to the board, and scream at users. Problem is: an appropriate forum isn't always available. This article makes one available.
Posted: October 14, 2008 | Published: October 1, 2008


Topics:  Business Process Management | Enterprise Resource Management | Information Security | Risk Assessment | Security Best Practices | Security Industry | Security Managers

JOURNAL ARTICLE - Does risk management make sense? Experts Bruce Schneier and Marcus Ranum debate whether risk management is an appropriate strategic direction for information security professionals to follow.
Posted: October 14, 2008 | Published: October 1, 2008


Topics:  Business Processes | Information Management | Information Security | Risk Management | Security Best Practices | Security Managers | Strategic Planning

WEBCAST - This webcast looks at five common pitfalls, drawn from lessons learned by four organizations that have deployed NAC.
Posted: September 9, 2008 | Premiered: September 24, 2008


Topics:  Access Control Software | Cost Benefit Analysis | IT Managers | Network Management | Network Operating Systems | Security

PODCAST - In a question and answer format, this podcast will explain the concept of a read-only domain controller and why security professionals should recommend its use.
Posted: September 2, 2008 | Premiered: September 2, 2008


Topics:  Intrusion Detection | Intrusion Prevention

JOURNAL ARTICLE - Three organizations reveal how they use a combination of frameworks such as COBIT or ISO 27001 along with GRC tools to satisfy overlapping industry and federal regulatory demands.
Posted: September 11, 2008 | Published: September 1, 2008


Topics:  CobiT | HIPAA Compliance | Information Security | ISO | IT Auditing | Sarbanes-Oxley Compliance | Security Best Practices | Security Management

JOURNAL ARTICLE - Read about the security features in SQL Server 2008 in this article. By far the most significant change over its predecessors is its granular data security features: encryption, key management and meta data security enhancements.
Posted: September 11, 2008 | Published: September 1, 2008


Topics:  Database Management | Database Performance Management | Database Performance Management Software | Database Security | Database Server Software | Metadata | Secure Content Management Software | SQL | SQL Server

JOURNAL ARTICLE - This article shares the challenges and rewards that four organizations have experienced with NAC implementation.
Posted: September 11, 2008 | Published: September 1, 2008


Topics:  Access Control | Endpoint Security | Enterprise Systems | HIPAA Compliance | Information Security | Network Security | Security Policies

JOURNAL ARTICLE - Read this article to learn more about how governance, risk and compliance tools over-promise, and how organizations need to streamline and break away from their siloed approaches.
Posted: September 11, 2008 | Published: September 1, 2008


Topics:  Compliance (Systems Operations) | Compliance Best Practices | Information Security | Regulatory Compliance | Risk Assessment | Risk Management | Security Best Practices | Security Policies | Security Standards

JOURNAL ARTICLE - This article discusses the role of ethics in information security certifications offered by ISACA, GIAC, (ISC)2 and ASIS and what efforts have been made in ethics programs.
Posted: September 15, 2008 | Published: September 1, 2008


Topics:  Certification Programs | Ethics | Information Security | IT Governance | Professional Organizations | Training and Educational Services

JOURNAL ARTICLE - Read what writer Jay Heiser has to say about passwords and the security model that requires people to remember multiple passwords and logins, which has to change.
Posted: September 15, 2008 | Published: September 1, 2008


Topics:  Access Control | Endpoint Security | Identity Management | Identity Management Software | Password Synchronization | Passwords | Web Services Security

JOURNAL ARTICLE - Read a system administrator's reaction to an earlier Face-Off column in Bug Finding: Ethical and Necessary. Plus, a principal security analyst discusses Upfront Data Protection.
Posted: September 15, 2008 | Published: September 1, 2008


Topics:  Credit Cards | Data Security | Data Stewardship | Error Handling | Ethics | Identity Management | Identity Theft | Microsoft Operations Manager

JOURNAL ARTICLE - Read this interview to learn more about Bill Jiminez, systems architect at the University of the Pacific, and how he has to balance security with the desire of faculty and students for openness.
Posted: September 15, 2008 | Published: September 1, 2008


Topics:  Access Control | Active Directory | Data Management | Password Management | Passwords | Security Best Practices | Security Managers | Security Policies | University Programs

JOURNAL ARTICLE - This journal article explaings how information flows through business processes in an orderly fashion and that security must flow right along with it.
Posted: July 25, 2008 | Published: July 1, 2008


Topics:  Security Architectures | Security Audits | Security Best Practices | Security Hardware | Security Industry | Security Infrastructure | Security Management | Security Managers | Security Software | Security Spending | Security Standards | Security Systems | Security Threats

JOURNAL ARTICLE - Security Experts Marcus Ranum & Bruce Schneier Offer Their Opposing Points of View on the U.S. Department of Defense and cyberattacks.
Posted: July 24, 2008 | Published: July 1, 2008


Topics:  Cybersecurity | Cyberterrorism | Data Center Management | Data Security | Hackers | Security Policies | Security Threats

JOURNAL ARTICLE - In the four years since it was founded, the Jericho Forum has promoted a new approach to information security, one that takes into account that traditional hard boundaries between the company and the rest of the world are fast dissolving.
Posted: July 24, 2008 | Published: July 1, 2008


Topics:  Information Management | Information Security | Security Architectures | Security Best Practices | Security Hardware | Security Industry | Security Infrastructure | Security Managers | Security Policies | Security Software | Security Spending | Security Standards | Security Systems | Security Threats

JOURNAL ARTICLE - A national data protection law would help curtail identity theft and could boost international relations.
Posted: July 24, 2008 | Published: July 1, 2008


Topics:  Data Management | Data Security | Identity Management | Identity Theft | Information Management | Information Security | Security Threats

JOURNAL ARTICLE - Having trouble with PCI compliance? You're not alone. Auditors and audit survivors offer tips for how to achieve it.
Posted: July 24, 2008 | Published: July 1, 2008


Topics:  Business Intelligence | Payment Card Industry | Payment Card Industry Data Security Standard | Payment Card Industry Data Security Standard Compliance | Payment Processing

JOURNAL ARTICLE - Like most of the early Internet protocols, DNS wasn't meant to carry the burden it does today. It wasn't built with an Internet-as-ecommerce platform in mind. What's needed today is DNSSEC, more formally known as DNS Security Extensions.
Posted: July 24, 2008 | Published: July 1, 2008


Topics:  Cybersecurity | Cyberterrorism | Domain Name System Management | Domain Name Systems | Security Policies | Security Threats

JOURNAL ARTICLE - Information security has evolved in the past 10 years from a siloed, uber-secret endeavor to an accepted enterprise business practice.
Posted: July 24, 2008 | Published: July 1, 2008


Topics:  Information Management | Information Security | Security Best Practices | Security Policies | Security Threats

JOURNAL ARTICLE - Shutting down unneeded services, ports and accounts makes Windows Server 2003 tough to beat.
Posted: July 24, 2008 | Published: July 1, 2008


Topics:  Hackers | IIS | Security Architectures | Security Audits | Security Best Practices | Security Hardware | Security Industry | Security Infrastructure | Security Management | Security Managers | Security Software | Security Spending | Security Standards | Security Systems | Security Threats

JOURNAL ARTICLE - Having trouble with PCI compliance? You're not alone. In this article, auditors and audit survivors offer tips for how to achieve it.
Posted: July 24, 2008 | Published: July 1, 2008


Topics:  Payment Card Industry | Payment Card Industry Data Security Standard | Payment Card Industry Data Security Standard Compliance | Payment Processing