OpenStack
Opening Keynote | Mission-Critical Applications in the Cloud – Myth or Reality?
 From its origin in 1995, SSH, the secure shell data-in-transit protocol, has been used the world over as a method to transfer data between machines, as well as a tool to provide remote administrator access. Some variation of the protocol is packaged free in every version of Unix, Mac O...May. 13, 2013 02:30 PM EDT Reads: 1,386 |
 What is the most secure way to authenticate electronic data? Until recently, many technical people would have answered ‘cryptographic keys’ without blinking. But recent headline events – and a ‘biggie’ last year – have raised serious doubts about the ability of cryptographic keys to pr...May. 13, 2013 06:15 AM EDT Reads: 2,390 |
 A mini Y2K event for applications stranded on those old, obsolete servers. The challenge is clear. EOL means no more patches and security vulnerabilities increase on a daily basis. For those wishing to keep their machines running, this is a situation that requires action..
There are t...May. 8, 2013 11:00 AM EDT Reads: 1,560 |
 Every business wants to protect its confidential financial information. But for an organization like ours, financial information is our entire business. Over the course of a year, Broadridge handles millions of trades worth trillions of dollars, so it’s easy to see how security must be...Apr. 29, 2013 09:00 AM EDT Reads: 1,755 |
 Despite the recent flood of high profile network breaches, hacking attempts are hardly new. In 1995, I was attending school in Helsinki when I discovered a password “sniffer” attack in our university network. In response, I wrote a program called the “secure shell” to safeguard informa...Apr. 7, 2013 12:00 PM EDT Reads: 2,029 |
 It goes without saying that 'Big Data' is very much a hot topic right now. In fact, there doesn't seem to be a day when we're not being spoken to, about or on the subject, and when you consider the possibilities of what Big Data provides it's not hard to see why.
It allows organizati...Mar. 11, 2013 08:00 AM EDT Reads: 2,776 |
 2011 ended with the popularization of an idea: bringing VMs (virtual machines) onto the cloud. Recent years have seen great advancements in both cloud computing and virtualization. On the one hand there is the ability to pool various resources to provide Software as a Service, Infrastr...Feb. 11, 2013 08:00 AM EST Reads: 3,754 |
 A major telecommunications provider is tackling security, managing the details and the strategy simultaneously, and extending that value onto their many types of customers.
We definitely are at the time and place where attacks against organizations have changed. It used to be that you...Jan. 10, 2013 10:00 AM EST Reads: 2,084 |
 Centrify, the ISV that makes its living leveraging Microsoft’s Active Directory, has got some new cloud-based widgetry that lets organizations centrally secure and control access to their Software-as-a-Service (SaaS) deployments.
The adoption of SaaS apps combined with the Bring-Your...Dec. 17, 2012 07:30 AM EST Reads: 3,420 |
 Designing and implementing a hybrid encryption application is a big challenge but without a supporting infrastructure it’s almost impossible. There are open source libraries that allow you to encrypt a file but only provide the translation technique. After the information has been encr...Dec. 9, 2012 04:00 PM EST Reads: 3,799 |
 Lake Health's Information Security Officer has been expanding the breadth and depth of risk management there to a more holistic level -- far more than just a series of security products.
Many people are practicing IT security and they're employing products and technologies. They're pu...Dec. 3, 2012 06:45 AM EST Reads: 2,604 |
 Wireshark doesn’t just work in real time. If you save a history of network activity in a pcap file using a tool such as tcpdump, you can filter the data with Wireshark to search for evidence.
Intrusion detection tools that use the libpcap C/ C++ library [1] for network traffic capture...Dec. 1, 2012 03:00 PM EST Reads: 4,889 |
 PCI compliance is an absolute must for any commercial entity that is selling products or services over the Internet. It is bound up with the very strict lawful requirements, but there are many other very elementary consumer-based reasons to employ it. Not least of these is the concept ...Nov. 27, 2012 08:30 AM EST Reads: 2,210 |
 Imagine it as if it’s actually happened – your network has crashed and all your organization’s critical applications and associated data have vanished. This worst-case scenario is one every business owner fears. Whether it’s due to a storm, a break-in or the crash of your hard drive, t...Nov. 26, 2012 08:00 AM EST Reads: 2,631 |
 Liberty Mutual Insurance is building security deeply into its overall business practices, not just viewing it as an IT add-on. This has led to higher enterprise resiliency and responsiveness to risk.
We'll see how the requirements of compliance and regulatory governance are aligning w...Nov. 15, 2012 07:00 AM EST Reads: 1,678 |
 It’s that time of the year again. The flood of email alerts showcasing online holiday shopping deals fill the inbox at your office PC, laptops and wireless devices as merchants attempt to lure online shoppers to “click and save” while supplies last. In fact, reports show that this year...Nov. 14, 2012 10:40 AM EST Reads: 1,656 |
 Data centres are the lifeline of organizations and companies. This is because most backend operations like web hosting, data back up, data storage, email hosting and e-commerce activities are all carried out at the data centres. These data centres are also pivotal in ensuring websites ...Nov. 13, 2012 10:43 AM EST Reads: 844 |
 Using technology to break down corporate silos within IT is not a new concept, but seeing it in action is a testament to the power technology has to transform business. One area of IT that is currently undergoing such a transformation is network security operations. Over the past few y...Sep. 28, 2012 11:00 AM EDT Reads: 2,599 |
 Earlier this week, the Massachusetts Eye and Ear Infirmary and Massachusetts Ear and Eye, Inc. (MEEI) agreed to pay a hefty $1.5 million settlement to the U.S. Department of Health & Human Services for alleged HIPAA violations. According to MEEI, a personal laptop that contained unencr...Sep. 22, 2012 01:00 PM EDT Reads: 2,809 |
 PCI DSS is the industry standard for the safe and secure processing of payment card transactions. In order for a business to effectively process card payments, PCI DSS needs to be used and maintained. As more firms head online, the internet offering a great many business opportunities ...Sep. 20, 2012 01:00 PM EDT Reads: 2,297 |
 The powerful Metasploit framework helps you see your network as an intruder would see it. You might discover it is all too easy to get past your own defenses.
The Metasploit Framework is a penetration testing toolkit, exploit development platform, and research tool. The framework incl...Sep. 16, 2012 02:00 PM EDT Reads: 4,247 |
 Whether you choose to embrace it or you try to resist it, the BYOD (Bring Your Own Device) trend is set to grow. The Cisco IBSG Horizons Study found that 78% of white-collar workers in the U.S. use a mobile device for work purposes and 41% of respondents indicated a majority of smartph...Aug. 13, 2012 08:00 AM EDT Reads: 2,413 |
 The data center (as we knew it) is never going to be the same. Fluid changes are already in motion, brought about largely as a result of ‘paradigm’ shifts in computing.
empowerment for those that can bring meaningful analytics to bear upon the new data stack and, conversely, security ...Aug. 13, 2012 03:00 AM EDT Reads: 4,327 |
 A penetration tester simulates an attack on a customer’s network by trying to find a way inside. Many such attacks begin using a scanning tool, such as NeXpose, Nessus, or Nmap, to look for network vulnerabilities; however, several of the leading Intrusion Detection/Protection systems ...Aug. 8, 2012 02:00 PM EDT Reads: 3,212 |
 There’s a house on my block that is constantly under renovation. Last year, the owners added on an in-law suite. This spring, they expanded their kitchen. A neighbor told me there are in plans in the works to extend the deck before fall. All of this has me wondering are these folks rea...Aug. 8, 2012 10:15 AM EDT Reads: 2,589 |
 The Open Group's Jim Hietala recaps presentations at the recent Open Group Conference on cybersecurity and protecting global supply chains.
Cybersecurity is at a critical juncture, and conference speakers highlighted the threat and attack reality and described industry efforts to move...Jul. 25, 2012 02:29 PM EDT Reads: 2,825 |
 Identity theft, password breaches, viruses and worms, phishing attacks, Stuxnet—the more we rely upon technology in our increasingly connected world, the greater the risk that we’ll be hacked. Even worse, it seems that the rate at which hacking stories come across the wire is actually ...Jul. 19, 2012 09:51 AM EDT Reads: 2,890 |
 Creating a Vulnerability Analysis is a quick and dirty calculation to help you begin the protection process. Nothing speaks to a business owner like the threat of losing money, losing customers, or losing employees. If you are tasked with "figuring it out", the following calculation is...Jul. 19, 2012 07:00 AM EDT Reads: 4,017 |
 This thought leadership interview examines the latest efforts to make global supply chains for technology providers more secure, verified, and therefore trusted.
The Open Group has a vision of boundaryless information flow, and that necessarily involves interoperability. But interoper...Jul. 17, 2012 09:30 AM EDT Reads: 2,338 |
 Agile businesses are scrambling today as employees bring their shiny new personal mobile devices into the workplace and want to use them to get their work done. But the wide variety of mobile devices used by those workers can make it tough for IT departments to support all of them whil...Jul. 17, 2012 09:30 AM EDT Reads: 2,443 |
 Disaster recovery represents a fundamental aspect of business, as it involves a series of steps taken in order to minimize the effects of an unplanned outage. This can include a natural disaster such as an earthquake, a computer virus that rips through systems or a gaping hole in secur...Jul. 17, 2012 08:00 AM EDT Reads: 2,231 |
 An Open Group panel explores how the technical and legal support of ID management best practices have been advancing rapidly.
ID management is really the process of identifying folks who are logging onto computing services, assessing their identity, looking at authenticating them, and...Jul. 10, 2012 09:45 AM EDT Reads: 2,767 |
 Government agencies in the United States and around the world are increasing their use of social media to enhance the quality of government services and to encourage more citizen engagement and dialog. When used properly, social media can build trust and develop more efficient communic...Jul. 6, 2012 10:45 AM EDT Reads: 3,600 |
 I’ve received a lot of questions lately about security in the Cloud and what CTOs should be considering when they are evaluating it. Here’s my advice, treat the Cloud like an extension of your corporate or production network, don’t treat it or hold it to a lower standard assuming that ...Jun. 30, 2012 04:00 PM EDT Reads: 2,859 |
 Is your business creating a mobile app? It’s all the rage, of course. Ninety-one percent of the top 100 brands have branded apps out according to a report by mobile analytics firm Distimo last October. Symantec just announced new research that says 53% of North American companies are m...Jun. 27, 2012 12:45 PM EDT Reads: 1,972 |
 Many IT departments have weak patching processes – especially on the client-side. And it’s no wonder – patching is tough. Across all industries and platforms, the Window of Exploit (WOE) – that is, the time lag between announced discovery and the availability of a patch – for web-based...May. 26, 2012 02:00 PM EDT Reads: 2,198 |
 Just as business critical as perimeter security, having strong internal controls to manage users is important. Using cloud-managed security tools can help reduce incidents.
So much is written about the events outside your perimeter; those nefarious and shadowy individuals and offshore...May. 15, 2012 10:00 AM EDT Reads: 2,015 |
 A recent article in Government Computer News raised the topic of FISMA reporting, specifically describing the “pessimism” of many USG agencies over meeting the September 2012 deadline for “using continuous monitoring to meet Federal Information Security Management Act reporting require...May. 4, 2012 10:00 AM EDT Reads: 2,686 |
 When we aren’t fighting crime, taking over the world, or enjoying a good book by the fire, we here on the eEye Research team like to participate in the Any Means Possible (AMP) Penetration Testing engagements with our clients. For us, it’s a great way to interact one-on-one with IT fol...Apr. 5, 2012 10:00 AM EDT Reads: 4,149 |
 In most organizations today, there is sensitive data that is overexposed and vulnerable to misuse or theft, leaving IT in an ongoing race to prevent data loss. Packet sniffers, firewalls, virus scanners, and spam filters are doing a good job securing the borders, but what about insider...Mar. 5, 2012 06:00 AM EST Reads: 2,632 |
Subscribe to SOA World Magazine Email News Alerts
Subscribe via RSS
