IT Security

Security bloggers help keep you up to date on how to protect your network through news, updates, advice, and opinions on how you can stay ahead of hackers.

  • Paul Mah // December 30, 2008, 5:00 PM PST

    The most interesting security hacks and tools in 2008

    Even for seasoned IT professionals, the constantly shifting field can be befuddling. In case you missed it earlier, I highlight some of the most interesting hacks of 2008 for your attention.


  • Chad Perrin // December 30, 2008, 5:35 AM PST

    Internal defenses are part of layered security strategy

    A smart administrator will protect IT resources not only from the outside world, but from other resources inside the network as well.


  • Tom Olzak // December 28, 2008, 8:00 PM PST

    Anatomy of a small business break-in

    This is the story of an actual break-in, the physical security weaknesses discovered in the post break-in assessment, and what was done to strengthen protection of physical, financial, and information assets.


  • Paul Mah // December 28, 2008, 5:00 PM PST

    Security News Roundup: The most interesting security news of 2008

    For this week's security events I have compiled what I think are some of the most interesting security-related news stories of 2008. More than the need for immediate mitigation of newly-uncovered vulnerabilities, the news highlighted here has more far-ranging implications in the security arena. I recap the issues involved.


  • Paul Mah // December 25, 2008, 5:13 PM PST

    Security News Roundup: Keyloggers used to harvest banking credentials

    This week's security events include news of Microsoft confirming a serious SQL Server bug, Check Point acquiring Nokia's Security Appliance business, and a peek into the shady underworld of harvesting banking credentials using keyloggers.


  • Tom Olzak // December 23, 2008, 8:00 PM PST

    Server virtualization: Is it worth the risk?

    There are many who claim virtualization adds additional vulnerabilities to already complex security environments. So is this true? Is virtualization increasing organizational risk? And if it is, is the value gained worth a little risk acceptance?


  • Chad Perrin // December 23, 2008, 4:19 AM PST

    5 precautions to take for the holiday break

    What do you think about when Christmas approaches? Some of us think about how vulnerable our networks might be while we're away on vacation.


  • Paul Mah // December 22, 2008, 5:00 PM PST

    Insecure by design

    Despite the availability of robust and secure solutions, organizations persist in implementing insecure design in a bid to save on cost. Paul Mah highlights a couple of examples.


  • Tom Olzak // December 21, 2008, 8:00 PM PST

    What were they thinking? Security design without the user in mind

    What responsibility do security vendors and government agencies have to deliver or mandate secure products and services? I found myself asking this question repeatedly last week, as two incidents occurred which prompted a 'what were they thinking' response.


  • Paul Mah // December 19, 2008, 12:28 AM PST

    Security News Roundup: Spam to hit record levels in 2009

    This week's security events include news of Microsoft, Mozilla, and Opera releasing patches for their respective browsers, warning that spam will hit record levels in 2009, and the release of The 2008 Annual Security Report from Cisco.


  • Chad Perrin // December 16, 2008, 3:11 AM PST

    Distributed security cracking

    Will the future of security cracking lie in "cloud computing"?


  • Tom Olzak // December 14, 2008, 8:00 PM PST

    Use free sandboxing software to isolate risky behavior

    Sandboxie creates an isolated operating environment which prohibits applications from directly writing to anything on local or mapped drives unless I want it to.


  • Paul Mah // December 11, 2008, 10:00 PM PST

    New solutions to remotely secure a stolen laptop

    In the past, a lost laptop automatically meant a compromise of whatever confidential data it contained. This is changing for the better, however. Paul Mah discusses the latest developments on the anti-theft front, featuring remote management or deletion of data for laptops that are lost or stolen.


  • Tom Olzak // November 23, 2008, 8:03 PM PST

    Shifting from compliance to security requires patience

    It is not just government managers who require behavior changes when it comes to securing sensitive assets. Managers in private industry often mistakenly see compliance as security. But changing this view takes patient persistence.


  • Paul Mah // November 22, 2008, 3:59 PM PST

    Security News Roundup: Yoggie opens up its miniature hardware firewall

    This week's security events include news that Sun has released a new patch for StarOffice 8, a malicious Web site link that can force iPhones to dial a number, news of a computer virus bringing the networks of three London hospitals to a standstill, and Yoggie opening up its miniature hardware firewall.