IT Security

Security bloggers help keep you up to date on how to protect your network through news, updates, advice, and opinions on how you can stay ahead of hackers.

  • Tom Olzak // July 13, 2008, 9:00 PM PST

    Security Tools: Sun's VirtualBox

    Using Sun Microsystems' VirtualBox, Linux security tools and threat testing can be executed on a Windows platform. And the cost is right. VirtualBox is an open-source solution.


  • Chad Perrin // July 13, 2008, 10:19 AM PST

    The reason I talk about security

    Security isn't just for professionals any longer -- it's important for everyone to maintain a basic level of security awareness. Find out why.


  • Paul Mah // July 13, 2008, 4:59 PM PST

    Security news roundup: Google ordered to hand over YouTube records

    This week's security events includes news of Google being ordered to turn over YouTube records to Viacom, security updates released for Drupal CMS, and news of legal action taken by chip maker NXP against the security researchers that cracked its Mifare chip.


  • Tom Olzak // July 15, 2008, 9:00 PM PST

    Does IT security really need more whistle-blowers?

    The fact you disagree with management's interpretation of risk, and the security controls they refuse to implement, does not necessarily constitute corporate negligence. Weigh your options carefully if you're inclined to report your boss to an outside agency.


  • Chad Perrin // July 17, 2008, 3:28 AM PST

    Five good security reads

    Check out a list of five security related books Chad Perrin has read in the past year that he thinks you should read, too.


  • Chad Perrin // July 19, 2008, 10:13 AM PST

    Who is really to blame for the San Fran network lockout?

    A strange sort of techno-drama is playing out in the city of San Francisco, California right now. The blame for the fiasco may not be as easily assigned as it first appeared.


  • Tom Olzak // July 20, 2008, 9:00 PM PST

    Strong password management for the mobile user

    Truly strong passwords are necessary to protect our information, but they can be a pain to generate, manage, and access globally. There are free online tools that can help meet these challenges.


  • Paul Mah // July 20, 2008, 4:59 PM PST

    Security news roundup: Free software to trace stolen laptops

    This week's security events includes news of a free laptop tracking system, patches released to fix two critical holes in Firefox, a critical vulnerability of the BlackBerry Enterprise Server, and the release of Adobe Acrobat 9.


  • Rick Vanover // July 21, 2008, 12:25 AM PST

    Compliance audits must go beyond only the technology

    Compliance audits driven simply on technology analysis can fall short of a quality compliance assessment. Here is a peek at a solution that focuses not only on the technology, but the people, processes, and facilities involved.


  • Chad Perrin // July 22, 2008, 4:19 AM PST

    Bignum arithmetic and premature optimization

    What does Knuth's statement, "premature optimization is the root of all evil," mean for security?


  • Tom Olzak // July 22, 2008, 9:00 PM PST

    The security control nobody used...

    Not every security control is successful, particularly those not transparent to business users. This is the story of a failed attempt to encrypt email and the lessons learned.


  • Chad Perrin // July 25, 2008, 7:39 AM PST

    Use tcpdump for traffic analysis

    The tcpdump tool is powerful and flexible, but compared with graphical tools like Wireshark its effective use may appear to be a dark art. It really isn't that difficult to use once you pick up the basics, though.


  • Tom Olzak // July 27, 2008, 9:00 PM PST

    Five ways to show business value of M-F authentication

    There's more to selecting an enterprise second-factor authentication method than meets the retina scanner. As with any IT project, each dollar spent must produce business value. With M-F authentication, this translates to value beyond simply verifying an employee's identity.


  • Paul Mah // July 27, 2008, 3:42 PM PST

    Security news roundup: Tool lets you resolve location of rogue Wi-Fi users

    This week's security events includes news of a security update to the popular Thunderbird e-mail client, news of a buffer overflow in BEA WebLogic, exploits for DNS vulnerability released, and a tool that allows you to resolve the actual physical location of rogue Wi-Fi users.


  • Tom Olzak // July 29, 2008, 9:00 PM PST

    Write information owner responsibility into policy

    The information owner is a key player in protecting sensitive data and systems. His or her role must be clearly defined in policies. However, security personnel should review information owner decisions to ensure regulatory and policy compliance.