A strong Password isn’t the strongest Security

Make your password strong, with a unique jumble of letters, numbers and punctuation marks. But memorize it — never write it down. And, oh yes, change it every few months… Yes, that’s it? Or not?  “Keeping a keylogger off your machine is about a trillion times more important than the strength of any one of…


Security Secrets the Bad Guys don’t want you to know

[PCWorld] You already know the basics of internet security, right? But when you’ve got the basics covered, but you still don’t feel secure, what can you do? Here are a few advanced security tips to help you thwart some of today’s most common attacks. http://www.pcworld.com/article/201309/security_secrets_the_bad_guys_dont_want_you_to_know.html?&tk=hp_fv Urs    


Microsoft Security Compliance Manager released

The Security Compliance Manager will help you accelerate knowledge to merge best practices, customize once to centralize decision making, and export to multiple formats to enable monitoring, verification, and compliance. The tool is designed to help accelerate your organization’s ability to efficiently manage the security and compliance process for the most widely used Microsoft technologies….


Protecting Against Terrorism [PDF]

Centre for the Protection of National Infrastructure: This publication offers security advice and good practice for any organisation looking to protect against the risk of a terrorist act or limit the damage such an incident could cause. It sets out how a security plan might be developed and updated, the key measures that can help…


So Much Data, So Little Encryption

If you go solely by top-level stats on encryption use, you’ll come away feeling pretty secure — 86 percent of the 499 business technology professionals responding to our InformationWeek Analytics State of Encryption Survey employ encryption of some type. But that finding doesn’t begin to tell the real story. Only 14 percent of respondents say…


The Phishing Guide: Understanding and Preventing Phishing Attacks

This paper [PDF] covers the technologies and security flaws phishers exploit to conduct their attacks, and provides detailed vendor-neutral advice on what organisations can do to prevent future attacks. Security professionals and customers can use this comprehensive analysis toarm themselves against the next phishing scam to reach their in-tray. http://www.ngssoftware.com/papers/NISR-WP-Phishing.pdf Urs  


Protecting your computer while travelling

Protecting computer equipment is something that everyone should be concerned with today. It seems every week there is a news report of another stolen laptop with sensitive or confidential data on it. Here is a checklist that will help you prepare and protect your computer equipment while traveling anywhere as well as at special events:http://www.covert-operative.com/web/Laptop_travel_security.pdf…


Managing the Windows Vista Firewall

If you’re an IT pro who is looking a bit more seriously at Windows Vista for your enterprise environment, you should take a close look at the firewall. Once you realize what the Windows Vista firewall can do, you may want to renegotiate the agreement you have for that third-party security suite to remove the firewall from the…


Application Lockdown with Software Restriction Policies

When IT professionals look to reduce the total cost of ownership, or TCO, of their desktop machines, there are two key strategies that often come to mind. The first one is to get your desktop users’ accounts out of the Administrators group. And the second one is to limit the applications that the users can…


The Great Debate: Security by Obscurity

Security by obscurity is, in a nutshell, a violation of Kerckhoffs’ Principle, which holds that a system should be secure because of its design, not because the design is unknown to an adversary. The basic premise of Kerckhoffs’ Principle is that secrets don’t remain secret for very long. Debate by Jesper M. Johansson and Roger…