www.PenandCamera.com: Writing Samples: 2004 About | Clips | Photography | Photo/Visual | Writing | Updates
Writing Archive: 2004

Writing Archives: 2013 | 2012 | 2011 | 2010 | 2009 | 2008 | 2007 | 2006 | 2005 | 2004 | 2003

Complete stories by date:

Security on a Shoestring: Creating Internet policies on the cheap
Getting burned often drives organizations into security policy-writing action. Yet while the heat of the moment distills thinking, planning ahead never hurts.
Search SmallBizIT.comTechTarget.com (December 28, 2004)


Top Ten Security Trends for 2005
What's in store for information security
Enterprise Systems (12/15/2004)

HP Throttles Viruses, Cracks OpenView Identity
The latest security announcements from Hewlett-Packard
Enterprise Systems (12/15/2004)

In Brief
Charting spyware growth, identity theft at universities, safer Web browsing
Enterprise Systems (12/15/2004)

Data Compliance? ZIP It Up
The challenges of data protection must include all levels of competency in the chain of deployment.
IT Compliance Institute (12/14/2004)

Best Practices for Basel II Outsourcing
Third-party “service banks” may provide the manpower, but liability remains with the regulated institution.
IT Compliance Institute (12/14/2004)

New Enterprise Tools Attack Spyware
Spyware is a moving target. Pushing out one level of filters just doesn’t cut it any more.
Enterprise Systems (12/8/2004)

Case Study: Outsourced Network Security Uses Behavioral Modeling
The Yankee Group predicts that by 2010, 90 percent of all security will be outsourced. Here's how one company made its decision to choose a pro-active security solution.
Enterprise Systems (12/8/2004)

In Brief
Microsoft, Solaris vulnerabilities; top spyware threats; IPS use rising
Enterprise Systems (12/8/2004)

Best Practices: Coping with SEC E-mail Retention Guidelines
Meeting electronic discovery or regulatory requests for information with rapid e-mail retrieval
IT Compliance Institute (12/7/2004)

Q&A: Can Wireless Networks Be Secured?
Denial is not a legitimate wireless strategy
Enterprise Systems (12/1/2004)

Case Study: Securing Network Bandwidth
A packet-shaping tool can help handle worm outbreaks.
Enterprise Systems (12/1/2004)

In Brief
Database and Imsecure vulnerabilities, search software flaw enables sophisticated phishing attack
Enterprise Systems (12/1/2004)

Case Study: Finding and Fixing Security-Related Code Defects
Finding code problems was the challenge; a service provider's analysis held the answer
Enterprise Systems (11/17/2004)

Microsoft and IBM Hone Security Warning Systems
Better security updates in the offing
Enterprise Systems (11/17/2004)

In Brief
Microsoft ISA vulnerability may lead to phishing attacks, a new version of MyDoom targets the IFRAME vulnerability in IE, and survey finds bank clients willing to defect over banks’ lack of ID theft protections
Enterprise Systems (11/17/2004)

Buy time, patch virtually
Is speed the answer for patching Web applications?
SearchSecurity.com (November 11, 2004)

Best Practices: Patch Management
To more rapidly test patches and keep network configurations from drifting, keep a closer watch on every device’s configuration
Enterprise Systems (11/10/2004)

Does Open-Source Software Mean Better Security?
Setting the open-source security record straight
Enterprise Systems (11/10/2004)

In Brief
Highly critical IE vulnerability lacks patch; new attacks reanimate mobile AV
Enterprise Systems (11/10/2004)

Surf's Up
Matthew Schwartz finds safer alternatives to Internet Explorer
The Times (11/06/2004)

Bias-Free Security Testing
New security-risk management tools bridge the security/business gap
Enterprise Systems (11/3/2004)

Missing from SOX Compliance Efforts: IM Audits, Archives
With the November 15 deadline looming for many organizations, many companies still don’t have a plan for auditing and archiving instant messages.
Enterprise Systems (11/3/2004)

In Brief
Blame unusable security, not users; Apple worm; high-speed IPS
Enterprise Systems (11/3/2004)

Banks Face New Instant-Messaging Rules
The FDIC's latest advisory can have a direct impact on your compliance efforts.
IT Compliance Institute (10/27/2004)

Ten Best Practices to Secure Web Services
As more organizations embrace Web services (which opens back-office processes to partners and the Internet), a problem is emerging: who inside the organization is in charge of Web services security?
Enterprise Systems (10/27/2004)

Google Desktop Search Tool Raises Security Concerns
Free hard-drive indexing utility raises corporate security and privacy questions
Enterprise Systems (10/27/2004)

In Brief
Antivirus and browser vulnerabilities, unsubscribe may be unwise
Enterprise Systems (10/27/2004)

Understanding the 'Hole' Truth
Small to medium-sized businesses (SMBs) have been slow to tackle known vulnerabilities
SearchSecurity.com (10/22/2004)

Thwarting Next-Generation Denial-of-Service Attacks
Domain name registrar copes with DoS spike
Enterprise Systems (10/20/2004)

Q&A: Using Business Rules to Tackle Vulnerabilities
Identifying business assets to aid threat mitigation
Enterprise Systems (10/20/2004)

In Brief
Top 20 Windows/Unix vulnerabilities, Microsoft flaws and fixes
Enterprise Systems (10/20/2004)

Endpoint Security Grows But Interoperability Questions Remain
Increasingly, PCs must prove they're secure before a user can log onto the network
Enterprise Systems (10/13/2004)

Case Study: Credit Union Encrypts Data onto Secure USB Keys
How one financial company distributes secure information to its board of directors, many of whom work in an insecure environment
Enterprise Systems (10/13/2004)

In Brief
Human error and security; AOL's two-factor authentication; September viruses
Enterprise Systems (10/13/2004)

Factor Content Management into Your Compliance Efforts
Organizations may need to invest in new content management software to comply with Sarbanes-Oxley and HIPAA.
IT Compliance Institute (10/12/2004)

Best Practices: Security Budgeting for 2005
IT must cope with under-funded regulations, more CIO leeway
Enterprise Systems (10/6/2004)

Software vaults secure sensitive information
Software vaults are increasing the solution for securing passwords, notes from the board of directors, and more
Enterprise Systems
(10/6/2004)

In Brief
RealPlayer and JPEG vulnerabilities; security insurance
Enterprise Systems (10/6/2004)

Smart Cards Gear Up For Biometrics
Smart cards, currently a favorite of governments and large corporations, are getting more powerful, incorporating Java and USB technologies.
Enterprise Systems (9/29/2004)

Patch or Perish: Symantec Notes Dramatic Increase in Threats
Symantec's assessment of system vulnerabilities in the first half of this year shows a dramatic increase in the number and potential destruction of security threats.
Enterprise Systems (9/29/2004)

In Brief
Banks help ID thieves; unified security appliances; server security
Enterprise Systems (9/29/2004)

Case Study: Outsourcing Network Management and Security
How one company found an outsourcer able to mange its network equipment and offer cogent security advice
Enterprise Systems (9/22/2004)

Best Practices: IM Monitoring
Under pressure from such regulations as HIPAA, the Gramm-Leach-Bliley Act, and Sarbanes-Oxley, companies increasingly have to account for their corporate instant messaging policies. Yet many organizations don’t have rules for IM use.
Enterprise Systems (9/22/2004)

In Brief
Symantec grabs @Stake; JPEG vulnerabilities; Mozilla holes; Sniffer worm
Enterprise Systems (9/22/2004)

Case Study: Law Firm Isolates Potential Threats
Office uses one-stop monitoring for attacks and vulnerabilities
Enterprise Systems (9/15/2004)

Inside Attackers Often Unremarkable, Warns CERT
Most attacks are relatively unsophisticated, planned in advance, conducted during normal business hours, and start from inside the organization. The common driver comes as no surprise: money.
Enterprise Systems (9/15/2004)

In Brief
New security legislation; the future of e-mail and IM security
Enterprise Systems (9/15/2004)

Digital Certificates Get Pentagon, Regulatory Boost
Once they seemed doomed, but public key infrastructure is taking off, driven by e-commerce servers, Pentagon requirements, and government regulations.
Enterprise Systems (9/8/2004)

Yankee Group Says Security Outsourcing Set to Explode
Managed security service providers to dominate security market by 2010
Enterprise Systems (9/8/2004)

In Brief
Most unsolicited e-mail originates in U.S., survey finds; securing storage; name-dropping attacks
Enterprise Systems (9/8/2004)

Isolate this: Security quarantines grow
Mobile PCs can reintroduce viruses and malware to corporate networks. In response, more security managers are using network quarantining and endpoint-security checks to vet PCs before granting full-network access.
Security Wire Perspectives (September 3, 2004)

Passing the WLAN Security Buck
Company offers outsourced wireless LAN to overcome security vulnerabilities
Enterprise Systems (9/1/2004)

Case Study: Circumventing Web Services Security Problems
Aeroplan adopts an XML firewall
Enterprise Systems (9/1/2004)

Security Briefs
Sun Solaris/Apache, Netscape/Sun, Winamp Vulnerabilities
Enterprise Systems (9/1/2004)

How secure are you?
A bias-free security testing methodology can help your organization move beyond general best-security practices, to discern how many systems are actually protected.
Security Wire Perspectives (August 30, 2004)

CA Jumps into Anti-Spyware Market
Acquisition of PestPatrol signals single-console management of viruses, spam, and spyware may not be far away.
Enterprise Systems (8/25/2004)

Wild Kingdom: Life and Quick Death of a Phishing Site
Enterprise Systems (8/25/2004)

Briefs
More XP SP2 woes, fraud awareness survey, Can-Spam's failure
Enterprise Systems (8/25/2004)

New Technology Combats Zero-Day Attacks
Exploits expected to get worse, putting even more pressure on security managers
Enterprise Systems (8/18/2004)

Web Caller-ID Arrests Spoof Sites
New technology in a user-friendly toolbar intercepts users from visiting such sites
Enterprise Systems (8/18/2004)

In Brief
Delaying XP Upgrades, AOL IM Buffer Overflow, Virus Source
Enterprise Systems (8/18/2004)

Tackling Compliance for Lotus Notes
Most companies don't know if security information is leaving an organization via e-mail, and few tools address Lotus Notes specifically. Here's one that does.
IT Compliance Institute (8/17/2004)

VoIP Growth Brings Focus on Security Holes
Use of the Internet for telephone calls brings to the fore how security concerns could now spread to your once-secure communications system.
Enterprise Systems (8/11/2004)

Digital Certificates Secure Web Services, Mobile Communications
Public key infrastructure isn't dead yet.
Enterprise Systems (8/11/2004)

Briefs
Problems Found in Graphics Library, Mozilla, and PDAs
Enterprise Systems (8/11/2004)

Case Study: UCI Cinema Adopts SSL VPN for Anytime, Anywhere Access
With personal e-mail available in an instant from any connected PC via free Web-mail accounts, users want to know why their corporate e-mail, applications, and documents can’t behave the same way.
Enterprise Systems (8/4/2004)

Regulations, Productivity Spark Enterprise IM Adoption
Free and paid instant messaging use will rise dramatically in the next four years
Enterprise Systems (8/4/2004)

In Brief
Samba Exploits, Dumping IE, and Securing iPaqs
Enterprise Systems (8/4/2004)

Turn E-mail Compliance to Your Advantage
The answer isn't to back up everything, but to back up strategically. Here's one approach.
IT Compliance Institute (8/3/2004)

Linux Gets Host Application Security
New modules in the Linux 2.6 kernel make for easier host-based application security.
Enterprise Systems (7/28/2004)

Locking Down Endpoints to Prevent Virus Resurgence
Verifying PC security compliance before granting network access
Enterprise Systems (7/28/2004)

Briefs
IM Migration Deals, Mobile Viruses, and Zip-File Vulnerabilities
Enterprise Systems (7/28/2004)

Q&A: Eradicating Spyware in the Enterprise
Finally there's software to let enterprises remove spyware.
Enterprise Systems (7/21/2004)

Case Study: Managing Zip Files with Security Controls
System vulnerabilities can creep in through compressed files. But does completely blocking their use make for good security policy?
Enterprise Systems (7/21/2004)

Briefs
Microsoft details vulnerabilities (including extremely critical IE problems); safeguarding CAD drawings in your browser
Enterprise Systems (7/21/2004)

Auditing Data for Regulatory Compliance
Monitoring and securing enterprise databases to meet SOX regulations
IT Compliance Institute (7/20/2004)

Best Practices: Securing IM Against Attacks
Free instant messaging services are just one of the many security holes facing corporate IT
Enterprise Systems (7/14/2004)

IT Turns to SMTP-Level E-mail Blocking
New approaches focus on stopping unsolicited e-mail before it's even received
Enterprise Systems (7/14/2004)

In Brief
Windows XP security best practices, better SAML administration
Enterprise Systems (7/14/2004)

Web-mail@war
Web-based e-mail giants are up for a fight
The Times (July 10, 2004)

Corporate Governance Task Force Pushes Security Best Practices
Security becomes a boardroom issue
Enterprise Systems
(7/7/2004)

Attacks Against Financial Services Double
Already under the regulatory gun, attacks against the IT infrastructures of financial services firms have doubled in the last year
Enterprise Systems
(7/7/2004)

Briefs
A new Internet Explorer security flaw; heading off phishing attacks
Enterprise Systems
(7/7/2004)

Slipped disks
Who’s reading your old PC files?
The Times (July 3, 2004)

Will spyware whither under new enterprise tools?
Examining solutions to detect and eradicate spyware
Security Wire Perspectives (July 1, 2004)

Rethinking Security/Network Boundaries
IT is reassessing how network administrators and security personnel can work together more effectively
Enterprise Systems (6/30/2004)

Wireless Networks Continue to Bleed Data, Study Reveals
New study says 80 percent of companies have at least some unsecured wireless traffic
Enterprise Systems (6/30/2004)

Security Briefs
Active X Allows File Loading; Defining Spyware
Enterprise Systems (6/30/2004)

Q&A: New Technology For Encrypting Sensitive, Stored Data
New approaches make it easier than ever to add network-wide transparent data encryption
Enterprise Systems (6/23/2004)

Security Briefs
Vulnerabilities target mobile devices, RealPlayer; Tivoli adds .NET support
Enterprise Systems (6/23/2004)

Q&A: Top Tips for Outsourcing Security
Symantec's head of Managed Security Services offers his perspective on what you should look for when considering a move to outsourced security
Enterprise Systems (6/16/2004)

Used Laptops Offer Secrets for Sale—Cheap
Even laptops with hard drives that had been erased and defragged were easily hacked to reveal company secrets
Enterprise Systems (6/16/2004)

Security Briefs
New vulnerability erases hard drives; open source tool at risk; Oracle SQL exposure
Enterprise Systems
(6/16/2004)

Survey Says Infosec Managers Need More Training
Undereducated security workers are the leading cause of security breaches, according to two new studies.
Security Wire Perspectives (June 14, 2004)

Q&A: Stress Testing Your Network Against DoS Attacks
While most companies don’t face worms designed to turn computers against them, denial-of-service attacks remain a problem. How can organizations stress test their network against such attacks? We turned to Alan Newman of Spirent Communications, which manufacturers network stress-testing appliances and simulation software, for some ideas.
Enterprise Systems (6/9/2004)

Security Event Management: It Pays to be Proactive
To resist downtime and attacks, many organizations are turning to security event management software, which collects and analyzes information from a variety of devices, PCs, servers, and firewalls, giving security administrators a consolidated view of network security.
Enterprise Systems (6/9/2004)

Security Briefs
Hate sites and corporate liability; weak PDA data protection
Enterprise Systems (6/9/2004)

Can an Apple a day keep security issues at bay?
Is the Apple Macintosh and its OS X operating system an enterprise security contender -- or should it be?
Security Wire Perspectives (June 3, 2004)

Protecting Customer Data at the Browser Level
Once information appears in a browser, users can copy or print it as they please. Security managers have a new option for safeguarding such content.
Enterprise Systems (6/2/2004)

Case Study: Choosing Outside Help to Meet Security Regulations
Finding just the right provider can be tricky. How one company made its decision.
Enterprise Systems (6/2/2004)

Security Briefs
CA's Updates AV, IM Problems Grow, Wardriving Primer Released
Enterprise Systems (6/2/2004)

Quantifying the Threat from Insiders
Your greatest security risk may not come from outside attacks but from your own employees. Setting policies and procedures aren't enough to stop the problem, but new security event management technology can help.
Enterprise Systems (5/26/2004)

SCO Identity Manager Supports Single Sign-on Across Environments
A new Microsoft initiative eases management headaches by building management features into products that can be accessed by a variety of enterprise management tools. SCO's Vintela Authorization may give us a glimpse into how Microsoft networks can finally play nice with other operating systems.
Enterprise Systems (5/26/2004)

Security Briefs: WiFi Attacks, Outlook Vulnerability
DoS attacks possible on 802.11 devices, public access points particularly vulnerable; tricking Outlook 2003 to download and run files
Enterprise Systems (5/26/2004)

Security Companies to Congress: Listen Up
Vendors form Cyber Security Industry Alliance to coordinate Washington, boardroom approaches to security
Enterprise Systems (5/19/2004)

Case Study: Secure IM and Workspaces for Project Teams
Nektar Therapeutics security unites teams inside—and outside—the company
Enterprise Systems (5/19/2004)

Security Briefs
Despite arrest, worm exploits continue; Microsoft Help vulnerability revealed; Symantec firewall management improved
Enterprise Systems (5/19/2004)

Dispelling Log Data Retention Myths
Retaining data isn't enough. IT faces a host of regulations that address maintaining log files—tracking who did what and when—along with the requiring access to them in very short order.
Enterprise Systems (5/12/2004)

Survey: CEOs Crave Better Perimeter and Access Controls
Not knowing who’s accessing what is a recipe for auditing disasters
Enterprise Systems (5/12/2004)

Security Briefs: Worm Attacks Unpatched Computers; Apple Closes Vulnerability
Global organizations go offline to prevent Sasser damage; Apple patches QuickTime, OS X to close buffer overflow vulnerability
Enterprise Systems (5/12/2004)

Case Study: Mohegan Sun Bets on Virtual Password Vault
The Connecticut casino and entertainment center uses password management software, which acts as an intermediary with applications, to ensure passwords are available—and secure—around the clock.
Enterprise Systems (5/5/2004)

Host Intrusion Prevention: A New Approach to Keeping Systems Safe
Host-based intrusion prevention runs as a software agent on a user's system, looking for unauthorized actions
Enterprise Systems (5/5/2004)

Security Briefs: April Recap, Can-Spam Charges
Top vulnerabilities include a virus and a Hotmail hoax; FTC charges spammers
Enterprise Systems (5/5/2004)

Biometric IDs OK With U.K.
About 80 percent of 1,000 British adults recently surveyed say they want a biometric identification card, citing concerns about illegal immigration and identity theft.
Wired News (April 30, 2004)

Cloaking Assets With Identity-Level Firewalls
New technology lets you hide and verify network identity inside the packets themselves.
Enterprise Systems
(4/28/2004)

Configuration Management Goes Mobile
New software fixes mobile computers that deviate from corporate standards
Enterprise Systems
(4/28/2004)

Security Briefs: Two Protocol Vulnerabilities Disclosed
TCP vulnerability exploit found in the wild; buffer overflow weakness uncovered in Microsoft PCT protocol
Enterprise Systems (4/28/2004)

Minnesota Universities Opt for On-Demand CRM
Moves to hosted customer relationship management software are no isolated occurence, says Ovum senior consultant Alex Kwiatkowsky: "The whole CRM space is now being turned on its head."
CRM Buyer (4/27/04)

Q&A: Securing Mobile Workers
By 2006, over half the U.S. workforce will be mobile. Security managers face a daunting task.
Enterprise Systems (4/21/2004)

Disabling Rogue WLAN Access
Detect, then actively block, unauthorized WLAN users
Enterprise Systems (4/21/2004)

Worst Security Problem: Attachments
Security policies and education aren't enough
Enterprise Systems (4/21/2004)

No canning, but spammers on notice
New legislation aims to further trim spammers' numbers.
Security Wire Perspectives (April 15, 2004)

Case Study: Securing Mail Transactions in Any Form
Encrypting information and keys in hardware
Enterprise Systems(4/14/2004)

Businesses Ignore Mobile PDA Threat
When it comes to mobile devices, why do so many companies avoid the security issues?
Enterprise Systems (4/14/2004)

In Brief
Cisco sign-on, IE cross-scripting lead vulnerabilities this week
Enterprise Systems (4/14/2004)

Case Study: Stopping Leaks of Program Code
Using pattern matching with information taxonomy tools to track sensitive information leaving the company
Enterprise Systems (4/7/2004)

Human Error Tops List of Vulnerabilities
Only half of respondents in a new survey say their company has a written security policy. Furthermore, despite the increases in threats, many organizations have been slow to make the appropriate investments in time and budget to properly address them.
Enterprise Systems (4/7/2004)

Security Briefs: Encrypted Attachments Carry Threats
Sneaking vulnerabilities into the enterprise through encrypted attachments pose new problems; ISPs will spend $245 million this year to combat problems, in large part because of home users.
Enterprise Systems (4/7/2004)

The Battle Grows Beyond Low Prices
Hosting providers 1and1 Internet and Server4You attack the U.S. hosting market. To succeed, they'll need more than low prices. (Part two of two parts. Here's part one.)
HSPstreet.com (April 1, 2004)

Q&A: Single-System Message Management
It's not just a matter of blocking unsolicited e-mail. Today's security professionals need to protect against outbound as well as inbound problems
Enterprise Systems (3/31/2004)

Security Managers Report Virus Problem Worse
New report charts security manager dissatisfaction
Enterprise Systems (3/31/2004)

F-Secure Targets Attacks on Linux
As popularity of Linux grows, company predicts increasing attempts to create malicious programs that will attack it
Enterprise Systems (3/31/2004)

Memo to the U.S.: German Hosting Providers Arrive
In the past eight months, two of Europe's largest hosting providers have hit U.S. shores. Will their low prices entice customers? (Part one of two parts. Here's part two.)
HSPstreet.com (March 30, 2004)

Best Practices: New Standard Helps Companies Prove Their World-Class Security
Interest is growing in a new British Standard—BS7799—that is slowly being adopted outside of Britain; companies adopting the standard may find they've implemented a best-practices security program. 
Enterprise Systems (3/24/2004)

Combating Apathy with Free Security Check
WholeSecurity gives businesses the ability to offer their customers an opt-in PC security sweep to quarantine malicious software 
Enterprise Systems (3/24/2004)

Briefs: Vulnerabilities in CPanel, ISS products, Symantec Internet Security
New warnings about Web hosting control panel protection, ISS server-response processing, and Symantec's security software 
Enterprise Systems (3/24/2004)

Case Study: Securing Systems You Don't Directly Control
The University of Colorado Hospital struggled to keep its network secure to comply with HIPAA regulations, made difficult because IT didn't have direct control over some connected systems.
Enterprise Systems (3/17/2004)

ASN Security Issues Run Deep, Forrester Warns
Security flaws reveal weaknesses in Microsoft's Abstract Syntax Notation One, a cryptographic and authentication mechanism in use by every Window operating system. The problem is with the compiler, not the applications themselves. It's time for developers to patch and recompile quickly.
Enterprise Systems (3/17/2004)

New Breed of Attack Targets Microsoft Outlook XP Users
Microsoft upgrades Outlook XP's vulnerability to "critical" after researcher finds additional flaws; company urges patch be applied quickly
Enterprise Systems (3/17/2004)

Europe Considers Harsh Piracy Law
The European Union will likely enact a law to give local police more power to seize the assets of suspected intellectual-property thieves. Opponents say the law is just too severe.
Wired News (March 16, 2004)

Senate takes aim at spyware
A new federal bill seeks to eliminate spyware, which is often used to commit identity theft and to steal intellectual property.
Security Wire Perspectives (March 11, 2004)

Case Study: Protecting Intellectual Property On the Go
Kettering Medical Center finds a solution to who sees the data, for how long, and how much data a user can view.   Enterprise Systems (3/10/2004)

Touching SAP Data: User Access and Biometrics
Enterprises can record when users access data in an SAP system, but biometrics makes it possible to add physical evidence to the log.  
Enterprise Systems
(3/10/2004)

Worm Writers One-Up Each Other
The battle to capture your e-mail address has gone to new levels: deleting competing worms.  
Enterprise Systems (3/10/2004)

Microsoft Says Security Improvements Coming
The company is querying its user base for security enhancements; meanwhile, security option defaults will be changed in future releases and updates.  
Enterprise Systems (3/3/2004)

Case Study: Meeting Customer Demand for Secure Statements
Rather than navigating a Web site to see their data, customers at New York Life Investment Management Retirement Services enter only a username and password to see statements in an HTML e-mail attachment.  
Enterprise Systems (3/3/2004)

Q&A: Managing Security Through Enterprise Procurement
Simplifying the time-consuming process of setting up security, and changing security permissions quickly, can often be handled through procurement software.  
Enterprise Systems (3/3/2004)

Alerts
New Vulnerabilities Steal Financial Data Via ICQ, Target P2P File Traders, and Delete Office Files  
Enterprise Systems (3/3/2004)

Case Study: Fielding Service Calls Securely
Securing common, Internet-connected, mobile devices requires a new approach. Schindler Elevator Corp. found one.  
Enterprise Systems (2/25/2004)

Briefs
E-mail fraud and vulnerabilities, plus the impact of Microsoft's source code leak 
Enterprise Systems (2/25/2004)

Alerts
Sarbanes-Oxley; partnering for security; security certification guide  
Enterprise Systems (2/25/2004)

Bluetooth hygiene for the enterprise
Security managers must reexamine Bluetooth deployments in the face of two recent Bluetooth vulnerabilities.
Security Wire Perspectives (Feb. 23, 2004)

Q&A: Real-Time Database Monitors May Ease Regulatory Headaches
Near-real-time monitoring may help your company catch attackers and restore altered data.  
Enterprise Systems (2/18/2004)

Top Three Security Problems Remain Despite Increased Spending
Companies turn to managed Service providers for help; desktops dominate security budgets as patches average $234 per machine.  
Enterprise Systems (2/18/2004)

Security Briefs
Microsoft Warns of Critical ASN.1 Vulnerability; More Doom Unleashed  
Enterprise Systems (2/18/2004)

Beyond Perimeter Defense: Securing Online Transactions
Encrypting, monitoring, and auditing access to actual data  
Enterprise Systems (2/11/2004)

MyDoom Details from Kaspersky Labs
Newest vulerabilities feed on old worm to take aim at Microsoft's Web site  
Enterprise Systems (2/11/2004)

Solving the Patch Management Headache
Best practices in keeping the desktop secure  
Enterprise Systems (2/11/2004)

Briefs
New Mydoom variants; Vulnerabilities in IE browser, Checkpoint products; January a banner month for threats.  
Enterprise Systems
(2/11/2004)

Companies Defect as Anti-virus Software Struggles with Worms
The latest threats have companies reconsidering their anti-virus tools, wondering if AV is becoming irrelevant. Increasingly, companies are looking at application-level personal firewalls and all-in-one gateway hardware for PCs.  
Enterprise Systems (2/4/2004)

Can-Spam, Laced with Loopholes, Creates Confusion
New legislation has failed to stem the tide of unsolicited e-mail, protecting e-mailers who follow the letter but not the spirit of the law.  
Enterprise Systems (2/4/2004)

First Worm Outbreak of the Year Packs a Wallop
MyDoom monopolizes Internet via e-mail harvesting, P2P file sharing, back door 
Enterprise Systems (1/29/2004)

Product Shootout: Intrusion Prevention
Third-party testing firm analyzes leading IDS products, encounters surprises.  
Enterprise Systems (1/28/2004)

Guarding Against Your Partner's Web Services Flaws
Coding errors in Web Services code at your partners can trigger problems on your own systems.   
Enterprise Systems (1/28/2004)

Best Practices: Collecting Computer Forensic Evidence
Gathering information in a legal, court-friendly way is vital if computer forensic evidence is to hold up in court. 
Enterprise Systems (1/21/2004)

Battling Blended Threats with Pattern Detection
IT needs to move from looking at events coming from particular sensors to recognizing patterns of activity coming into that infrastructure. 
Enterprise Systems (1/21/2004)

Briefs
Voice-over-IP vulnerabilities; impact to Microsoft's ISA Server 2000 
Enterprise Systems (1/21/2004)

Case Study: Watching Sensitive Database Information at Toro
Sarbanes-Oxley, the need to improve monitoring, and a desire to move administration and accountability closer to end users, drove Toro to invest in record-level enterprise application monitoring software from Prodigen.  
Enterprise Systems (1/14/2004)

Securing Mobile Workers
The wireless debate has moved from demonstrating that wireless is a viable technology to solving the associated management issues. New software and upgrades may hold the answer. 
Enterprise Systems (1/14/2004)

Briefs
Using investigations to satisfy Sarbanes-Oxley requirements; learning from 2003's vulnerability onslaught 
Enterprise Systems (1/14/2004)

Which Bugs Will Bite? Vulnerability Predictions for 2004
Heterogeneous attacks, voice over IP shakedown, and prime time Web services easing security: predictions from an eminent security researcher for 2004 and beyond. 
Enterprise Systems (1/7/2004)

Report: Last Year Was Worst Ever for Viruses
Last year was the worst year ever for vulnerabilities, says anti-virus software maker F-Secure, in part because virus writers and spammers got together. Here's what you can do to prepare.
Enterprise Systems (1/7/2004)

Briefs: Network Storage Rules; Anti-Virus Software; Choosing a Mail Filter
Learn Network Storage Security Rules; Free Anti-Virus -- For A Year.
Enterprise Systems (1/7/2004)

 

See also: Current Writing Archive

Mathew Schwartz
Mat@PenandCamera.com