by John Pescatore | July 31, 2009 | 1 Comment
Update to The Myth of the Responsible User: this week brings news that those responsible users are texting while driving and letting sensitive and critical business information get onto music stealing services because they installed peer-to-peer software on their work PCs or put sensitive business information onto home PCs that had the entire drive indexed [...]
Category: Uncategorized Tags:
by John Pescatore | July 29, 2009 | 3 Comments
Network World has a piece today about a credit union in California offering two factor authentication to its customers: The credit union is encouraging customers to switch from simple password authentication to the far stronger two-factor authentication, which makes use of VeriSign’s handheld token to generate a one-time password. In addition, VeriSign offers applications for the [...]
Category: Uncategorized Tags:
by John Pescatore | July 28, 2009 | 1 Comment
Microsoft today, Adobe Thursday – Prevent problems, protect PCs: prioritize prompt patch pushing. Microsoft out-of-cycle patch info here. Adobe Flash patch info to appear here, info here.
Category: Uncategorized Tags:
by John Pescatore | July 27, 2009 | 1 Comment
Lawrence Orans has guest-blogged here a few times giving Gartner’s take on using Skype securely if the business decides that Skype use will be allowed. In Gartner research notes and advice to clients, Lawrence and I have changed the focus from “you must block Skype” to “if you must allow Skype, do this…” The business [...]
Category: Uncategorized Tags:
by John Pescatore | July 24, 2009 | Submit a Comment
A few years ago Avivah Litan and I wrote a Gartner Research Note called “Data Protection is Less Costly Than Data Breaches.” We estimated the hard costs of large security incidents that resulted in exposure of customer data (more than 100,000 accounts) had hard costs on the order of $100US/account, while small ones (under 5,000) [...]
Category: Uncategorized Tags:
by John Pescatore | July 23, 2009 | 3 Comments
I live on the edge – the edge of the woods, anyway. Deer eating my landscaping is a constant problem. Since I can’t put a giant fence around my entire property, I have to use a mixture of DMZs (deer fencing around areas where I can put a fence), hardening (spraying anti-deer solutions onto plants) and [...]
Category: Uncategorized Tags:
by John Pescatore | July 22, 2009 | Submit a Comment
A few recent wireless security items of note: The Payment Card Industry Security Standards Council published guidelines last week on how merchants should deal with Wireless LAN security issues. Nothing really earth-shattering, no new requirements, lots of restatement of Wireless Security 101, but some definite clarifications that will drive Qualified Security Assessors to look for [...]
Category: Uncategorized Tags:
by John Pescatore | July 21, 2009 | Submit a Comment
A few months without patches would be like a summer without weeds.
Category: Uncategorized Tags:
by John Pescatore | July 20, 2009 | 1 Comment
Today is the 40th anniversary of the first time a person walked on the moon. That lead to the birth of a common saying “We can put a man on the moon but we can’t….” Oddly enough, 40 years ago a bunch of computer-related stuff happened, too: Thompson and Ritchie at Bell Labs wrote what [...]
Category: Uncategorized Tags:
by John Pescatore | July 17, 2009 | 2 Comments
What ever happened to…? The Kane Security Analyst – acquired by Security Dynamics in 1998 or so, that was a pretty nice little tool to preconfigure and give out to business units and tell them they could use it to clean everything up before the auditors got there. This is just one example of good [...]
Category: Uncategorized Tags:
