InformationWeek Reports : Risk Management

Strategy: SIEM

Sat, 04 Feb 2012 01:46:58 -0500

A security information and event management system serves as a repository for all the security alerts and logging systems from a firm’s devices. But this can be overkill for a company that is understaffed or has overestimated its security information needs. In this report, we discuss 10 questions to ask yourself in determining whether SIEM makes sense for you—and how to pick the right system if it does.

Trust: Web Authentication

Thu, 02 Feb 2012 12:47:38 -0500

How hacks of Comodo and DigiNotar exposed weakness in SSL--and what's being done to fix it.

Data Encryption: Piling On

Thu, 02 Feb 2012 11:23:18 -0500

As broken protocols, mobility, and cloud add to the data protection burden, encryption's more important than ever.

Strategy: How to Pick Endpoint Protection

Thu, 02 Feb 2012 03:18:31 -0500

When it comes to protecting PCs and laptops, IT puts too much emphasis on malware detection. You'll get better results by focusing on performance, management and--most importantly--how users and the security software interact. This report tells you how to evaluate endpoint security software based on what really matters.

IT Pro Ranking: Endpoint Antivirus/Anti-Malware

Wed, 01 Feb 2012 09:15:28 -0500

Kaspersky Lab and Sophos top our IT evaluations of nine antivirus/anti-malware vendors. Upstart Malwarebytes scores a 4.3 out of 5 for malware removal, the highest score in that category. Symantec and McAfee are the most widely used vendors, but 46% of respondents are considering replacing or adding a vendor. Lucky for them, choices abound in this market.

Strategy: Database Defense

Sun, 29 Jan 2012 01:10:15 -0500

The biggest threat to your company’s most sensitive data may be the employee who has legitimate access to corporate databases but less-than-legitimate intentions. And while the incidence of insider data breaches has decreased, external attacks often imitate them—and do serious damage. Follow our advice to mitigate the risk.

Strategy: Understanding Software Vulnerabilities

Sun, 29 Jan 2012 01:09:49 -0500

To protect company and customer data, we need to determine what makes it so vulnerable and appealing. We also need to understand how hackers operate, and what tools and processes they rely on. In this report, we explain how to ensure the best defense by thinking like an attacker and identifying the weakest link in your own corporate data chain.

Dark Reading Supplemental Issue: February 2012

Fri, 27 Jan 2012 05:02:31 -0500

Online Trust -- Hacked Doesn't Mean Dead

Research: Data Encryption

Fri, 20 Jan 2012 04:53:49 -0500

Just 36% think they're ahead of the encryption curve, and now the cloud and mobility are adding new wrinkles to an already complex and difficult-to-implement technology. Meanwhile, just 47% have made mobile-device encryption a priority. Our take: This tech may just be the key to achieving the magical ROI promised by cloud services and mobility programs.

Dark Reading Digital Issue: January 2012

Fri, 20 Jan 2012 03:23:50 -0500

Digital Detectives -- Take the offensive with forensics -- New twist on the DoS attack
-- The third-party insider threat

Strategy: Smartcards

Tue, 17 Jan 2012 04:20:52 -0500

Recent compromises of smartcard data have exacerbated concerns about the technology’s privacy, security and standards (or lack thereof). Yet the promise of smartcards is too compelling to ignore. New technologies and applications prompt us to take a fresh look.

Strategy: HIPAA Security

Wed, 04 Jan 2012 12:32:39 -0500

IT professionals can make tremendous progress on security initiatives using the HIPAA Security Rule for leverage. We show you how.

Strategy: Stop Illicit Data Dumps

Wed, 04 Jan 2012 11:59:16 -0500

There are no silver bullets when it comes to protecting company and customer data from loss or theft, but there are technological and procedural systems that will go a long way toward preventing a WikiLeaks-like data dump.

Strategy: SOX Security

Mon, 12 Dec 2011 06:18:35 -0500

We share 10 best practices to meet Sarbanes-Oxley security-related requirements and help ensure you’ll pass your next compliance audit.

Strategy: Tablet Security

Mon, 05 Dec 2011 09:57:33 -0500

As businesses rely increasingly on tablets for the productivity benefits they provide, IT must address the security challenges the devices present.

Strategy: Email Security

Fri, 02 Dec 2011 03:14:13 -0500

Email encryption, rights management, email gateways and full-on data loss prevention systems can keep corporate data secure. Consider the pros and cons of each to determine what’s best for your business.

IT Pro Impact: Top 5 Mobile Security Threats for 2012

Tue, 29 Nov 2011 10:25:37 -0500

What should IT pros worry about as we dive head first into the mobility era? Just ask the 59% allowing access to cloud services or SaaS via mobile devices, or the 64% planning to build custom apps. In this IT Pro Impact report, we’ll delve into these and other potential problems. Just 58% say IT selects mobile devices and carriers—a 15-point year-over-year drop. Clearly, a plan is needed.

Biometrics for the Rest of Us

Tue, 22 Nov 2011 11:53:18 -0500

From fingerprints and retina scans to DNA and gesture recognition, the technology is advancing while costs are declining. Here’s what you need to know.

Strategy: Database Access

Tue, 15 Nov 2011 11:35:54 -0500

Role-based access control based on least user privilege is one of the most effective ways to prevent the compromise of corporate data. But proper provisioning is a growing challenging, due to the proliferation of big data, NoSQL databases and cloud-based data storage.

Buyer's Guide: MDM

Mon, 14 Nov 2011 02:01:13 -0500

As a greater variety of smartphones and tablets tap into corporate resources, IT must have a strategy for security, access control and management. Our buyer’s guide helps you make the right call on mobile device management tools.

MDM: What Could Go Wrong?

Sun, 13 Nov 2011 10:35:41 -0500

The breakneck pace of change around mobility could be putting your data at risk. The answer is MDM.

3 Steps to Database Defense

Wed, 09 Nov 2011 08:41:13 -0500

Database security often takes a backseat to performance and other concerns. Here’s how to strike a balance that works.

Strategy: Patch Management

Wed, 02 Nov 2011 11:25:06 -0400

It’s no longer sufficient to patch just Windows, Office and IE. With the massive array of applications now residing on enterprise PCs, and the proliferation of mobile and cloud-based applications, your business is far too vulnerable to exploitation unless you have a solid strategy for patch prioritization, deployment and quality assurance. Follow these steps to put your plan in place.

An Insider Threat Reality Check

Tue, 01 Nov 2011 06:23:14 -0400

In this special retrospective of recent news coverage, Dark Reading takes a look at how organizations are handling the threat--and what users are really up to.

Research: Mobile Device Management

Fri, 28 Oct 2011 04:22:21 -0400

The only constant in mobility nowadays is change. Former market leaders such as RIM and Microsoft are now followers straining to keep pace with consumer-driven operating systems from Google and Apple. Almost 80% say tablets will grow in importance. No two platforms have the same security and management hooks, yet your end users are demanding email, calendaring, VPN access and much more—64% are on board with custom apps. This is changing the face of computing—and terrifying the IT managers charged with providing productivity tools while maintaining control of sensitive data.