In a recent University of Washington paper (see Sources below), the results of a five month study (May 2005 to October 2005) of the state of spyware on the Internet were documented. The following is a summary of the researchers’ conclusions:
University of Washington Spyware Study Results
February 10th, 2006Application Security: People, Process, and Technology
February 9th, 2006Most organizations have worked feverishly to secure the network infrastructure, including executing rigorous operating system patch and configuration management processes. They’ve done such a good job, attackers are turning to applications as the next avenue of attack. This includes both commercial and proprietary solutions.
In this article, we’ll look at the challenges facing managers as they implement commercial applications and applications developed in-house. And we’ll explore ways to begin the process of hardening those applications.
Windows OneCare Live Cost Revealed
February 7th, 2006Late last week I wrote about the beta version of OneCare Live. At that time, Microsoft hadn’t released when it would role out the production release or how much it would cost. Today, Microsoft announced that it would provide OneCare for $49.95 a year starting this June. The annual price includes using the desktop security service on up to three PCs, as Microsoft targets home and small business users.
Users who sign up for testing in April will pay an introductory annual fee of $19.95.
Author: Tom Olzak
Source:
Microsoft plans new PC security service for June
Microsoft Desktop Security Service
Security Risk Management
February 7th, 2006Risk management is an important part of securing today’s information assets. Security has moved from the fringes of technology to take its place alongside other critical business activities. And like other business activities, the resources expended on the people, processes, and technology necessary to protect an organization’s information infrastructure must be justified in terms of return on investment (ROI).
In this article, we’ll explore the fundamentals of risk management as it applies to information security.
Data Storage Security
February 6th, 2006Data in transit, across and between company networks, is usually the focus of extensive security efforts. However, organizations typically regard data residing on internal storage devices as “secure enough.” Databases and flat files stored on server, laptop, or SAN-attached disks don’t always move outside the security perimeter; so why worry?
In this paper, we’ll explore data storage vulnerabilities, the risks associated with these vulnerabilities, and ways to effectively manage those risks.
Author: Tom Olzak
Dissecting Nyxem: New dog, same old tricks.
February 4th, 2006There has been some real buzz concerning a new virus in the wild, Nyxem. While it employs the same old tricks virus coders have been using for years, it has a new nasty ending. Let’s discuss Nyxem (aka Mywife, Blueworm, BlackMal) and see what kind of risk we are really looking at.
Read the rest of this entry »
Desktop Security Service – Windows OneCare
February 3rd, 2006In the spring of 2005, OneCare was released with much fanfare. It’s Microsoft’s venture into the world of desktop security. But it comes with a twist. Microsoft’s solution is a software-as-a-service offering. This means that you will probably pay a monthly fee for the rights to run the combined anti-virus, backup, cleanup, and update services. I say probably because OneCare is still in Beta.
Managing Unapproved Applications
February 2nd, 2006In today’s workplace, users aren’t satisfied with the applications provided by the internal IS staff. In an effort to maximize their productivity and to improve their work environment (at least those are the reasons given), many users install applications brought in from home, downloaded from the Internet, or provided by a friend. So if it makes your users happy, what’s the big deal?
In this article, we’ll take a look at how the changing nature of network security is increasing the importance of end point security. In addition, we’ll review the risks presented to your organization through the installation of unapproved and unmanaged applications. Finally, we’ll explore some of the things you can do to protect your network from personal application installations.
BIOS Rootkit Attacks: What’s the Real Risk?
February 1st, 2006As I’ve written in previous articles, the frequency of malicious rootkit installations is increasing. Now it seems that even the BIOS is a potential target. John Heasman, principle security consultant for Next-Generation Security Software, announced this week that a collection of functions known as the Advanced Configuration and Power Interface (ACPI) could be used to deposit a rootkit in the BIOS in flash memory. This is rather easy to do, said Heasman, because the ACPI has a high level programming language that’s easy to learn and easy to use.
When I read this story, which was covered on almost every security web site, I was initially concerned. Who wouldn’t be? The BIOS is the most fundmental layer of functionality in any PC. But the more I thought about it, the more I wondered about how much risk a BIOS rootkit actually presents to a business network. After some research, I concluded that the risk is very low for businesses that take normal precautions.
In this article, we’ll look at rootkit technology, how engineers or programmers flash the BIOS, the typical safeguards protecting BIOS access, and what you can do to protect your business from BIOS rootkit issues.
An Intrusion Defense Solution
January 31st, 2006Rather than write another piece on security in general for today’s post, I’m going to share my team’s experience in selecting an intrusion defense solution that expands on our existing firewall perimeter defense. During the past several weeks, my team and I struggled with the new infrastructure and management design to support our enterprise security strategy. We looked at IDS and IPS. We looked at SIM products. And we assessed each solution based on the following criteria:
Read the rest of this entry »
Posted in All, Commentary, Security Management Tips | No Comments »