Security: Features

The proliferation of datacentres around the world has made the Cloud not only accessible, but also affordable in the process. However, the issue of data sovereignty, the location of where the data is stored, has been an inhibitor.

With the introduction of Windows 7, many PC and notebook users may feel more secure than they did using older versions of the Microsoft operating system. Newer OSs have more security features, offer better out-of-the-box security settings and have closed many of the historical security holes. Windows 7, for example, has changed the default User Account Control level so that it's harder for rogue programs to run without first explicitly gaining the user's permission.

The good news for enterprises: Mobile devices are packed with power. A new iPhone is 100 times lighter, 100 times faster, and 10 times less expensive than the luggable notebooks of the early 1980s.

While Jeff Schmidt, the CEO of JAS Global Advisors, was surfing the Web on his new Android smartphone (his first Android phone) earlier this year, what appeared to be an ad popped up on his screen. The "ad" looked like the prompt that appears when his phone rings. He clicked the button on the ad to pick up the putative call, and the ad began downloading a binary file - malware - onto his Android phone. Schmidt had been hit by a drive-by download, a program that automatically installs malicious software on end-users' computers--and increasingly, smartphones--without them knowing.

They're "security myths", oft-repeated and generally accepted notions about IT security that arguably are simply not true - in order words, it's just a myth. We asked security experts, consultants, vendors and enterprise security managers to share their favorite "security myths" with us. Here are 13 of them.

It's a fact of modern life that archiving data is essential to prevent a data disaster. Still, something like one-third of computers are never backed up, according to 2257 respondents in a recent Backblaze poll carried out by Harris Interactive. The survey came to the dismal conclusion that a scant 7 per cent of users practice safe computing by archiving their systems on a daily (or nightly) basis.

Perhaps it was an omen of what was to come when the city of San Francisco on New Year's Eve 2010 couldn't get a backup system running in its Emergency Operations Center because no one knew the password.

If your IPv6 strategy is to delay implementation as long as you can, you still must address IPv6 security concerns right now.

Malware targeting Android-powered mobile devices and Apple computers top a list scams and security threats the people need to guard against this holiday shopping season.

In September 2007, in a remote laboratory in Idaho, researchers began to show that that picture had begun to change, dramatically and irreversibly. Dubbed "Aurora," the researchers' project demonstrated the ability of a cyber hacker to destroy physical equipment--in this case a generator used to create electricity for the power grid.

Stealthy, sometime long-term cyber-espionage attacks to steal sensitive proprietary information -- what some now call "advanced persistent threats" (APT) -- have become a top worry for businesses.

You may already know the basics of Internet security and keeping your personal data private while browsing the Web: Use a firewall, don't open attachments you aren't expecting, and never follow links from strangers. But what about your smartphone? The ease with which security researcher Georgia Weidman was able to infect Android phones with her custom botnet during the 2011 ShmooCon security conference suggests that anyone concerned about the privacy of the personal data stored on their smartphone should think twice before downloading dubious or otherwise untrustworthy apps.

It's not an exaggeration to say that the recent Wikileaks scandal has shaken the Internet to its core. Regardless of where you stand on the debate, various services have simply refused to handle Wikileaks' business -- everything from domain-name providers to payment services -- and this has led to many questioning how robust the Internet actually is.

Combating the many denial-of-service attacks out there often feels like a battle of attrition.

In 1993, Private Investigator Joe Seanor had wrapped up employment stints in the CIA and the Department of Justice, and was looking for something new in his professional life.

The last thing any of us need these days is another uninformed discourse on health care, but I tend to wade in where others have the common sense to keep out.

This past January, the health organisation Kaiser Permanente reported a theft of an external hard drive from an em­­ployee's car. The hard drive contained data on about 15,500 Northern California patients, including their full names, medical record numbers, and, in some cases, gender, dates of birth, and other info on treatment and care received at Kaiser (but not patients' social security numbers or financial data).

Laptop computers have become mobile stores of massive amounts of information. Add to that the proliferation of removable hard drives, and it becomes crystal clear how much sensitive data is on the move in the world, most of it woefully underprotected.

Kaspersky Lab may not be a household name in the United States, but in some parts of the world, it's the most popular consumer antivirus software. In China the company boasts 100 million users, and the software is also popular in Germany, and, of course, Russia, where Kaspersky got its start in 1997.

The need to keep information secure is not a recent development. To satisfy this need, most organisations construct a list of security requirements based on common sense. This has proven fairly effective with simple and well understood media such as pen and paper. As information management (and its security) has become more complex in nature, the likelihood of a gap in that common sense list of requirements has increased.