Menu

Blogs

  • Today's Challenge: Database Security in the Cloud

    by Christopher Burgess on December 19, 2014

    Leading image

    There is more to loud data security than just data security in the cloud. The core product offerings for cloud data storage services (or Cloud Sync and Share as they my be called) include storage, sync, share, view, collaborate, Web and mobile support, and APIs, said Rich Mogull of Securosis. "Without a solid security baseline it really doesn't matter what else the service officers," Mogull wrote. While cloud storage and security have gone well beyond the database, the security implementation…

  • Fire in the Valley: The Birth and Death of the Personal Computer

    by Ben Rothke on December 18, 2014

    In Fire in the Valley: The Birth and Death of the Personal Computer, authors Michael Swaine and Paul Freiberger provide a thoroughly enjoyable read of the history and development of the PC. As timing would have it, Michael Swain was editor of Dr. Dobb's Journal, which this week announced it would be ceasing publication in 2015 after nearly 40 years in print. The valley in the title is Silicon…

  • Shopping at Breached Retailers This Holiday Season

    by Fahmida Y. Rashid on December 17, 2014

    We are about halfway into the holiday shopping season, and it’s not clear if the retail breaches have affected how consumers are shopping this year. Overall shopper traffic over the Thanksgiving holiday—Thursday to Sunday—dropped 5.2 percent compared to 2013, according to early numbers from the National Retail Federation released earlier this month. There were also a lot of provocative numbers…

  • The Future of Electronic Attacks, and the End of the Network Perimeter

    by John Linkous on December 16, 2014

    JPMorgan Chase was one of the latest Fortune 500 companies to fall victim to an electronic attack in 2014. On Aug. 28, the company said it was the target of a broad-scale attack which, based on its alleged complexity and breadth, may well have been state-sponsored. Bank records were altered and deleted, potentially impacting thousands of bank customers. It also appears that up to seven different…

  • Guidelines for Mobile Computing Security

    by Robert Moskowitz on December 15, 2014

    Mobililty is clearly the future of computing. Smartphones and tablets are more powerful and bring-your-own device is an accepted reality. This raises major security issues, as mobile computing can be readily compromised at the device, network and wireless connectivity levels. The mobile device itself—whether a portable computer, personal digital assistant, laptop, smartphone, tablet computer, or…

  • Three Reasons Why Employees Chafe at Security Policies

    by Christopher Burgess on December 12, 2014

    How often have you heard someone say, "We can't do it that way, because our security policies prohibit . . . " Perhaps they were discussing customer data security and the means to achieve frictionless engagement. Variants of this conversation occur every day, and if you are the chief information security officer (CISO), you need to maintain these policies. Here are three reasons why employees…

  • RSAC Speaker Submissions Reveal What the Industry Cares About

    by Britta Glade on December 10, 2014

    Predictions are dangerous business. Just ask Thomas Watson, who in 1943 as chairman of IBM said, “I think there is a world market for maybe five computers." Wilbur Wright got it right, confessing in 1908: "In 1901, I said to my brother Orville that man would not fly for fifty years . . . Ever since, I have distrusted myself and avoided all predictions." As Mr. Wright’s wingman and an observer—not…

  • Spam Nation: The Inside Story of Organized Cybercrime-from Global Epidemic to Your Front Door.

    by Ben Rothke on December 8, 2014

    There are really two stories within Spam Nation: The Inside Story of Organized Cybercrime-from Global Epidemic to Your Front Door. The first is how Brian Krebs uncovered the Russian cybergangs that sent trillions of spam emails for years. As interesting and compelling as that part of the story is; the second storyline is much more surprising and fascinating. Along with George V. Hulme and Steve…

  • A Morality Tale: The Good and Bad of DDoS Attacks, and What to Do About Them

    by John Linkous on December 8, 2014

    It's 4:55 p.m. on a Friday afternoon, and your phone rings. You're a CISO of a large company selling products online. It's your lead SOC analyst calling with a big problem. The moment that you've successfully avoided for your tenure so far has finally arrived: web-facing applications are slowing to a crawl, and customers are calling and complaining. You are under attack—it’s a distributed…

  • Your End-of-the-Year Security Checklist

    by Fahmida Y. Rashid on December 5, 2014

    Let's talk about checklists! Specifically, checklists of things information security professionals should complete between now and the end of the year. Slow period? What slow period? The end-of-the-year is a very busy time for IT security. Last minute modifications and additions to next-year's budget are underway, as well as looking at this year's budget and figuring out what else needs to be…

  • What's in Your Privacy Policy?

    by Christopher Burgess on December 4, 2014

    The days of asking "Why do I need an entire policy about privacy?" are long gone. Users regularly evaluate the trade-off between how their information is being used and the cost to personal privacy. Every company needs to be upfront about how user data is being used, shared, and stored. What Does a Privacy Policy Look Like? A quick survey of well-known companies and their respective privacy…

This document was retrieved from http://www.rsaconference.com/blogs on Sun, 21 Dec 2014 15:49:43 -0500.
© 2014 EMC Corporation. All rights reserved.