Get help with specific problems with your technologies, process and projects.
Get help with specific problems with your technologies, process and projects.
Windows Server 2012 security: Is it time to upgrade?
Expert Michael Cobb wades through the security features of Windows Server 2012 to find out what's new and beneficial in Microsoft's latest release. Continue Reading
Security incident management in the cloud: Tackling the challenges
Identifying security incidents in cloud environments isn't easy, but there are steps companies can take to ease the process. Continue Reading
With JOBS Act, Sarbanes-Oxley compliance likely won't get easier
While SMBs may benefit from the JOBS Act, Sarbanes-Oxley compliance for enterprises may remain largely unchanged. Expert Mike Chapple explains why. Continue Reading
Examining Kindle Fire security, Silk browser security in the enterprise
Do Kindle Fire security issues, combined with weak Silk browser security, make the red-hot consumer device too risky for enterprises? Michael Cobb explains. Continue Reading
Does .cc domain malware demand domain blocking?
Learn how to deal with .cc domain malware threats found within DNS traffic. Is domain blocking at the perimeter the best defense strategy? Continue Reading
Is it possible to prevent DDoS attacks?
A distributed denial-of-service (DDoS) attack can consume all your network bandwidth. Learn how to prevent a DDoS attack in this expert response.Continue Reading
SEC disclosure rules: Public company reporting requirements explained
Learn the public company reporting requirements necessary to comply with CF Disclosure Guidance Topic No. 2, the SEC's cybersecurity reporting rules.Continue Reading
Submit your questions about application security
Michael Cobb is standing by to give you free, unbiased advice on application security.Continue Reading
Submit your questions about IAM
Randall Gamby is standing by to give you free, unbiased advice on identity and access management.Continue Reading
P2P encryption: Pros and cons of point-to-point encryption
P2P encryption is an emerging technology; one that may be helpful for many companies, especially merchants. Mike Chapple dissects the pros and cons.Continue Reading
OAuth 2.0: Pros and cons of using the federation protocol
Learn the advantages and disadvantages of using Open Authorization for Web application authentication.Continue Reading
Comparing relational database security and NoSQL security
In this introduction to database security, expert Michael Cobb explains the differences between relational database and NoSQL security.Continue Reading
Insufficient authorization: Hardening Web application authorization
Insufficient authorization errors can lead to Web app compromises and data loss. Learn how to fix these authorization errors.Continue Reading
Comparing certifications: ISO 27001 vs. SAS 70, SSAE 16
Learn about ISO 27001 vs. SAS 70, and why enterprises should pay attention to SSAE 16 over SAS 70.Continue Reading
How to mitigate the risk of a TOCTTOU attack
Are TOCTTOU attacks, exploiting time-of-check-to-time-of-use race conditions, a threat to your enterprise file systems? Expert Michael Cobb discusses the dangers and how to mitigate them.Continue Reading
How MAC and HMAC use hash function encryption for authentication
Hash function encryption is the key for MAC and HMAC message authentication. See how this differs from other message authentication tools from expert Michael Cobb.Continue Reading
Locate IP address location: How to confirm the origin of a cyberattack
What's the best way to determine the origin of a cyberattack? Expert Nick Lewis weighs in.Continue Reading
IEEE 802.11: Handling the standard's wireless network vulnerabilities
IEEE 802.11 has several known vulnerabilities, so what's the best way for enterprises to handle them? Expert Anand Sastry explains.Continue Reading
Securing a multi-tenant environment
Learn some of the key elements for secure multi-tenancy.Continue Reading
Identity and access management concepts and predictions to watch in 2011
Forrester's Andras Cser discusses the emerging identity and access management concepts and market predictions enterprises should be prepared for in 2011.Continue Reading
Log Parser examples: Using the free log analysis tool
Log analysis is an essential security function for almost all enterprises, and, with Log Parser, much of it can be done for free. Learn how to use Microsoft's free Log Parser in this expert tip.Continue Reading
Security in virtualization: IDS/IPS implementation strategy
Considering virtualization? Take into account that your IDS or IPS may not work the same way in a virtualized environment as it does in a physical one. Expert Dave Shackleford explains how to address this potential problem.Continue Reading
PCI requirement 7: PCI compliance policy for access control procedures
Though PCI DSS is generally prescriptive, when it comes to requirement 7, organizations have more leeway -- and, thus, more potential for error -- than other sections of the standard. Learn how to handle PCI DSS requirement 7 in this expert tip.Continue Reading
The hypervisor security patch management process
Enterprises using virtualization must include hypervisor patching in their patch management process. Robbie Higgins explains why.Continue Reading
Digital forensic challenges in a cloud computing environment
Cloud computing creates difficulties for digital forensic investigators.Continue Reading
Cloud security standards provide assessment guidelines
The Cloud Security Alliance Cloud Controls Matrix helps cloud providers and customers to evaluate security controls.Continue Reading
ngrep: Learn how to find new malware with ngrep examples
In this video, Peter Giannoulis of the AcademyPro.com uses several ngrep examples to show how to find new malware that antivirus or IPS might not pick up on with this free tool.Continue Reading
User provisioning best practices: Access recertification
User access recertification is the process of continually auditing users' permissions to make sure they have access only to what they need. Implementing recertification, however, can be challenging. Get best practices on creating a recertification ...Continue Reading
Are you in compliance with the ISO 31000 risk management standard?
The ISO 31000 risk management standard is becoming an important development tool for shaping existing and new programs. Learn if your programs are in compliance with the standard.Continue Reading
Data classification best practices in financial services
Data classification is critical in the highly regulated financial industry. Learn key steps for data classification.Continue Reading
Self-service user identity management: Pitfalls and processes
While it might seem that self-service user identity management can save time and money, as well as keep information more current, there are a number of potential pitfalls. In this expert tip, Randall Gamby explains how to avoid these issues.Continue Reading
PAN truncation and PCI DSS compliance
What do Visa's PAN truncation guidelines mean for merchants and their acquiring banks? Security experts Ed Moyle and Diana Kelley provide analysis.Continue Reading
How to avoid attacks that exploit a Web browser vulnerability
Beyond patching, Tom Chmielarski explains what you'll need to do to avoid application exploits caused by Web browser vulnerabilities.Continue Reading
Why it's important to turn on DEP and ASLR Windows security features
In the quest for application security, many developers are disabling or incorrectly implementing two important Windows security features. In this expert response, Michael Cobb explains why ASLR and DEP should always be turned on.Continue Reading
Your USB port management options
When it comes to managing USB ports, the choice is yours. Mike Chapple reviews your three best options.Continue Reading
Enterprise PDF attack prevention best practices
Malicious PDF exploits are at an all-time high. Should enterprises dump PDFs altogether? Expert Michael Cobb answers that question and offers his key enterprise PDF attack prevention tactics.Continue Reading
Secure DMZ Web server setup advice
Network security expert Anand Sastry describes how to ensure a secure DMZ Web server setup involving network attached storage (NAS).Continue Reading
Which tools will help in validating form input in a website?
Find out how to validate form input in a website.Continue Reading
Tips on how to remove malware manually
In this expert response, Nick Lewis explains how to remove malware manually, step by step.Continue Reading
MD5 security: Time to migrate to SHA-1 hash algorithm?
Many organizations have been replacing the MD5 hash algorithm with the SHA-1 hash function, but can the MD5 hash algorithm still be used securely?Continue Reading
Performing a security risk analysis to assess acceptable level of risk
No organization is ever completely without risk, but there are steps that can be taken to establish an acceptable level of risk that can be appropriately mitigated. In this tip, Michael Cobb explains how to perform a security risk analysis to help ...Continue Reading
Operation Aurora: Tips for thwarting zero-day attacks, unknown malware
In December 2009, Google, Adobe and other companies were the victims of a damaging cyberattack called Operation Aurora. In this tip, expert Nick Lewis outlines the lessons learned from this attack, and how companies can avoid falling victim to ...Continue Reading
Using Windows software restriction policies to stop executable code
Software restriction policies are one way to prevent known malware and file-sharing applications from taking control of your network.Continue Reading
Applying the ISO 27005 risk management standard
The ISO 27005 risk management methodology standard has weaknesses when it comes to risk measurement. "Fuzzy math" theory can help fill the gaps.Continue Reading
Best practices and requirements for GLBA compliance
GLBA requirements to protect personal information have become more relevant than ever. In this tip, Paul Rohmeyer examines best practices for GLBA compliance.Continue Reading
Security report template: How to write an executive report
Writing a security report for executives doesn't have to be difficult or extensive, but security management expert Ernie Hayden describes how to make it comprehensive and clear.Continue Reading
Lack of incident response plan leaves hole in compliance strategy
Without an incident response plan, businesses can tend to be reactive rather than proactive when data breaches occur. Here are some steps to follow.Continue Reading
Is it possible to crack the public key encryption algorithm?
Is it possible to create a PKI encryption key that is unbreakable? IAM expert Randall Gamby weighs in.Continue Reading
Personally identifiable information guidelines for U.S. passport numbers
Do U.S. passport numbers count as personally identifiable information? Learn more about guidelines for PII in this security management expert response from David Mortman.Continue Reading
How to protect employee information in email paystubs
Many companies are moving to a system of paperless paystubs. Learn how to protect the information contained in these email paystubs with the use of secure email in this expert response.Continue Reading
Security benefits of virtual desktop infrastructures
In a highly regulated industry where security is critical, financial-services firms are turning to virtual desktop infrastructures. In this tip, Eric Ogren explains the security benefits of virtualized desktops and virtual workspace projects, ...Continue Reading
What is an encryption collision?
Michael Cobb reviews how encryption collision attacks on cryptographic hash functions could compromise the security of all kinds of digital systems.Continue Reading
Determine your Microsoft Windows patch level
A handful of patch management tools from Microsoft and third -parties can help your organization determine your Windows patch level and identify missing security patches.Continue Reading
How to prevent ActiveX security risks
Application expert Michael Cobb explains why ActiveX security relies entirely on human judgment.Continue Reading
Does using ISO 27000 to comply with PCI DSS make for better security?
PCI DSS is under fire for not providing enough security in the process of securing credit card data. Using ISO 27000 to complement PCI may provide better compliance and security.Continue Reading
What are new and commonly used public-key cryptography algorithms?
Expert Michael Cobb breaks down a variety of encryption algorithms and reviews the use cases for several types of cryptography.Continue Reading
What are the export limitations for AES data encryption?
Although AES is free for any use public or private, commercial or non-commercial programs that provide encryption capabilities are subject to U.S. export controls. Expert Michael Cobb reviews the limitations.Continue Reading
PCI DSS compliance requires new vendor management strategy
Requirement 12.8 requires a better vendor management strategy for PCI DSS compliance.Continue Reading
Port scan attack prevention best practices
While it's impossible to prevent against all port scanning attacks, there are best practices for port scanning security (such as a port scanning firewall) that can keep your network secure. Expert Mike Chapple weighs in.Continue Reading
Making the case for enterprise IAM centralized access control
Central access to multiple applications and systems can raise the level of security while getting rid of lots of red tape, so how do you go about creating central access management? In this tip, IAM expert David Griffeth explains the steps.Continue Reading
How to defend against rogue DHCP server malware
Rogue DHCP server malware is a new twist on an old concept. The good news is that effective threat mitigation strategies exist; the bad news is that many organizations haven't bothered to deploy them.Continue Reading
Should enterprises be running multiple firewalls?
While there may be scenarios where a single firewall is an appropriate architecture for an organization, it's equally true that many environments may benefit from the use of more than one network deviceContinue Reading
When BIOS updates become malware attacks
Most security pros don't give the system BIOS a second thought, or even a first one, but today's BIOS types are highly susceptible to malicious hackers. Information security threats expert Sherri Davidoff explains how attackers can plant BIOS ...Continue Reading
How to mitigate operational, compliance risk of outsourcing services
Companies must have an approach to evaluating partner risk, the level of risk of both the service and the provider, and the adequacy of the security practices of the provider.Continue Reading
Comparing an application proxy firewall and a gateway server firewall
There are many types of firewalls in use in today's enterprises, so it's easy to get confused about the functions of each. In this expert response, learn the difference between a proxy server firewall and a gateway server firewall.Continue Reading
Five steps to eliminate rogue wireless access
Unauthorized wireless access points aren't always malicious. Learn how to distinguish between them and mitigate threats posed by rogue APs.Continue Reading
How to analyze a TCP and UDP network traffic spike
What does it mean when TCP and UDP network traffic spikes? Network security expert Mike Chapple explains what this means for enterprise network security management.Continue Reading
How to avoid HIPAA Social Security number compliance violations
It can be difficult to decipher what a HIPAA Social Security number violation is. In this information security management expert response, David Mortman explains how to avoid HIPAA SSN violations as an employer.Continue Reading
How many firewalls do you need?
Whether your organizations needs multiple sets of firewalls depends on whether they will protect clients, servers or both and what kind of traffic they will monitor.Continue Reading
From the gateway to the application: Effective access control strategies
Organizations need to strike a balance between so-called front-door access control and more fine grained controls established within an application itself. This article discusses the difference between products designed to set access at the gateway ...Continue Reading
How does a Web server model differ from an application server model?
A Web server model and an application server model share many similarities but require different defense methods. Each model, for example, calls for distinct placement of application servers.Continue Reading
What controls can compensate when segregation of duties isn't economically feasible?
Having a strong log management capability is a good way to start when security segregation isn't possible. Mike Rothman explains.Continue Reading
What are the ethical issues when consulting for two competing companies?
Security consulting is a job in which privacy is paramount. Leaking security strategies to the wrong people -- especially a company's competition -- could lead to breaches or break ins. In this expert response, David Mortman gives best practices for...Continue Reading
How to perform a network device audit
From unauthorized applications to rogue devices like data-slurping USB sticks, enterprise networks face a growing number of security risks. For financial-services firms, the data loss or network intrusions that can result from unauthorized network ...Continue Reading
What are the security risks of opening port 110 and port 25?
If an external manufacturer wants to remotely access its leased copiers, is it risky to open both port 110 or port 25? Mike Chapple reveals a few security repercussions.Continue Reading
What is the cause of an 'intrusion attempt' message?
Have you ever received a message from your endpoint security product stating that an intrusion attempt has been blocked? Mike Chapple gives three possibilities for the alert's likely cause.Continue Reading
Comparing FTP vs. TFTP
There are some differences between FTP and TFTP, but here's the catch: both are inherently insecure protocols.Continue Reading
What OSI Layer 4 protocol does FTP use to guarantee data delivery?
What OSI Layer 4 protocol does FTP use to guarantee data delivery?Continue Reading
What firewall features will best protect a LAN from Internet hack attacks and malware?
In the case of a small network, the necessary firewall doesn't need to be anything complicated. Network security expert Mike Chapple reviews the key features of the network device.Continue Reading
PCI DSS 3.1 requirement best practices
Requirement 3.1 of the PCI Data Security Standard requires minimum cardholder data storage. In this tip, learn how to determine how much data your organization should store.Continue Reading
ID and password authentication: Keeping data safe with management and policies
Learn how to improve authentication and avoid password hacking with management policies that enforce password expiration, length and complexity requirements.Continue Reading
Lessons learned: The Countrywide Financial breach
The data breach at Countrywide Financial Corp. seems like something out of a TV crime drama: Two men regularly copied customer data and secretly sold it as leads to other mortgage brokers. The tale suggests that data theft is, more often than not, ...Continue Reading
Recovering stolen laptops one step at a time
When a student's laptop was stolen last year on a university campus, police and IT investigators went to work, recovering it within a matter of weeks. Neil Spellman, one of the investigators on the case, offers some best practices on what to do if a...Continue Reading
Is it impossible to successfully remove a rootkit?
In this expert Q&A, Michael Cobb takes a closer a look at the nature of rootkits to see why they can be so difficult to remove.Continue Reading
What are the basics of a Web browser exploit?
John Strand explains how attackers target a flaw in either the browser or in an application that the browser calls to process a Web request.Continue Reading
Risk assessments: Internal vs. external
Risk assessments are a necessary function at financial firms, but how do you know whether to conduct them internally or to use a third party? Expert Rick Lawhorn explores the pros and cons in this tip.Continue Reading
How to lay the foundation for role entitlement management
Role entitlement management is a daunting task, however, there are steps you can take to lay the foundation for a successful management process. In this tip, expert Rick Lawhorn details these seven steps.Continue Reading
What vendors would you recommend for software write-blockers?
In a forensics investigation, a software write-blocker can be very helpful. But which vendors offer the best blockers? Security management expert Mike Rothman explains what to look for.Continue Reading
Key management challenges and best practices
Key management is essential to a successful encryption project. In this tip, expert Randy Nash explains the challenges financial organizations face when implementing key management and some of the best practices to overcome them.Continue Reading
Is the Orange Book still relevant for assessing security controls?
Is the Orange Book still the be-all and end-all for assessing security controls in the enterprise? Security management expert Mike Rothman explains what happened to the Orange Book, and the Common Criteria for Information Technology Security ...Continue Reading
Ophcrack: Password cracking made easy
Scott Sidel examines the open source security tool Ophcrack, a password cracking tool aimed at ensuring the strength of corporate passwords.Continue Reading
Should iPhone email be sent without SSL encryption?
SSL encrypts all of the communication between your iPhone and your mail server. Network security expert Mike Chapple explains how important that feature really is.Continue Reading
GLBA risk assessment steps to success
GLBA requires financial firms to protect their data from anticipated risks. How can those risks be determined? Follow these steps to perform a risk assessment at your financial organization.Continue Reading
Should a domain controller be placed within the DMZ?
When creating an Active Directory network, is it necessary to place domain controllers in the DMZ? Network security expert Mike Chapple explains.Continue Reading
Is Triple DES a more secure encryption scheme than DUKPT?
Both DES and TDES use a symmetric key, but Michael Cobb explains their separate and distinct roles in protecting financial transactions.Continue Reading
What is the purpose of RFID identification?
RFID identification can be used to keep track of everything from credit cards to livestock. But what security risks are involved?Continue Reading
Intrusion detection system deployment recommendations
Before you take the time and effort to deploy an IDS, consider this advice.Continue Reading
How to secure an FTP connection
Network security expert Mike Chapple offers three tips that enable an FTP connection without opening up an enterprise to security risks.Continue Reading
Is centralized logging worth all the effort?
Network log records play an extremely important role in any well-constructed security program. Expert Mike Chapple explains how to implement a centralized logging infrastructure.Continue Reading
Does SOX provision email archiving?
Although SOX may lack specificity regarding certain controls, it does have clear mandates for email retention.Continue Reading