- +
Your World. . . Hacked 02 October, 2007 10:51:23
As your business becomes more collaborative and global, the risks to your company’s trade secrets rise proportionally. Fortunately, there are new strategies to protect the data that allows you to competeThe call to Bob Bailey, an IT executive with a major US government contractor, came on an otherwise ordinary day in October 2003. "Why are you attacking us?" demanded the caller, an IT leader with a Silicon Valley manufacturer. He wanted to know why Bailey's company had launched a denial-of-service attack against his network
- +
Adobe launches hosted services, adds Flash to Acrobat 03 June, 2008 09:02:44
Adobe to launch Web site offering users free hosted services for document creation, sharing and storageAdobe this week is set to unveil the next version of its Adobe Acrobat software, which adds support for the company's Flash multimedia technology. The company also plans to launch a new Web site offering users free hosted services for document creation, sharing and storage. - +
10 things we hate about laptops 16 November, 2007 12:40:09
Sure, laptops have revolutionized the way we compute. That doesn't mean they don't drive IT bonkers.Damaged. Lost. Stolen. Too big, too small. Insecure and unreliable. And just plain annoying. If you're in IT, there's just not much to like about laptops. - +
IPv6 Will matter to the enterprise in five years 10 November, 2007 08:30:12
Routing guru Jeff Doyle says there's no need to move to IPv6 now, offers design tips for OSPF nets, discusses Layer 2 vs. Layer 3 routing and shares more advice with attendees of his live Network World chat.Welcome to Network World Chats. Our guest today is Jeff Doyle, celebrity author, Cisco Subnet blogger and networking guru. He has come prepared to answer your questions on all things routing. - +
The top 10 reasons Web sites get hacked 05 October, 2007 10:27:37
Web developers ignore security flaws at customers' perilWeb security is at the top of customers' minds after many well-publicized personal data breaches, but the people who actually build Web applications aren't paying much attention to security, experts say.
Read up on the latest ideas and technologies from companies that sell hardware, software and services. The Secrets of C-Suite Success
Radicati Market Quadrant 2008 on Corporate Web Security
Understanding Email Marketing: A Guide for SMBs
Growth Strategies in Uncertain Times: Building & Maintaining Good Client Relationships in Professional Services Organisations
Still Sneaking In: The Threats Your Security Tools Aren't Telling You About
How to Beef Up Your Sales Pipeline
Dude! You Say I Need an Application-Layer Firewall?!
The IP Storage payoff: Turning your investment into efficient, affordable results
Newsletter Subscription
PayPal has 133 million customers that use its Internet-based money-transfer service, which handled US$37 billion in transactions last year. Michael Barrett, who is CISO at the eBay subsidiary, recently spoke with Network World senior editor Ellen Messmer about new approaches PayPal is taking to combat online fraud.
Almost every day I get a fake PayPal e-mail that's obviously a phishing scam. How do you deal with this phishing fraud or even use e-mail to communicate with PayPal customers?
There's a lot of spoofing of eBay.com and PayPal.com. We get e-mail from customers asking questions about this and other topics and we respond within 15 minutes. We use our own Web-based e-mail to communicate. The problem with phishing and spoofing generally is there's no magic bullet. So it's classic defense in depth.
How much fraud hits PayPal each year?
As a class of operational loss, it's 0.41 percent. In the industry, that's known as 41 basis points, which is pretty low. When our customers are victimized, their user ID and password are compromised, we compensate them.
What are some of your defensive strategies?
If the consumer actually never actually saw the phish e-mail, it's hard for the criminal to victimize you. We're working with people who make e-mail clients and the ISPs, such as Yahoo, MSN and AOL, on a technical strategy that says if the e-mail is not signed by us, drop it. We're having good discussions, but we have nothing to announce now.
What specifically do you do today?
We believe in consumer training, and we have a "Think before you click on a link" program. We've also begun supporting the Extended Validation SSL certificate for safe browsing, which gives consumers the green glow in the Internet Explorer 7 browser. The Internet Explorer 7.0 antiphishing filter works very well with black lists of sites updated regularly. If there's a big red URL bar, you're attempting to browse a URL site it would recommend you not.
This week we're also launching the PayPal Security Key in the United States, Australia and Germany. You log on with your PayPal ID and password and then also use a dynamic password generated by a keyfob made by VeriSign. Use of this is voluntary and we're supplying the keyfob on request for a nominal $5 charge, which doesn't even cover the cost. It will even be free for certain business customers, and we may decide it's mandatory for specific business segments.
Are there changes in general you think would help combat online fraud, which is global in nature?
There's a lot of fraud here, a lot in Eastern Europe and elsewhere. We have a large team of fraud investigators at both eBay and PayPal. It would help if there were harmonization of laws internationally in sentencing guidelines. There is simply a patchwork of laws everywhere.
2008 CIO Summit
19th August, 2008 Four Seasons Hotel, Sydney Developed in partnership with CIO Magazine, IDC, INTEP and the CIO Executive Council.
The world of the CIO is extremely complex and diverse. Multiple priorities demand attention and decisions are needed instantly. Individual teams need to be driven towards common goals, and businesses strive to become more mobile, agile and responsive. For CIOs, the challenge never ends.
Every year the CIO Summit identifies what is top of mind for CIOs across Australia and New Zealand, and offers insight for CIO benchmarking and vendor strategic planning alike.
Recent IDC research shows that over 59% of CIO's believe that 'to achieve their business strategies, technology should be used more aggressively than today.'
Join us on August 19th to discover how this is possible with the latest technologies including Virtualisation, Web 2.0, IP Surveillance and Software as a Service (Saas).
Click here for more information.
Please email Denyse_Robertson@idg.com.au for further information.
- +
CIO Live Podcast #79: Brent D Taylor, author of The Outsider's Edge: The Making of Self-Made Billionaires Part II 05 October, 2007 06:00:00
For his new book, The Outsider's Edge: The Making of Self-Made Billionaires, social researcher Brent D Taylor spent four years of intensive research investigating the psychological make-up and backgrounds of some of the world's richest men and women, including IT luminaries Bill Gates, Larry Ellison and Steve Jobs. Taylor discovered that, despite working in different industries and coming from different upbringings, they all have one thing in common -- they are all outsiders. - +
CIO Live Podcast #78: Brent D Taylor, author of The Outsider's Edge: The Making of Self-Made Billionaires 28 September, 2007 17:34:25
For his new book, The Outsider's Edge: The Making of Self-Made Billionaires, social researcher Brent D Taylor spent four years of intensive research investigating the psychological make-up and backgrounds of some of the world's richest men and women, including IT luminaries Bill Gates, Larry Ellison and Steve Jobs. Taylor discovered that, despite working in different industries and coming from different upbringings, they all have one thing in common -- they are all outsiders. - +
CIO Live Podcast #77: Panasonic Speeds Up Trans-Pacific File Transfers, Part III 21 September, 2007 07:00:00
Part three in our three-part special report from CIO's sister publication Network World in the US, as Paul Desmond reports from the Network World IT Roadmap Conference in Santa Clara, California. With development teams in the US and Japan, Panasonic needed a more efficient way to move very large files between the two locations. Iben Rodriguez, IT consultant for Panasonic Research and Development, explains how a storage-area network and virtual server technology helped speed up WAN performance. - +
CIO Live Podcast #76: Panasonic Speeds Up Trans-Pacific File Transfers, Part II 14 September, 2007 07:00:00
Part two in our three-part special report from CIO's sister publication Network World in the US, as Paul Desmond reports from the Network World IT Roadmap Conference in Santa Clara, California. With development teams in the US and Japan, Panasonic needed a more efficient way to move very large files between the two locations. Iben Rodriguez, IT consultant for Panasonic Research and Development, explains how a storage-area network and virtual server technology helped speed up WAN performance. - +
CIO Live Podcast #75: Panasonic Speeds Up Trans-Pacific File Transfers, Part I 07 September, 2007 07:00:05
Part one in our three-part special report from CIO's sister publication Network World in the US, as Paul Desmond reports from the Network World IT Roadmap Conference in Santa Clara, California. With development teams in the US and Japan, Panasonic needed a more efficient way to move very large files between the two locations. Iben Rodriguez, IT consultant for Panasonic Research and Development, explains how a storage-area network and virtual server technology helped speed up WAN performance.
- +
Information security governance: Centralized vs. distributed 05 September, 2008 10:15:00
Should security policies, procedures and processes be managed within a central body, or distributed at an individual level? You need to find the middle ground.The management of information risk has become a significant topic for all organizations, small and large alike. But for the large, multi-divisional organization, it poses the additional challenge of determining how to deploy an information security governance program among what are often disparate business units. Should the policies, procedures, and processes that define the program be developed and managed within a central, corporate body? Or perhaps responsibility would be better placed at the individual unit level? Is there a workable middle-ground? - +
DNS error brings Sophos antivirus updates to a halt 05 September, 2008 13:40:00
Optus, Internode and Equinix affected among others.A sporadic Domain Name Server (DNS) error has blocked Sophos anti-virus updates around the world. - +
Ouch! Security pros' worst mistakes 04 September, 2008 08:05:00
We've all done regrettable things on the job, but does any valuable wisdom come of it? Four security pros candidly explain their biggest blunders and what they learned in the processIt was a mistake so bad the person who made it asked that his name and company not be mentioned here. Let's call him Frank. - +
Security ROI: Fact or Fiction? 03 September, 2008 08:32:00
Bruce Schneier says ROI is a big deal in business, but it's a misnomer in security. Make sure your financial calculations are based on good data and sound methodologies.Return on investment, or ROI, is a big deal in business. Any business venture needs to demonstrate a positive return on investment, and a good one at that, in order to be viable. - +
Information Security and the Importance of Context 01 September, 2008 10:00:00
Those entrusted with information security must raise their contextual awarenessWhen the US Transportation Security Administration (TSA) was first created, it created a sudden need for tens of thousands of screeners. Getting a job as an airport screener was a pretty easy process. It seemed as though if you had a pulse, you were in. Jump forward to 2008 and becoming a screener is a bit harder as the TSA has instituted background checks, has upped the educational requirement to include a high school diploma or GED, and added other significant requirements.
Viva la Verticals! Key to Vendor Growth is Through Vertical Market Opportunities, Says IDC 05 September, 2008 11:05:00
F-Secure delivers fastest protection in the online world 04 September, 2008 16:50:00
Rogue security apps dominate Fortinet's Aug 2008 IT threat report 04 September, 2008 16:00:00
IntraPower Signs Deal with Australia’s Largest Service Station and Convenience Store Network 04 September, 2008 10:07:00
TANDBERG Begins Desktop Videoconferencing Roll-Out at New England Credit Union 03 September, 2008 16:01:00
|
||
|
||
|
|
||
|
Why Security SaaS Makes Sense Today
Corporate IT teams are waging a significant security battle on two fronts these days: stopping attacks via the Web and through email. Security SaaS can solves these problems and more. Read on to discover 7 reasons why security SaaS makes sense for your business.
Subscribe to CIO
