Critical.
Authoritative.
Strategic.
Subscribe to CIO Magazine »

Security and Privacy » Features »

  • 2011's biggest security snafus

    Perhaps it was an omen of what was to come when the city of San Francisco on New Year's Eve 2010 couldn't get a backup system running in its Emergency Operations Center because no one knew the password.

    Written by Ellen Messmer02 Dec. 11 06:27

  • Hackers target IPv6

    If your IPv6 strategy is to delay implementation as long as you can, you still must address IPv6 security concerns right now.

    Written by Susan Perschke28 Nov. 11 22:32

  • Security breach

    No company wants to be associated with a data breach, but if your systems are compromised the fallout can sometimes be more damaging than the act itself.

    Written by Matt Rodgers22 Sept. 11 09:00

  • Apple iOS: Why it's the most secure OS, period

    In June 2007, Apple released the iPhone, and the device quickly took off to become a major brand in the smartphone market. Yet when the iPhone shipped, security on the mobile operating system was nearly nonexistent. Missing from the initial iOS (then called iPhone OS) were many of the security features that modern-day desktop software has as a matter of course, such as data-execution protection (DEP) and address-space layout randomization (ASLR). Apple's cachet lured security researchers to test the platform, and in less than a month, a trio had released details on the first vulnerability: an exploitable flaw in the mobile Safari browser.

    Written by Robert Lemos06 June 11 20:04

  • Internal security top of mind for AusCERT

    When a delegate list includes people from the US Naval Criminal Investigation Service (NCIS), AusCERT 2011 organisers know all too well that their security may be tested.

    Written by Hamish Barwick18 April 11 12:52

  • Legal issues in the Cloud - Part 4

    One of the remaining key issues Cloud users need to consider relates to the notion of being locked-in to certain applications or systems — and if a user wants to transfer data or applications from the Cloud, whether the data is portable between service providers. In these circumstances, a user will need to consider its requirements to access data some years into the future for a plethora of regulatory reasons.

    Written by Mark Vincent and Nick Hart11 April 11 06:00

  • Legal issues in the Cloud - Part 3

    Proper due diligence focuses on identifying the players in the Cloud relationship. That is, who is actually involved in providing the services and are they the same entity (or entities) that are processing or storing data? In the case of aggregators, for example, a Cloud user could be dealing with a single entity which itself is provided services by various third parties.

    Written by Mark Vincent and Nick Hart10 April 11 06:00

  • Legal issues in the Cloud - Part 2

    Unlike a fixed server in your office or at a data centre in Australia, data in the Cloud can potentially be located anywhere in the world — even in multiple data centres in multiple copies worldwide. A Cloud service provider may not even know where the data resides at any one time. The Cloud may not be tied to any particular location but this is clearly not the case with the laws of each country. Any ‘global’ technology solution will be impacted by the laws of a large number of nation states. As a result, sending and processing data around the globe could, in the process, fail to comply with data protection and privacy laws in various countries.

    Written by Mark Vincent and Nick Hart09 April 11 06:00

  • Legal issues in the Cloud - Part 1

    The Cloud can be cheaper, more flexible, easier to manage and efficient. But users and providers of Cloud services have to weigh these advantages against the risks or perceived risks — such as regulatory compliance, security, performance, availability of service, and liabilities and remedies under the governing contracts.

    Written by Mark Vincent and Nick Hart08 April 11 10:01

  • Steps to secure your smartphone against data theft

    You may already know the basics of Internet security and keeping your personal data private while browsing the Web: Use a firewall, don't open attachments you aren't expecting, and never follow links from strangers. But what about your smartphone? The ease with which security researcher Georgia Weidman was able to infect Android phones with her custom botnet during the 2011 ShmooCon security conference suggests that anyone concerned about the privacy of the personal data stored on their smartphone should think twice before downloading dubious or otherwise untrustworthy apps.

    Written by Alex Wawro05 March 11 11:04

  • How DRM could ensure cloud security

    Yet another survey is indicating that security is a big issue for those intending to take up cloud computing.

    Written by Keir Thomas04 Feb. 11 05:53
  • 1

    Information security in 2011

    C-level executives are more aware than ever about threats to information security.

    Written by James Hutchinson19 Jan. 11 10:36

  • Security fail: When trusted IT people go bad

    It's a CIO's worst nightmare: You get a call from the Business Software Alliance (BSA), saying that some of the Microsoft software your company uses might be pirated.

    Written by Tam Harbert19 Jan. 11 03:33

  • ClamAV promises free antivirus app for businesses

    Most of us don't like paying for antivirus (AV) software, but at least home users can rely on one of the free options, such as Microsoft Security Essentials, avast!, or AVG Free.

    Written by Keir Thomas19 Jan. 11 05:34

  • Could Wikileaks scandal lead to new virtual currency?

    It's not an exaggeration to say that the recent Wikileaks scandal has shaken the Internet to its core. Regardless of where you stand on the debate, various services have simply refused to handle Wikileaks' business -- everything from domain-name providers to payment services -- and this has led to many questioning how robust the Internet actually is.

    Written by Keir Thomas11 Dec. 10 11:35

  • WikiLeaks: A case study in Web survivability

    In recent weeks WikiLeaks has been targeted by denial-of-service (DoS) attacks, had its hosting service shutdown, been bounced off of Amazon hosting, had its funding through PayPal, MasterCard and other sources shut down, and its leader arrested on sexual assault-related charges. The fact that WikiLeaks remains stubbornly and defiantly online holds some lessons for other sites when it comes to resilience and survivability.

    Written by Tony Bradley09 Dec. 10 07:29

  • Massive Mac OS X update shatters illusion of security

    Perhaps you've heard that the Apple Mac OS X operating system is simply more secure by design and not prone to the security flaws and vulnerabilities that plague the dominant Microsoft Windows operating system? Well, don't believe the hype. Apple unleashed an update for Mac OS X this week which fixes a massive 134 vulnerabilities.

    Written by Tony Bradley12 Nov. 10 02:15

  • Cloud Computing Poses Control Issues for IT

    Though most U.S. companies still list customer and other corporate information as their most valuable assets, many keep pushing this data farther from safe lockdown in the data center--and are about to give it another strong shove in that direction.

    Written by Kevin Fogarty18 May 10 04:42

  • A private investigator's tricks of the trade

    In 1993, Private Investigator Joe Seanor had wrapped up employment stints in the CIA and the Department of Justice, and was looking for something new in his professional life.

    Written by Joan Goodchild22 April 10 00:13

  • How security professionals monitor their kids

    Cell phones, texting, IM, email, Facebook, MySpace--kids are interconnected today in ways hardly imagined two decades ago. But these technology-based communication platforms also enable new forms of an age-old parenting strategy: monitoring your kids. Who are they talking to? What are they talking about? Are they going where they said they are going?

    Written by Joan Goodchild15 April 10 07:27
rhs_login_lockGet exclusive access to Invitation only events CIO, reports & analysis.
Recent comments

HP and IDG news, product videos and resources