Features

• Cloud security: how to protect your data

  By CSO staff | 14 June, 2011 21:17

  To use Cloud computing securely requires companies to know where their data is stored and who has access to it. Ironically, the reason Cloud is so popular is because organisations don't want to worry about these details.

  So can the issue be solved by adhering to standards? Increasing legislation? Maybe we need a global technical disaster to ‘sober up’ an industry drunk on the power of Moore's Law.

• Rio Tinto spying case a wake up call to CIOs?

  By Tim Lohman | 12 August, 2009 11:28

  The arrest of Rio Tinto executive Stern Hu in China on spying charges has brought home the need for CIOs to examine data security according to the CEO of security company PGP, Phil Dunkelberger.

• Building a data center security architecture

  By Andreas M. Antonopoulos | 11 June, 2009 03:13

  Data center architecture has been changing quite dramatically over the past few years. In many data centers, organic growth had left them broken up into application silos. The standard three-tier architecture was copied for each application leading to a fairly hierarchical network. In this architecture, some core security services, such as firewalls and intrusion prevention, were concentrated at the root of the network tree, closest to the ingress routers and around any  DMZs.

• More employees neglecting data security, survey says

  By Agam Shah | 11 June, 2009 08:38

  More employees are ignoring data security policies and engaging in activities that could put a company at risk, according to a survey released by Ponemon Institute on Wednesday.

• Information systems audit: the basics

  By Jennifer Bayuk | 18 May, 2009 23:57

  In the early days of computers, many people were suspicious of their ability to replace human beings performing complex tasks. The first business software applications were mostly in the domain of finance and accounting. The numbers from paper statements and receipts were entered into the computer, which would perform calculations and create reports. Computers were audited using sampling techniques. An auditor would collect the original paper statements and receipts, manually perform the calculations used to create each report, and compare the results of the manual calculation with those generated by the computer. In the early days, accountants would often find programming errors, and these were computer audit findings.

• Antivirus Test: A Quest for Nearly Objective Rankings

  By Chaz Sowers | 21 May, 2009 04:50

  Editor's Note: Chaz Sowers wants reliable, indepedently tested antivirus software with few false positives. But what really constitutes an "independent" test? Unsatisfied with lab ratings, he built his own malware testbed and put 35 AV products through the paces. Here is the story behind one man's AV rankings; your results may vary.

• Australia lagging in data security compliance: PCI Security Standards Council

  By Tim Lohman | 21 May, 2009 13:43

  A lack of financial penalties and a mandate to publicly admit data breaches may be clouding the real state of credit card payment and security in Australia, according to a senior executive from the Payment Card Industry Security Standards Council.

• Security Implications of the Humble Computer Clock

  By Simson Garfinkel | 03 March, 2009 10:00

  If your company's computer clocks aren't in sync, forensics, backups, and much more can suffer. Simson Garfinkel on getting the time right.

• When A Company Folds, Who Guards Your Data's Privacy?

  By Pam Baker | 02 March, 2009 09:13

  IT and business both understand the need to protect regulated customer and business data -- so long as they're in business, analysts say. Here's a look at how some folding businesses are falling short protecting data and the possible liabilities for the IT group and CIO.

• Why Information Must Be Destroyed

  By Ben Rothke | 25 February, 2009 09:32

  The inability to discard worthless items even though they appear to have no value is known as compulsive hoarding syndrome. Ben Rothke explains why it's a bad habit in the world of IT security.