Security forces - act before you must react

Tuesday, 9 September 2003, 3:36 PM EST

Information security is a reactive world. The next intrusion, vulnerability or worm is always right around the corner.

With critical issues arising everywhere, the typical CISO and IT security organization spend most of their time reacting to outside forces and not nearly enough time getting ahead of the curve. One way out of this downward spiral is to get proactive with a system security policy and a method of ensuring compliance. This can change the environment from scrambling to planning, increasing the value and reducing the cost of security. But how can this be accomplished without time, resources and a radical change in the environment?

System security policy management tools are growing in popularity. These tools automate the process of viewing and setting the system configurations of a large number of systems, and reporting on their configurations against a security policy to give measurable results. Improperly configured systems, including items such as permissions, user rights, and OS security parameters cause most common security problems.

[ Read more ]


Pen-testing drone searches for unsecured devices

You're sitting in an office, and you send a print job to the main office printer. You see or hear a drone flying outside your window. Next thing you know, the printer buzzes to life and, after spitting out your print job, it continues to work and presents you with more filled pages than you expected.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Fri, Oct 9th