| Javascript Feeds RSS Feed Security Dashboard | SearchSecurity.com |
|
Government
|
|
Home Office
|
|
Small Business
|
|
Secure Web Based Mail Services There used to be a time when secure email management was simple. "Managing" meant sorting through your email messages, putting them into appropriate folders. Secure email back them meant using a simple password for email access. However, today, with email being a business critical application, more threats against email than ever before, government regulatory concerns, secure email management takes on a whole different meaning. Viruses, spam, worms, and other malicious attacks and non-malicious events can bring email infrastructures to their knees. With recent government legislation in countries such as the U.S., email confidentiality has become a growing concern. One of the more common access to email today is via web browser and web based email access. What security issues should be kept in mind when developing or designing web mail systems?
By Keith Pasley, 03/10/2004
|
|
Tracing an e-mail message First (and easiest) thing to forge is the e-mail return address. Most personal computer posting software lets you type in just about any e-mail address you want to (for example the software I am using to post this message). Unless someone is a real idiot or they truly don"t know they will annoy tons of people, they will forge a fake e-mail return or put in the e-mail of someone they don"t like. It seems that most machines will accept e-mail from any other machine, so don"t send e-mail to postmasters at "upstream" sites that are just passing the message along.
By Gandalf The White O, 03/10/2004
|
|
Approaches to choosing the strength of your security measures The rising exploitation of most existing vulnerabilities is combined with the appearance of new ones resulting in a new and powerful threat to Internet users (see, for example, 2001 CSI/FBI Survey, a standard cyber crime statistical reference). The security industry often takes the position that companies should promptly design and implement more and more security, increase its priority within the business and train all computer users in using the multiple layers of enterprise defense. Similar advice is given to small office, home office and individuals using the Internet from home.
By Anton Chuvakin, 03/03/2004
|
|
The Need for Information Security in Today's Economy The advancement of technology, the Internet, and information sharing has had both positive and negative impacts. One of the negative impacts was the large increase in new "information" threats. The number of threats and reported computer related incidents increased at a tremendous rate by the end of the 1990's, and into the 2000's. Many of the computer incidents exploited confidential information being stored by companies in a variety of different industries. The ability to carry out threats against information systems has been made easier due to the sharp increase in system vulnerabilities. Unauthorized access to confidential information was also the result of weak or non-existent information security practices. Not identifying and mitigating risks is a leading cause of unauthorized access and the exploitation of vulnerabilities.
By Jeff Tarte, 02/18/2004
|
|
Essential Information Security For Corporate Employees This paper was written to raise security awareness and provide corporate employees with essential security information that emphasizes critical issues surrounding an implementation of security "best practices" throughout an organization. Do not assume that this paper is an all inclusive guide to corporate information security. Information security consists of four major components: technology, process, policy and culture. This paper focuses on culture and specific human factors that weaken security in an organization.
By Lloyd Guyot, 02/18/2004
|
|
Common sense security A few years back, I was working on getting investment into our business. We had big problems with the lawyer from the other side, who kept raising objections. The issue wasn't that her points were invalid; they just weren't material. In other words, they were unlikely to cause problems for their investor. This might seem a million miles away from security issues, but I think it can illuminate similar dilemmas in computer securit IT security professionals aim to protect their companies and clients from harm, but the tightest security is not necessarily the best.
By Chris Barling, 02/17/2004
|
|
Page: 123456789 10 |
