Do you have a good backup? Read the following story. Having redundant disk systems (RAID), database replicas and high-availability servers is not enough! More than third of data lost is caused by human mistakes! A good backup procedure is mandatory, with off-site storage of course. Last advice: the procedure must
Tag: Security
Users Learn More with Fun
From a end-user point of view, security is boring. It’s part of the human behaviour: if it’s too much annoying, people will not follow the rules! Even more in the IT security domain. I read the following story on the CISSP forum today. The question was: “We are doing a
Do not Underestimate Physical Security
Security in IT is everywhere: firewalls, proxies, anti-[spam|virus], IDS and more! But what about physical security to your IT infrastructure? Read the following story: Peter Gabriel‘s web site was off the web due to a server theft! I would like to know how the thieves performed! Why spend money to
Belgian NSA?
According to Datanews, A federal project in Belgium to fight online criminality will start soon. Something like a “National Security Agency“? This project exists since… 2005! The article is here. BTW, nsa.be is already registered by a ex-colleague/friend! He has maybe a good opportunity to get some €€€ 😉
Secunia NSI 2.0 Final Release
Secunia announced today the final release of NSI (“Network Software Inspector“) 2.0! This application performs scans of your network devices and reports vulnerabilities to a centralized dashboard. This is a must to maintain a good level of security inside your network. You can test if for free for 7 days
Microsoft Helps Big Brother
In a previous post, I talked about US authorities who have rights to read your hard drives. Today, Microsoft announced a new toy USB stick called COFEE: Computer Online Forensic Evidence Extractor. “The device contains 150 commands that can dramatically cut the time it takes to gather digital evidence, which
NAP, 802.1x, VMPS & Co
Not a very long time ago, security was still focussed on the external side of networks and all bad guys playing on the Internet. Now, the perimeter security (DMZ, firewalls, IDS and other toys) is performed by mature technologies and devices to protect your network against external attacks (but never
OpenID – SSO for the Mass
User authentication is a key component of security practices. To allow certain operations in your websites, you first need to authenticate the user. To achieve this, there are plenty of methods. The most common is the login / password pair. Not the most secure but quite easy to deploy. One
Jail Sentence for CEO’s whitout “Due Care”
According to a study released by WebSense, 25% (!) of conducted security professionals would agree on jail sentences for CEO’s who did not respect the “due care” principle. Read the press release here for all results.
Airport Security
(c) J.D. Frazer