- Data Protection Solutions and Strategy
- Database Security Tools and Techniques
- Email and Instant Messaging Security
- Enterprise Data Storage
- Platform and OS Security Management
- Secure Coding and Application Programming
- Security for Cloud Computing and Hosted Services
- Virtualisation Technology Solutions and Strategy
- Web Application Security
Email Alerts
-
The new EU data protection regulation: Planning for compliance
The new data protection rule will impact businesses worldwide. Discover quick wins for SMBs and projects for large businesses to move to compliance.Tip
-
ICO fines Welsh health board £70,000 for patient record loss
For the first time, the ICO fines an NHS organisation for sending patient data to the wrong person.News | 11 May 2012
-
Infosecurity 2012 Europe: Conference news and highlights
Get the latest news and important research from the Infosecurity 2012 Europe conference, including coverage on security threats and data breaches.Guide
-
Prepare now for more stringent U.S. data privacy laws
U.S. data privacy laws will soon become more pervasive and more strictly enforced. Security teams should prepare their organizations for the new rules.News | 05 Apr 2012
-
Survey sheds light on SharePoint security issues
-
Survey roundup: Trends in IT security topics
Surveys on a variety of IT security topics highlighted key trends in Web application vulnerabilities, cloud computing concerns and the motivations behind attacks.Photo Story
-
Four mobile device security threats and three tools to manage them
Mobile devices pose very real risks to organisations. Rob Shapland outlines four mobile device security threats and three tools to manage them.Tip
-
European Commission data protection proposals draw hostile reaction
Reaction to the European Commission data protection proposals has been largely negative, as many believe the new rules are costly and misdirected.News | 26 Jan 2012
-
Survey sheds light on SharePoint security concerns
Respondents' top SharePoint security concerns include frustrated users who inadvertently or deliberately circumvent security policies.News | 24 Jan 2012
-
UK IT security survey reveals changing priorities
TechTarget surveyed UK IT professionals regarding their 2012 security priorities. The findings show changing security priorities.News | 16 Jan 2012
- VIEW MORE ON : Data Protection Solutions and Strategy
-
Securing NoSQL applications: Best practises for big data security
NoSQL is great for big data, but security is often lacking in NoSQL applications. Davey Winder provides best practises for NoSQL security.Tip
-
Cattles' lost backup tapes highlight risk of unencrypted data storage
Cattles Group lost backup tapes containing 1.4 million unencrypted customer records. The incident highlights the risks of removable storage.News | 09 Jan 2012
-
Segregation of duties: Small business best practices
Segregating duties can be tough in organisations that have few staff members and resources. Get duty segregation best practices for SMBs.Tip
-
RSA Europe 2011: IT security conference coverage
All the news from RSA Europe 2011. Read news, features, tips and blogs from the London based IT security conference.Tip
-
Private companies can expect more ICO fines, regulator warns
A regulator warned private companies who do not adequately protect data will face ICO fines up to £500,000.News | 20 Oct 2011
-
Security shakeup needed to stop theft of confidential information
Infections are expensive and nearly constant, but studies from vendors Symantec and FireEye have found the prescription: A new approach to security.News | 02 Sep 2011
-
With UTM system, Blackpool Council trims network security costs
Faced with a network ravaged by Conficker and a dwindling budget, the Blackpool Council implemented a UTM system to cut costs and bolster security.News | 11 Jul 2011
-
How to stop SQL injection and prevent data compromises
While they're some of the easiest attacks to prevent, SQL injections are also some of the least protected against forms of attack. Learn how to stop them with this advice.Tip
-
UK information security training courses overview
Keep your skills sharp with this list of local information security training courses, including sessions on obtaining infosec certifications, implementing specific compliance or standard requirements, and more!Misc
-
VoIP security risks will be on display at Infosecurity Europe
Wick Hill plans to demonstrate CCTV and VoIP security risks that could compromise a network, including three types of attacks.News | 19 Apr 2011
- VIEW MORE ON : Database Security Tools and Techniques
-
Using open source intelligence software for cybersecurity intelligence
Discover the information that may be leaking out of your organisation before hackers use it to launch an attack against your organization.Tip
-
Surveying the landscape of today’s mobile device security risks
The biggest mobile device security risks are not from malware -- at least not yet. Find out the primary concerns of IT pros managing mobile devices.News | 14 Mar 2012
-
New mobile security statistics show consumers fearful of mobile spam
A survey of UK consumers found trust in mobile device security is declining as more users fall prey to mobile spam.News | 09 Mar 2012
-
Stop phone tracking and GPS data leakage
GPS-enabled smartphones and other GPS devices may leak confidential or sensitive data, making it easy for attackers to target your employees.Tip
-
Opinion: Firms can’t or won’t address social networking security risks
It's a common refrain: Even companies that are aware of social networking security risks don't do anything about them.Opinion
-
Tougher data protection rules will push up cost of email marketing
The EU will announce tougher rules for collecting information from consumers. Security pros can plan now for the new rules, expected in January 2012.News | 17 Nov 2011
-
RBS breach of email security policy exposes staff pay rates
An email accidentally mailed to 800 RBS employees contained the pay rate details of nearly 3,000 RBS contract staff.News | 25 Aug 2011
-
Botnet security alert: Malicious spam surge marks bot reconstruction
The percentage of spam messages containing a malicious payload has spiked sharply recently, likely due to a resurgence of spam bots.News | 19 Aug 2011
-
Learn how to utilize a free spam-filtering service for your SMB
Learn how a Web-based free spam-filtering service can secure email and prevent spam from attacking your enterprise.Answer
-
Instant messaging: Corporate policies for IM security issues
While the business benefits of using IM often outweigh the risks, locking down instant messaging in the workplace is still essential to enterprise security.Tip
- VIEW MORE ON : Email and Instant Messaging Security
-
Investigation reveals serious cloud computing data security flaws
Context Information Security found that data stored by a cloud customer could be accessed by the next customer to spin up a VM on the same disk.News | 24 Apr 2012
-
UK firms have trust in cloud service security, but reality disappoints
UK firms believe moving some IT projects to the cloud will improve their overall security, yet they end up feeling less secure after the move.News | 15 Mar 2012
-
Cattles' lost backup tapes highlight risk of unencrypted data storage
Cattles Group lost backup tapes containing 1.4 million unencrypted customer records. The incident highlights the risks of removable storage.News | 09 Jan 2012
-
SNW Europe 2011: Cloud location matters to secure cloud data storage
Storing data in the cloud? Secure cloud data storage means knowing exactly where data is located, duplicated and backed up.News | 10 Nov 2011
-
IT in Europe, Security Edition: Data security cloud computing outlook
Despite worries about data security, cloud computing is spreading over the UK enterprises, making heroes of many IT staff.Magazine
-
Missing USB drive, found in pub, contained unencrypted data
The ICO says two housing groups must improve data security after a contractor’s missing USB drive, containing unencrypted data, was found in a pub.News | 04 Aug 2011
-
How sensitive company data leaks onto mobile devices in business
Expert Peter Wood explains the top five ways sensitive information can get onto mobile devices, and what policies need to be in place to prevent data exposure.Tip
-
Safend expands data leakage prevention product to plug more gaps
With the introduction of two new modules to its DLP suite, Safend Inc. says its product can now help identify sensitive data, and also inspect email and instant messages.Article | 23 Dec 2009
-
TrueCrypt: How to get started with open source disk encryption
Michael Cobb explains why he recommends TrueCrypt as a reliable on-the-fly encryption program.Tip
-
Report: Firms avoid encrypting backup tapes, databases
According to a recent survey, cost and complexity have caused many companies to ignore database and tape encryption.Article | 26 Oct 2009
- VIEW MORE ON : Enterprise Data Storage
-
MDM, security vendors scramble to address BYOD security issues
Organisations are looking beyond NAC and MDM to resolve BYOD security issues; MDM, security and hybrid vendors are responding with new products.News | 18 May 2012
-
With mobile payments, security teams must move quickly
As employees make payments on their mobile devices, the security team must act quickly to ensure corporate assets remain secure.Tip
-
Report: Corporate mobile device policy must align security, job roles
In the debate between BYOD and company-issued devices, a new report compares mobile platforms and recommends devices based on users’ job roles.News | 13 Apr 2012
-
Verizon data breach report highlights continuing POS vulnerabilities
Improperly secured point-of-sale systems continue to offer an easy target to cybercriminals according to the 2012 data breach report from Verizon.News | 22 Mar 2012
-
Survey sheds light on SharePoint security issues
-
Taking control of smartphone proliferation while avoiding user anarchy
With smartphone proliferation raging through companies, IT teams are turning to MDMs to keep corporate data safe. Are current MDMs up to the task?Feature | 14 Mar 2012
-
IT in Europe, Security Edition: Smartphone security issues
How can security teams manage devices they don’t control? Find out how to manage smartphone and tablet security threats.Learning Guide
-
Surveying the landscape of today’s mobile device security risks
The biggest mobile device security risks are not from malware -- at least not yet. Find out the primary concerns of IT pros managing mobile devices.News | 14 Mar 2012
-
Windows security case study: Controlling Windows 7 user privileges
After migrating from Windows XP to Windows 7, Oxford University Press used Avecto’s Privilege Guard to control Windows 7 user privileges.News | 24 Feb 2012
-
Survey sheds light on SharePoint security concerns
Respondents' top SharePoint security concerns include frustrated users who inadvertently or deliberately circumvent security policies.News | 24 Jan 2012
- VIEW MORE ON : Platform and OS Security Management
-
Securing NoSQL applications: Best practises for big data security
NoSQL is great for big data, but security is often lacking in NoSQL applications. Davey Winder provides best practises for NoSQL security.Tip
-
Building a secure website and maintaining good website design
As a new website is developed, security goals often lose out to design aspirations. Learn how to keep security at the top of the priority list.Tip
-
A compliance strategy for the controversial cookie opt-in regulation
Businesses face many concerns with the PECR cookie law. Compliance expert Alan Calder offers a compliance strategy for the cookie opt-in regulation.Tip
-
Survey roundup: Trends in IT security topics
Surveys on a variety of IT security topics highlighted key trends in Web application vulnerabilities, cloud computing concerns and the motivations behind attacks.Photo Story
-
Session fixation protection: How to stop session fixation attacks
Session fixation attacks rely on poorly managed Web application cookies. Rob Shapland answers a reader’s question on session fixation protection.Ask the Expert
-
Windows security case study: Controlling Windows 7 user privileges
After migrating from Windows XP to Windows 7, Oxford University Press used Avecto’s Privilege Guard to control Windows 7 user privileges.News | 24 Feb 2012
-
Using Burp Suite proxy tool to examine client-side requests
The free Burp Suite proxy tool can be used for good or for bad. Expert Rob Shapland provides usage scenarios for both.Tip
-
Web application vulnerability statistics show security losing ground
New Web application vulnerability statistics show the number of vulnerabilities is rising, despite the use of Web application development frameworks.News | 08 Feb 2012
-
Microsoft spurs Browsium to rewrite tool for running IE6 on Windows 7
Microsoft has spurred Browsium to rewrite its tool for running IE6 on Windows 7, limiting the security threat posed by continued use of IE6.News | 03 Feb 2012
-
Comet hit with lawsuit for alleged Microsoft Windows piracy
Microsoft is suing Comet, alleging the electronics retailer sold counterfeit Windows backup discs, but Comet claims it was just good customer service.News | 04 Jan 2012
- VIEW MORE ON : Secure Coding and Application Programming
-
Royal Holloway 2012: Risks of multi-tenancy cloud computing
In his Royal Holloway 2012 thesis, Jacobo Ros examines the risks of multi-tenancy cloud computing.Feature
-
Royal Holloway 2012: An analysis of cloud security certifications
In his Royal Holloway 2012 thesis, Robert Farrugia analyses cloud security certifications and suggests ways organisations can reduce cloud risks.Feature
-
Royal Holloway 2012: PCI compliance, cloud computing are a costly pair
It is possible to achieve PCI DSS compliance in a cloud environment, but it may not be cost-effective, as explained in this Royal Holloway article.Feature
-
Video: Founder of Common Assurance Maturity Model on CSP rating system
CAMM founder Raj Samani describes CAMM’s vision of a cloud service provider rating system to match customer organizations with CSPs.Video
-
Investigation reveals serious cloud computing data security flaws
Context Information Security found that data stored by a cloud customer could be accessed by the next customer to spin up a VM on the same disk.News | 24 Apr 2012
-
Survey roundup: Trends in IT security topics
Surveys on a variety of IT security topics highlighted key trends in Web application vulnerabilities, cloud computing concerns and the motivations behind attacks.Photo Story
-
UK firms have trust in cloud service security, but reality disappoints
UK firms believe moving some IT projects to the cloud will improve their overall security, yet they end up feeling less secure after the move.News | 15 Mar 2012
-
Taking control of smartphone proliferation while avoiding user anarchy
With smartphone proliferation raging through companies, IT teams are turning to MDMs to keep corporate data safe. Are current MDMs up to the task?Feature | 14 Mar 2012
-
How to apply PCI DSS guidance to virtualisation technology
Learn how to apply best practices from the recently released PCI DSS virtualisation guidance to your virtual environment.Tip
-
The proposed EU data protection regulation and its impact on cloud users
Cloud customers and cloud providers would face stricter data security requirements under draft European regulation.Tip
- VIEW MORE ON : Security for Cloud Computing and Hosted Services
-
Royal Holloway 2012: Risks of multi-tenancy cloud computing
In his Royal Holloway 2012 thesis, Jacobo Ros examines the risks of multi-tenancy cloud computing.Feature
-
Royal Holloway 2012: PCI compliance, cloud computing are a costly pair
It is possible to achieve PCI DSS compliance in a cloud environment, but it may not be cost-effective, as explained in this Royal Holloway article.Feature
-
MDM, security vendors scramble to address BYOD security issues
Organisations are looking beyond NAC and MDM to resolve BYOD security issues; MDM, security and hybrid vendors are responding with new products.News | 18 May 2012
-
With mobile payments, security teams must move quickly
As employees make payments on their mobile devices, the security team must act quickly to ensure corporate assets remain secure.Tip
-
UK firms have trust in cloud service security, but reality disappoints
UK firms believe moving some IT projects to the cloud will improve their overall security, yet they end up feeling less secure after the move.News | 15 Mar 2012
-
Microsoft spurs Browsium to rewrite tool for running IE6 on Windows 7
Microsoft has spurred Browsium to rewrite its tool for running IE6 on Windows 7, limiting the security threat posed by continued use of IE6.News | 03 Feb 2012
-
How to apply PCI DSS guidance to virtualisation technology
Learn how to apply best practices from the recently released PCI DSS virtualisation guidance to your virtual environment.Tip
-
Swiss bank balances tablet security issues with performance, cost
When a Swiss bank needed solve its tablet security issues, it found a way to secure its devices without sacrificing performance by using virtualisation.News | 02 Dec 2011
-
Creating secure virtual machines with strong data separation policies
Virtualisation can increase cost savings and efficiency, but could also increase an organisation's risk level.Tip
-
Citrix patches severe XenDesktop, XenApp security flaw
The virtualisation vendor says a severe XenDesktop and XenApp security flaw needs immediate patching, or else an attacker may execute arbitrary code.News | 28 Jul 2011
- VIEW MORE ON : Virtualisation Technology Solutions and Strategy
-
Royal Holloway 2012: A framework for preventing cross-site scripting
Based on his Royal Holloway thesis, Joseph Bugeja proposes a new framework for preventing cross-site scripting attacks.Feature
-
The new EU data protection regulation: Planning for compliance
The new data protection rule will impact businesses worldwide. Discover quick wins for SMBs and projects for large businesses to move to compliance.Tip
-
Using open source intelligence software for cybersecurity intelligence
Discover the information that may be leaking out of your organisation before hackers use it to launch an attack against your organization.Tip
-
“Click-for-tickets” fraud: Teaching users to sidestep Olympic scams
Attackers are expected to use the Games to foster email and Internet fraud. Learn how to help users sidestep Olympics-related scams.Tip
-
File upload security best practices: Block a malicious file upload
Do your Web app users upload files to your servers? Find out the dangers of malicious file uploads and learn six steps to stop file-upload attacks.Answer
-
ISBS 2012 report: Security slow to adapt to new technologies
PwC’s ISBS 2012 report, which will be presented at Infosecurity 2012, shows security teams react too slowly to threats from new technologies.News | 20 Apr 2012
-
Privacy and electronic communications regulations: Guide to EU cookie compliance
Get advice for implementing PECR regulations requiring website owners to request users’ permission to place a tracking cookie.Guide
-
EU cookie regulations: Advice for firms in the US and other countries
Expert Alan Calder responds to a reader’s question: Must companies outside the EU change their websites to comply with EU cookie regulations?Answer
-
Building a secure website and maintaining good website design
As a new website is developed, security goals often lose out to design aspirations. Learn how to keep security at the top of the priority list.Tip
-
A compliance strategy for the controversial cookie opt-in regulation
Businesses face many concerns with the PECR cookie law. Compliance expert Alan Calder offers a compliance strategy for the cookie opt-in regulation.Tip
- VIEW MORE ON : Web Application Security