Winter 2011: Password security standards and trends-
Building a secure website that designers actually like
As a new website is developed, security goals often lose out to design aspirations. Learn how to keep security at the top of the priority list.
-
Compliance strategy for the cookie opt-in regulation
Businesses face many concerns with the PECR cookie law. Compliance expert Alan Calder offers a compliance strategy for the cookie opt-in regulation.
-
Four steps to comply with ICO cookies regulations
To comply with ICO regulations, you’ll need to clean up website cookies and prepare pop-up permission requests. Alan Calder explains how.
-
Defending against four mobile device security threats
Mobile devices pose very real risks to organisations. Rob Shapland outlines four mobile device security threats and three tools to manage them.
-
How to audit cookies for compliance
Concerned about the PECR regulations for website tracking cookies? Learn how to audit cookies on your site to find out if you are in compliance.
-
Using Burp Suite proxy tool to examine client requests
The free Burp Suite proxy tool can be used for good or for bad. Expert Rob Shapland provides usage scenarios for both.
-
Apply PCI DSS guidance to virtualisation technology
Learn how to apply best practices from the recently released PCI DSS virtualisation guidance to your virtual environment.
-
Incident reporting, employee surveillance laws overseas
When an organisation has employees abroad, the security team must understand employee surveillance laws and incident reporting requirements.
-
Aligning security policy, international employment laws
Before opening an office abroad and hiring employees in other countries, learn how to adapt your security policy to international employment laws.
-
Assessing home offices with security teleworking policy
Get advice on how to assess employee's home offices for security and policy compliance.
-
Stop phone tracking and GPS data leakage
GPS-enabled smartphones and other GPS devices may leak confidential or sensitive data, making it easy for attackers to target your employees.
-
A pen tester’s advice on creating a secure password
A pen tester explains the importance of creating a secure password
-
Getting control of IT security documentation
Does your IT department feel buried under mountains of paperwork? Expert Michael Cobb shows an easy way to organise your IT security documentation.
-
Managing security of outsourced software development
Learn the most important outsourcing security issues to cover in partner contracts and SLAs when outsourcing software development.
-
Segregation of duties: Small business best practices
Segregating duties can be tough in organisations that have few staff members and resources. Get duty segregation best practices for SMBs.
-
List: Information system security certifications
There are many information system security certification choices for security pros, IT staff and managers. This list helps you sort out the certs.
-
Prevent unauthorized personnel from hacking voicemail
Keeping attackers out of sensitive corporate voicemails can be as easy as updating PIN policies.
-
Sharpening endpoint security with end-user training
Expert Michael Cobb makes the case for year-round end-user security awareness training.
-
Merger integration checklist for security
Security must be carefully managed before and during an acquisition. Mike Cobb proposes a merger integration checklist for security.
-
Web application security guidelines for developers
The best way to mitigate Web app flaws is to prevent them in the first place. Learn how with these Web application security guidelines for developers.
-
IT security contingency plans for the 2012 Olympics
To maintain information security during the 2012 Olympics, security and IT contingency plans must be tested in several key areas.
-
Security teams should embrace mobile payments now
As employees make payments on their mobile devices, the security team must act quickly to ensure corporate assets remain secure.
-
How cybercrime software can help security awareness
Security professionals can use screenshots of cybercrime software in security awareness training to convey the serious threats organisations face.
-
International cybercrime requires a global response
As international computer crime increases in scope and organisation, countries must work together to reduce threats from global cybercrime.