-
Aligning security policy, international employment laws
Before opening an office abroad and hiring employees in other countries, learn how to adapt your security policy to international employment laws.
-
Assessing home offices with security teleworking policy
Get advice on how to assess employee's home offices for security and policy compliance.
-
Stop phone tracking and GPS data leakage
GPS-enabled smartphones and other GPS devices may leak confidential or sensitive data, making it easy for attackers to target your employees.
-
A pen tester’s advice on creating a secure password
A pen tester explains the importance of creating a secure password
-
Getting control of IT security documentation
Does your IT department feel buried under mountains of paperwork? Expert Michael Cobb shows an easy way to organise your IT security documentation.
-
Managing security of outsourced software development
Learn the most important outsourcing security issues to cover in partner contracts and SLAs when outsourcing software development.
-
Segregation of duties: Small business best practices
Segregating duties can be tough in organisations that have few staff members and resources. Get duty segregation best practices for SMBs.
-
List: Information system security certifications
There are many information system security certification choices for security pros, IT staff and managers. This list helps you sort out the certs.
-
Prevent unauthorized personnel from hacking voicemail
Keeping attackers out of sensitive corporate voicemails can be as easy as updating PIN policies.
-
Sharpening endpoint security with end-user training
Expert Michael Cobb makes the case for year-round end-user security awareness training.
-
Merger integration checklist for security
Security must be carefully managed before and during an acquisition. Mike Cobb proposes a merger integration checklist for security.
-
Web application security guidelines for developers
The best way to mitigate Web app flaws is to prevent them in the first place. Learn how with these Web application security guidelines for developers.
-
Threat modelling: A Web app security best practice
Among any list of enterprise Web application security best practices, threat modelling is essential. Michael Cobb explains why in this expert article.
-
Third-party security policies for DPA compliance
Prevent data breaches and possible brand damage by vetting and checking up on third parties' security processes.
-
How to avoid breaking employee monitoring laws
Both the DPA and Human Rights Act include employee monitoring. Learn how to preserve employee privacy, while still keeping an eye out.
-
RSA Europe 2011: IT security conference coverage
All the news from RSA Europe 2011. Read news, features, tips and blogs from the London based IT security conference.
-
How UK and European privacy laws impact businesses
Given the multitude of security and privacy laws within the EU, knowing which ones have bearing on your business can be confusing.
-
PHP MVC tutorial: Web application development security
Get tips on writing secure PHP Web apps from the start with these pointers from expert Michael Cobb.
-
Organising a discussion on IT security processes
Creating a checklist can help prevent important IT security processes from falling through the cracks.
-
Cloud Legal Issues
Attorney Stewart Room discusses three critical focus areas that will help organizations avoid cloud computing legal issues and SLA conflicts.
-
How to audit cookies for compliance
Concerned about the PECR regulations for website tracking cookies? Learn how to audit cookies on your site to find out if you are in compliance.
-
Using Burp Suite proxy tool to examine client requests
The free Burp Suite proxy tool can be used for good or for bad. Expert Rob Shapland provides usage scenarios for both.
-
Apply PCI DSS guidance to virtualisation technology
Learn how to apply best practices from the recently released PCI DSS virtualisation guidance to your virtual environment.
-
Incident reporting, employee surveillance laws overseas
When an organisation has employees abroad, the security team must understand employee surveillance laws and incident reporting requirements.