Security Manager's Journal: I hired a hacker
Our manager has some cleaning up to do after a third party's penetration testing uncovers some disturbing findings.
Stories by Mathias Thurman
Security Manager's Journal: DLP tool is suddenly blind to email
Data leak prevention can't be effective if it can't see any Exchange mail on the network. What happened?
Security Manager's Journal: Closing off a hole in Outlook
With Outlook Anywhere, users can download their mail to untrusted PCs and leave sensitive documents behind.
Security Manager's Journal: At budget time, you ask and hope to receive
Our manager has a long wish list going into this year's budget season.
Security Manager's Journal: The sales rep and the honey tokens
A competitor suddenly seems to know a lot about the customers of our manager's company. Did a former employee take sensitive data when he left?
Red Alert for Child Pornography
Trouble Ticket
Security concerns over a datacentre in the Cloud
My company has outgrown its offices and will be moving to a new facility next year. While the company as a whole will have more space, the data center will shrink to less than half the square footage it now occupies. The goal is to decrease the data center footprint by 60%.
Who's Got Your Mail?
Trouble Ticket
Galaxy Nexus arrives at Sprint on Sunday for $200
Sprint will begin selling Samsung's Galaxy Nexus on Sunday for $199.99 with a two-year contract, making it $100 cheaper than the Verizon Wireless version.
Getting Validation at RSA
Trouble Ticket
Plugging a SaaS Access Hole
Trouble Ticket
Security Manager's Journal: Hackers phone home -- on our dime
<strong>Trouble Ticket</strong>
Security Manager's Journal: You can't secure every employee's home
We recently deployed RSA SecurID software authentication tokens to replace the hardware tokens we had been using to provide strong authentication for remote access via a VPN client. Hardware tokens are more secure for two-factor authentication in some ways (but not in every way, as you'll see), but the software tokens can be used on mobile devices such as phones; they are much less expensive; and they can be deployed more quickly and easily. What's more, when a user no longer needs access, it's much simpler to disable a software token than it is to retrieve a hardware token from somewhere like China, Russia or India.
Security Manager's Journal: BYOD planning gets a big boost
We're making big strides toward our CIO's goal of enabling a "bring your own device" (BYOD) policy. For me, it's none too soon.
Security Manager's Journal: A rush to judgment on DLP deployment
I got most of what I asked for, and I got it early. Sounds good, right? Not so much.