- Chinese Internet censorship: An inside look
- Desktops of the future here today
- What network CEOs really make
- DoD sold counterfeit network gear
- Sci-Fi's goofiest gadgets and technology
Rss FeedRss Feed
Crackin' the Kraken bot. Listen now!
Wireless dangers at airports. Listen now!
Linux has proven itself to be a versatile solution across a variety of hardware architectures to support workloads ranging from basic infrastructure services to enterprise-class database deployments. Today, Linux is commonly found operating in some capacity within most larger organizations, and over time, it has captured many of the same workloads that previously were deployed aboard RISC platforms running Unix operating systems. Read IDC's report on how Oracle support differentiates itself in a commodity market.
Get the latest on storage technologies that allow IT professionals to better cope with new IT demands. Learn how storage technologies can help you successfully tackle e-Discover, regulatory compliance, green data center initiatives and the data explosion. Get all the details now.
IT professionals like the idea of consolidating hundreds of servers into only a few, but it takes a lot more to cost effectively consolidate and virtualize servers. Watch this six-chapter webcast, "Reduce Complexity and Cost - Windows Server Consolidation with Virtualization" to learn how to effectively consolidate your Windows environment. One of the themes explored includes the characteristics of an orchestrated data center, which includes: Resource management, dynamic provisioning, job management, policy management, accounting and auditing and real-time availability. Learn more about orchestration and much more today. Register below to learn more and be entered to win an Archos 605 Portable Media Player.
We need more like him, people who point our bugs rather than use it agains others. If he can find it,...- Anonymous
Hannaford Bros.said last week that it expects to spend "millions" of dollars on IT security upgrades in response to the the recent theft of up to 4.2 million credit and debit card numbers from its systems.
Some of the new measures that the grocer outlined go beyond the controls mandated by the Payment Card Industry Data Security Standard, or PCI. But it isn't clear whether they actually will address the issues that led to the data breach.
The planned upgrades include the installation of intrusion-prevention systems on Hannaford's corporate network and the systems at its stores, plus the deployment in checkout aisles of new PIN entry devices with Triple DES encryption.
Hannaford also said it has signed IBM to do around-the-clock network monitoring, and the Scarborough, Maine-based grocer vowed to encrypt all payment card data on its internal network. The goal, Hannaford CEO Ronald Hodge said during a press conference, is to put "military- and industrial-strength" security controls on the company's systems.
The level of encryption that Hannaford has in mind isn't required by the PCI rules, which specify that card data needs to be encrypted only if it's being transmitted across open public networks.
Despite the lack of more-stringent requirements, encrypting card numbers on point-of-sale devices is "the most significant action" that retailers can take to stop attacks such as the one that hit Hannaford, said Gartner Inc. analyst Avivah Litan.
But that doesn't necessarily mean that the new security measures will make Hannaford -- or other companies that follow its lead -- immune to future attacks.
Jim Huguelet, an independent PCI consultant in Bolingbrook, Ill., praised some of the steps Hannaford is taking, including an earlier decision to replace all of the company's store servers. As part of the breach, malware was placed on the systems and then used to intercept the payment card numbers.
Huguelet said that the planned end-to-end encryption of card data also sounds good -- on paper. But to make the data hacker-proof, he added, it would have to be encrypted from the PIN entry devices in stores to the systems of the payment-processing firm that authorizes card transactions.
| NetworkWorld, Inc. | About Network World, Inc. | Advertise | Careers | Contact us | Terms of Service/Privacy | Reprints and links | Partnerships | Press room | Subscribe to NW |
| IDG, Inc. | CIO | Computerworld | CSO | Demo | GamePro | Games.net | IDGconnect.com | IDG World Expo | Infoworld | JavaWorld.com | LinuxWorld.com | MacUser | Macworld | PC World | Playlistmag.com The Industry Standard IDG List Services |
 |
Copyright © 1994-2008 Network World, Inc. All rights reserved. |
