IT Best Practices Alert

The CIO-level business angle on the latest tech

Search IT Best Practices Alert

IT Best Practices news and resources from Network World.

Get expert advice on building an effective BYOD strategy: 02/03/12; Is your organization struggling with the task of creating a “bring your own device” (BYOD) strategy? Pick up some pointers from some of the leading expert practitioners in information security. The Wisegate community has just published a new report on effective BYOD strategies.
Systems management uses social media-like messages to enable better decisions: 01/27/12; Wouldn't it be cool if our computer systems could talk to us like HAL in the movie "2001: A Space Odyssey"? Instead we get complex and nearly undecipherable messages that read like pure log files. Startup company Nodeable aims to help your cloud-based systems communicate with you in a much more human language. Think of it as tweets from the cloud to provide you with status updates. Cool!
Reduce the conflicts between IT administrators and information security personnel: 01/20/12; Sometimes the simplest solutions to problems evade us because we cannot see the forest through all the trees. In this case, the forest and trees I'm referring to are the people and policies that are in place to manage the operations and the information security of business networks. A few common-sense practices can reduce the conflicts between teams with a shared mission but disparate approaches.
A new audit standard validates IT-specific controls for cloud service providers: 01/13/12; Risk mitigation is one thing when you own all the resources, but when you start moving data and applications into the cloud, it's doubly important to understand what the service provider is doing to protect your assets. Now there is a new audit standard and certification for reporting on controls for data centers and service providers in the cloud.
Social engineering attacks on the enterprise are trending upward: 01/05/12; Amit Klein, CTO of the security firm Trusteer, predicts that social engineering attacks against enterprises will be on the rise in 2012. The problem is that too many people disclose too much personal information on social networks, and this gives thieves the leverage they need to gain and then abuse people's trust.
Be on the lookout for the malicious insider: 12/23/11; A new white paper from Symantec profiles the risk indicators of the malicious insider. There are key patterns and technologies that can help you identify the employee who might have a penchant to steal your company's intellectual property.
Remote management of applications frees your people from mundane tasks: 12/15/11; Do you have a portfolio of commodity applications like email, collaboration, mobile device management and directory and identity management that require multiple staff members to administer? Could their time and expertise be put to better use? Here's a business model that lets you outsource the remote monitoring and management of common in-house applications, freeing up your people for more strategic IT work.
HP has new cloud certifications for technical experts: 12/09/11; HP has a new set of expert-level cloud certifications for IT professionals who can design and develop cloud computing solutions based on open systems. The training for the certification exams helps technical professionals gain hands-on experience and knowledge across the cloud technology spectrum.
Citrix Receiver brings full-fledged desktop apps to smartphones and tablets: 12/02/11; The BYOD phenomenon shows no signs of abating, and many companies continue to struggle with the best (read: safest) way to give workers access to corporate applications via employee-owned smart devices. Citrix Receiver leverages the security of a Citrix XenDesktop or XenApp infrastructure to bring full-blown desktop applications to smartphones and tablet PCs.
Two-thirds of firewall managers lack confidence in their security posture: 11/28/11; In its annual firewall management survey, Tufin Technologies uncovered some disheartening details. For example, 1 in 4 firewall managers have never conducted an audit, and 66% of the managers think their processes put them at risk of a security breach. The alarm is sounding for a giant wake-up call.
User activity monitoring can reveal policy violations and misuse of company resources: 11/18/11; With regulations such as PCI, HIPAA and GLBA, companies are required to know and document who has access to sensitive data and applications. User activity monitoring tools can help identify and record specific actions, either continuously or when a problem is suspected.
Emailing tips for ensuring delivery of legitimate high-volume campaigns: 11/11/11; Marketers and other business managers look to their IT department for help and some level of assurance that their high-volume email campaigns are reaching their desired mailing list targets. Email delivery experts at SMTP Inc. share their best practices for high-volume email delivery -- ones that also abide by CAN-SPAM rules. Any group that sends email to large distribution lists can benefit from these tips.
Dome9 centrally manages cloud server firewalls: 11/04/11; Many companies are hesitant to adopt hosted solutions or cloud computing because of security fears. One of the biggest areas of vulnerability is also the first line of defense: the host firewall. Administrators leave ports open so they can access their servers and applications for routine operations and maintenance. Dome9 provides a SaaS solution aimed at controlling and monitoring those ports to reduce vulnerabilities.
CISO members of Wisegate share best practices for GRC, SIEM and IAM: 10/28/11; The CISO members of the social networking community called Wisegate usually share their best practices only with each other. Now Wisegate has compiled and made publicly available some of the members' security tips and best practices for GRC, IAM and SIEM implementations.
Turn single-user spreadsheets into multi-user business applications: 10/21/11; Practically every organization has workgroups that depend on spreadsheets to manage a business process. Sharing the spreadsheets via email or SharePoint can be a hassle, especially when multiple people need to enter data or make changes to the data. Now there is a Web-based tool that turns a single-user spreadsheet into a secure, multi-user database that's as easy to use as Microsoft Excel.
Symantec details Android malware threats: 10/14/11; Google Android is one of the top operating systems for smartphones with a 43% market share. No wonder cybercriminals are starting to pay attention. A new Symantec report outlines the potential threats and the various monetization techniques employed in Android-focused malware.
Cloud-based backup and disaster recovery services yield peace of mind: 10/07/11; Data backup and disaster recovery are best practices for every business, regardless of size. Cloud services are making it easier to attain professional-level backup and DR services at a reasonable cost with little effort or expertise on the customer's part.
Managing mobile devices like barcode scanners and purpose-built smart devices: 09/30/11; Have you ever thought about the challenges of managing those handheld devices that delivery people use to scan packages, or that rental agencies use to print your receipt as soon as you jump out of the car? After all, they are computers that run on operating systems like Windows Mobile and they have custom applications that are critical business tools. Odyssey Software helps you manage these kinds of devices as well as the more traditional set of smart phones and tablets.
Wisegate social networking connects IT executives to each other for business networking: 09/23/11; You've heard the phrase, "It's lonely at the top." Companies, after all, only have one CISO. Now there is a social network service called Wisegate that connects IT executives to each other so they have someone to bounce things off of. Wisegate is intentionally exclusive to keep the insight more valuable.
Tufin automates policy changes and compliance for next-generation firewalls: 09/16/11; Next-generation firewalls are a big leap forward in terms of knowing who is using what Web-based applications, but tracking the configurations, changes and policies can be a huge task that requires automation tools. Tufin Technologies just announced product enhancements that may make a firewall administrator's job a little easier.
Cernam raises the bar for capturing and preserving online content as evidence: 09/09/11; When it comes to using online content as evidence in a lawsuit, it's not sufficient to have a screen capture or other image of the content. Cernam is introducing new "capture and preserve" technology that precisely captures online content and its metadata and other properties so the content is valid as evidence.
Sister organizations pool their resources to share SIEM and logging: 09/02/11; You've heard the expression, "Two can live as cheaply as one," but can five log as cheaply as one? Five sister clubs of the Canadian Automobile Association pooled their resources to acquire one high-end SIEM and logging system from LogRhythm to meet their logging requirements for PCI compliance.
Small businesses fail to address data risks in server virtualization: 08/26/11; A recent Symantec survey of adoption of virtualization within small businesses revealed that most companies are failing to take even the most basic steps to reduce risks to their data.
3G cellular network-in-a-box provides service to disaster zones and remote locations: 08/19/11; We've all cursed our cell service providers when the signal peters out. But what if there's no signal at all because you are so remote or the network has been knocked offline by a disaster? Now there's a turnkey 3G cellular network-in-a-box that emergency agencies and commercial businesses are using to bring a signal to where none exists.
Get control over your cross-platform identity management issues: 08/12/11; According to the Gartner 2010 CIO Survey, identity management is the No. 1 IT security priority through 2011. This will be an ongoing concern well beyond 2011 as companies grapple with increasingly complex and disparate infrastructures and a multitude of new mobile access devices. New tools offer help in gaining control across heterogeneous platforms, even into the cloud.