Skip Links

IT Best Practices Alert

Sign up for this newsletter now!

The CIO-level business angle on the latest tech

IT Best Practices news and resources from Network World.
Sookasa mitigates compliance risk of file sharing cloud services
Personal email systems and file synchronization and sharing tools like Dropbox and Gmail have become prevalent, but have inherent risks in the business world. The Compliance-as-a-Service vendor Sokasa provides a self-service turnkey encryption and compliance solution to ensure files are encrypted wherever they're placed.
Votiro sanitizes malware-laden files intent on doing you harm
According to the 2013 Verizon Data Breach Investigations Report, in organizations investigated for breaches, email was the initial attack vector 67% of the time. Malware-laden files are often sent as attachments, and unsuspecting victims open them and unleash the evil to their internal networks. Now one company claims it has a solution that will sanitize those files and neutralize the attack before it can do harm.
Co3 Systems automates incident response with best practices
The market is saturated with security technologies designed to prevent bad stuff from happening, and we also have a lot of solutions to detect if something improper is happening or has happened. The next wave of security automation is coming, and that’s the area of incident response. Precisely what should you do if a security incident has happened?
This is a great time to start a career in cybersecurity
Are you feeling a little restless in your career? Could it be time for something new? This is a great time to consider a new career as a cybersecurity professional. Experts in cybersecurity are among the most sought-after professionals in the tech sector, with demand for workers in that field outpacing other IT jobs by a wide margin.
Secure file sharing in the cloud made simple
Many enterprises want to use cloud services for file storage and sharing but are hesitant because the cloud provider may be able to access the content. AlephCloud has a service that encrypts files at their creation source.  
Focus on fundamentals to reduce data breaches, expert advises
Responsible network managers need to acknowledge that attacks leading to data breaches do happen and plan accordingly. By focusing on the fundamentals of best practices, they can control the breach and limit the amount of damage.
Six things companies do that thwart their IT security efforts
Even as organizations strive to build and maintain a strong enterprise security program, there are a couple things companies do that actually thwart their efforts for strong security.
Is your trust in cloud services misplaced or true? Find out with a cloud trust rating
How do you know if you can trust a cloud service provider with your enterprise data? Skyhigh Networks, in conjunction with the Cloud Security Alliance, has developed a CloudTrust program that measures and evaluates more than 50 attributes that determine a trust rating.
Consider a unidirectional security gateway when a firewall just isn’t strong enough
Firewalls are often the first security mechanism that is installed on any network. For industrial control networks in municipal water systems, nuclear power plants and other critical infrastructure, firewalls simply aren’t good enough to keep attack payloads away. Industrial plants need unidirectional gateways to provide the ultimate security for critical control systems.
The Skyfence security gateway monitors and protects cloud apps
As companies move more of their applications to the cloud, they need a new enforcement point to protect data. Skyfence Networks offers a security gateway that monitors user activity for all cloud applications and prevents unauthorized access by malicious insiders and criminals using stolen credentials.
Mobile security management that goes beyond MDM
Many enterprises are still hesitant to officially embrace BYOD because of security concerns for data and applications. A new entrant in the mobile security market offers a fairly comprehensive array of security features. Marble Security focuses on protecting corporate assets by blocking risky behaviors and ensuring a secure network connection.
K-12 schools can make the grade with identity and access management
School districts across the country are looking for ways to stretch their meager funding. An identity and access management system can help the IT budget go the distance by reducing the man-hours needed to create and manage student and teacher accounts and through precision purchasing of only the materials needed for online learning.
Next Gen NAC is designed to facilitate BYOD
If your company hasn’t updated its network access control (NAC) solution in a few years, resolve to look at the next generation of products now on the market. Current products are designed to make enabling BYOD (bring your own device) a whole lot easier.
Get your WAN optimization delivered as a cloud service
WAN optimization has traditionally been a costly, hardware-heavy solution. Because of the cost and complexities of deployment, it has mostly been a solution for large companies with big budgets. Aryaka offers WAN Optimization as a Service, so now any size company with remote locations can benefit from accelerated access to enterprise or even cloud-hosted SaaS applications.
The National Computer Forensics Institute provides sorely needed training for cops
The fictional characters in the show NCIS are a whiz when it comes to using forensics to find digital evidence. In the real world, very few law enforcement officials have those skills, but that’s changing as more officers go through training at the National Computer Forensics Institute.
Take the 10th annual SANS Institute Holiday Hacking Challenge
Want to have some fun while working on your network security skills? SANS Institute has opened its 10th annual Holiday Hacking Challenge. It’s a fun way to test your knowledge and learn a few new tricks while competing for awesome prizes.
Free for SMBs: A detailed guide for cybersecurity to ensure business vitality
Many small- to midsize businesses have woeful cybersecurity plans—if they have a plan at all. Cybersecurity is a complex issue but there are many simple steps that businesses can take to protect themselves. The Greater Houston Partnership has developed a thorough (but free) guide to help SMBs improve their security posture.
Using BYOD? Get SaaS-based mobile device security
CISOs’ number one concern about allowing BYOD is the security of enterprise data. A close second is the security of the enterprise network that can be compromised by just one malware-infected smart device. Mojave Networks addresses those concerns by offering enterprise-grade security for mobile devices from the cloud.
A holistic approach to combating advanced persistent threats
Security researcher Michael Sutton is really concerned. He says most companies haven’t advanced their security strategies to keep pace with today’s threats—especially the most serious advanced persistent threats. He recommends a holistic approach that includes protection, detection and remediation.
Security policy orchestration eases the process of making changes to complex networks
It’s growing more difficult to monitor and manage the near-constant changes to network configurations. Tufin Technologies introduces security policy orchestration is order to bring automation, collaboration and integration to the process. The benefits include reducing the time to make secure changes from a week to a day.
DB Networks’ new core IDS aims to stop SQL injection attacks
According to OWASP, the top threat to Web applications is SQL injections that modify code in order to steal data. While traditional perimeter defenses have not been able to prevent these attacks, DB Networks has introduced a new core IDS that uses behavioral analysis to scrutinize the SQL code that is accessing databases.
ObserveIT is like a surveillance camera for your IT systems
Companies use surveillance cameras to record what is happening in physical locations. Now take that concept and apply it to IT systems. ObserveIT records the user interface actions that occur when someone is accessing your systems or applications. The result is a detailed audit trail that shows precisely who did what in both video and transcript format.
Malcovery Security offers unique services to put a stop on phishing attacks
Startup Malcovery Security has a unique way of looking at phishing attacks. Through deep analysis of phishing spam, Malcovery can often identify the precise person behind waves of attacks. The idea is to take that person out of commission – preferably to put them behind bars – in order to eliminate the source rather than just the symptoms of phishing.
New GIAC certification advances industrial cyber security
A new certification designed to advance industrial cyber security will launch in November. The cross-discipline certification focuses on the foundational knowledge that professionals responsible for securing critical infrastructure assets should know.
What’s happening in the Silicon Valley of the Southeast will surprise you
When you think of tech hubs – places with all of the resources to support innovative IT companies – you think of Silicon Valley, of course, and perhaps Austin, Boston and New York City. Would it surprise you to learn that an up-and-coming city in the southeastern part of the U.S. is also working hard to join those ranks?

Linda Musthaler is a principal analyst with Essential Solutions Corporation.

Latest News
rssRss Feed
View more Latest News