Latest Feature Articles News

Trustworthy Records
posted on 22/09/2003

A great deal has been written recently about a range of archival storage technologies, but very little is being said about how these technologies should be properly integrated into a long-term data storage strategy. Many people consider archival storage as an issue confined purely to the IT department, but it reaches far beyond. Indeed, there are considerable legal and business implications to the retention of important corporate and governmental records. As a result, government agencies, industry regulators and corporations have recently introduced a flood of new regulations and guidelines controlling the storage and management of records. For example, financial institutions are now required to keep mortgage loan files for up to ten years after the loan has been repaid. Some medical records must be stored throughout the life of the patient and government institutions are now required to keep certain records for up to 50 years and some are even to be made permanent in the National ... [more]

Special Report: Road Haulage Security
posted on 17/07/2003

LORRY LOAD THEFT COST the UK road haulage industry £55m last year, but there are clear signs that haulage companies are beginning to get to grips with the problem. Hauliers and insurers have teamed up to help fund the National Stolen Lorry Load Desk. The desk, run by Essex Police, is fast becoming the first port of call for hauliers looking to report theft and share information on crime hotspots. SecurityPark looks at the desk's progress since its relaunch in January. We also look at how motorway service stations, asset marking and a new industry "bible" can all help haulage companies protect lorry loads. There's a bewildering amount of new electronic security technology on the market aimed at hauliers, including 109 Global Position Systems (GPS). Startrak Ltd, a new independent fleet management consultancy, tells us how it can help hauliers choose equipment that's right for them. Contents In i... [more]

Coping with security risks from all angles
posted on 25/06/2003

Because of our increased reliance on IT, the effects of downtime, security breaches or deliberate attacks on a company’s IT system can cause serious, sometimes irreparable, damage. The speed with which new technology is being implemented means that some companies are unaware of areas of vulnerability within their IT systems. Keith Tilley, UK managing director at SunGard Availability Services, outlined for Security Park readers the main security risks and suggests ways in which they can be addressed. External threats in the form of hackers and new viruses are well publicised in the media. Hackers operate in small, loose-knit groups, making them very hard to track down. They have the ability to hack into systems, committing industrial espionage, terrorist activities or politically motivated attacks. New viruses appear almost on a daily basis, and some of the more virile ones, such as Bugbear and Fizzer, can wreak havoc on unprotected IT systems. The consequences of such an attack... [more]

Honeypots: The Trap is Set
posted on 09/04/2003

A honeypot is used for Internet and computer security. It is a resource that is designed to be attacked and compromised to gain more information about the hacker, such as attack techniques and the motives for breaking in. A honeypot can also be used to divert an attacker from one's production network allowing time for the administrator to react. One of the main goals of a honeypot is educational: to allow one to research hacker activity. In the information security arena, many professionals are fascinated by honeypots because observers can see real live information about an attack and not just hear about it. Many of us hear of websites being defaced or a bank being hacked into, but how many of us actually know how they got in and exactly what was done? With honeypots, one can determine how an attacker broke in and exactly what they did. Lance Spitzner, founder of the Honeynet Project, defines the term "honeypot" as follows: “A honeypot is a resource whose value is being atta... [more]

I thought my network was secure!
posted on 08/04/2003

Hopefully, if you’ve ever found yourself saying this, it was before an intrusion or security audit informed you of a failure. If you have, you’re not alone. Many systems administrators have been faced with this stark reality when discovering that network security is much more that simply protecting from the “outside-in”. While securing the network with demilitarized zones (DMZs), gateways and intrusion monitoring software are all excellent intrusion counter-measures, they do not address the security of the network from the “inside-out”. For example, if an administrator issues a command causing a clear-case password to be transmitted, the network is at risk. Or if an applications administrator passes around a generic applications password, no matter how much external intrusion detection hardware and software are installed, the security of the network could fail, causing assets to be at risk. Much of our focus regarding network security often “faces outward” and is well-managed. But our ... [more]

Other Security news and resources