Latest White papers News

Following in the hackers' footsteps
posted on 03/10/2007

‘Footprinting’ an organisation involves a range of information-gathering techniques – from identifying active machines to rifling through rubbish. The practice can ensure a hack is quick, effective and virtually untraceable. The technique allows for the accumulation of data regarding a specific network environment and can revel system vulnerabilities and improve the ease with which they can be exploited. The increase in footprinting is coupled with a boom in areas to exploit with the growth in Google searches, forums and software as a service. Hackers can spend up to 90 per cent of an attack researching the network vulnerabilities, according to security experts at Firebrand Training (known as The Training Camp). In response to the increasing number of network vulnerabilities, Firebrand Training has launched a White Paper, ‘Footprinting’ – following in the hackers’ footsteps. Produced by Firebrand Training’s CSO, Richard Millett, the paper explores key strategies in passive and ac... [more]

Implementing Cellular Authentication Token for Strong Authentication
posted on 06/09/2007

Leigh Mardon NZ is the leading Credit Card Manufacturer and Security Printer in New Zealand and a major trusted supplier to the trading banks, finance companies and credit unions for their cards and cheques. Leigh-Mardon’s sales force is distributed across the country where each sales person has a responsibility to a specific area and/or group of clients. The sales tasks require frequent communication with Leigh-Mardon central server to receive and forward Emails and documents. Each sales person has their own company Email address. Dealing with highly secured information and server, the regular OWA access was deemed not secure enough and a solution was required. Leigh-Mardon was looking for a secure, affordable and easy to use solution. Leigh-Mardon has decided to take a pragmatic approach to selecting the security enabler. It was recognized that the market standard for strong authentication is TFA OTP tools and a list of requirements was prepared based on the immediate needs and proj... [more]

Key Compliance Elements: Data Retention, Recoverability, and Disposition
posted on 27/06/2007

Regulations like Basel II, HIPAA, and Sarbanes-Oxley apply enterprise-wide, there is no exclusion for remote offices. So even if you’ve spent millions of dollars and countless weeks securing your data center, it may not be enough to pass a compliance audit. You also need to secure remote and branch office (ROBO) data—or it could turn out to be your company’s Achilles heel, a costly area of vulnerability in an otherwise compliant organization. When it comes to data retention, there are no more casual Fridays—it’s buttoned-down, serious business with potentially grave consequences for non-compliant records protection and retention. And compliance regulations don’t distinguish between data center and remote office data—if it’s one of your sites, it’s your data and you’re responsible. So what exactly are the consequences of non-compliance? To your company, non-compliance can mean financial penalties, reduced stock value, loss of customer confidence and lost sales revenue. But it’s the p... [more]

Recommended data protection strategies for distributed environments
posted on 05/06/2007

The amount of data being generated and stored at remote sites continues to grow. While this data needs to be protected and stored in a separate location, it must also be quickly accessible when needed. Making sure all data is backed up to a separate location in a timely and efficient manner can be challenging; the most common remote site backup pain points include: · Maintaining a regular backup schedule at all remote sites · Leveraging traditional backup software designed for backup to tape · Managing the cost and complexity of automated technologies or a lack of network bandwidth · Having a limited window in which to complete a comprehensive backup · Contending with the disruptive nature of backups and their impact on productivity · Lacking trained IT personnel to ensure backups function as planned · Having limited scalability in terms of performance and flexibility · Experiencing incomplete or corrupted backups, making c... [more]

Real and perceived risks in offshore development
posted on 31/05/2007

The last ten years have seen the tremendous growth of the offshore development market. However, many smaller businesses still shy away from offshoring, due to a number of real and perceived risks. Risk mitigation in offshore development is a process that involves a combination of strategies that are employed in all outsourcing engagements and those that are specific to working with a multi-cultural team that is far away. It includes interviewing and engaging the right outsourcing vendor, selecting appropriate initial projects, and developing measurement processes and communication protocols. By exploring the destinction between real and perceived risks, this risks in offshore development white paper provides guidance on how to develop and implement a risk strategy for offshore engagements, so that the experience is mutually beneficial for client and vendor companies of all sizes.... [more]

Other Security news and resources