In Depth
In Depth
IT security
-
Cost-effective managed IPS for small businesses
Small businesses typically struggle to afford cyber intrusion prevention systems, but the introduction of a service tailored for this market could change that Continue Reading
-
The problem of passwords and how to deal with it
Security experts have long recognised passwords as inadequate, but finally technology is offering some viable alternative authentication methods that businesses can explore to keep their data safe Continue Reading
-
My first IoT project: A guide for businesses
We’ve all had a good giggle about having our fridges hacked – but now it’s time to get real. What are the first steps enterprises should take when implementing their first internet of things project? Continue Reading
-
CW@50: Fertile British breeding grounds for information security innovation
Computer Weekly is marking its 50th anniversary this year with a series of articles celebrating 50 years of British technology innovation. In this article, we look at the evolution of information security threats and some of the British innovation ... Continue Reading
-
Hunters: a rare but essential breed of enterprise cyber defenders
They wait, they watch, they search the outer reaches of networks and the darkest corners of the web, setting traps, crafting tools, collecting evidence and going in pursuit: they are the hunters Continue Reading
-
How to manage IT access for external users
Identity and access management has extended from being solely an internal IT management process to focus on external business engagement too Continue Reading
-
IAM is the future for managing data security
Why identity and access management is taking centre stage in companies’ access policies Continue Reading
-
Interview: James Bamford on surveillance, Snowden and technology companies
Investigative journalist and documentary maker James Bamford was among the first to uncover the secrets of the US National Security Agency and its global surveillance Continue Reading
-
How to deal with the aftermath of a data breach
Considering that a data breach could happen to any company, at any time, a plan of action is the best tactic Continue Reading
-
Disaster recovery planning: Where virtualisation can help
The disaster recovery planning process is not fundamentally technology-centric, so when can virtualisation make it quicker and easier to restore services after an unplanned outage? Continue Reading
-
The next stage in quantum key distribution
Authentication schemes based on quantum physics are emerging to address the growing number of ways to compromise data traffic Continue Reading
-
Avoiding security issues when recycling hardware
What are the options for the environmentally and ethically responsible recycling of end-of-life hardware, without compromising data security? Continue Reading
-
The true cost of a cyber security breach in Australia
The costs of cyber security breaches can quickly add up with fines, reputational damage and overhauls to network security all hitting the coffers. The case of one Australian firm shows why paying a ransom to a hacker might be tempting. Continue Reading
-
The security dangers of home networks
Most companies take reasonable steps to protect their networks from virus attacks, but one area of vulnerability that is often overlooked is infection from employees’ home networks Continue Reading
-
How to ensure strong passwords and better authentication
Five steps to ensure stronger passwords and better authentication to reduce the threat of business data theft Continue Reading
-
Max Schrems: The man who broke Safe Harbour
Schrems has persuaded a high court judge to confirm that Edward Snowden’s evidence is acceptable in court and that the US is engaged in mass surveillance of European citizens Continue Reading
-
How technology is helping deliver aid to Syrian refugees in the Middle East
The Syrian refugee crisis has engulfed the Middle East, but technology is proving to be an essential tool to help aid organisations support displaced people Continue Reading
-
How to fully test IT networks for vulnerabilities
Making sure a company network is secure is a very important task, and one that should be scheduled regularly Continue Reading
-
SaaS criteria to track for business outcomes
Organisations should evolve their SaaS selection criteria to focus on newer metrics that are better indicators of supplier performance Continue Reading
-
App development companies fight back against digital piracy
How can digital companies protect their IP against a tidal wave of smartphone boosted piracy? Is digital rights management software effective enough, or is it better to adapt your business model? Continue Reading
-
How to cull old, potentially risky data
Unused data is a potential security risk, with old spreadsheets, reports and email containing industry secrets and laced with company gossip. If it's no longer useful, it's time to delete it Continue Reading
-
How to reduce the risk of social engineering attacks
Implement simple checks to reduce the risk of the main types of social engineering attacks Continue Reading
-
Top tips for remote and mobile workers to improve their cyber security
Steps remote and mobile workers can take to improve cyber security on mobile devices, using public Wi-Fi and computers, and handling USB devices Continue Reading
-
Bill Binney, the ‘original’ NSA whistleblower, on Snowden, 9/11 and illegal surveillance
Always a patriot: Computer Weekly talks to Bill Binney, the senior NSA official who blew the whistle before Edward Snowden Continue Reading
-
NHS data security: Lessons to be learned
The NHS does not always provide a trusted repository for patient data, but some trusts are examples of good practice in action Continue Reading
-
Mobile device management (MDM) vs backup
MDM tackles the challenge of mobile devices flooding the enterprise, but it doesn’t mean you can stop worrying about mobile data protection Continue Reading
-
How to secure the SDN infrastructure
As more enterprises look to deploy software-defined networking, the need for security from the ground up should not be underestimated Continue Reading
-
Cyber crime: What every business needs to know
Computer Weekly gets the low-down on cyber crime from law enforcement officers and investigators Continue Reading
-
Quantum key distribution is the future for secure comms
Quantum teleportation is a technology that will ultimately replace encryption as the foundation of communication security Continue Reading
-
How to make applications resilient on AWS
Cloud services are susceptible to network and other outages. There is no silver bullet to boost the resilience of an AWS-hosted application Continue Reading
-
The state of mobile back end as a service
Common mobile application services are increasingly being hosted on central back-end servers – but what does that mean for the enterprise? Continue Reading
-
How the development of standards will affect the internet of things
As the internet of things (IoT) grows, so will the number of applications developed to control internet-connected devices and objects Continue Reading
-
The business challenges and benefits of identity and access management
IT leaders gathered at a CW500 Club meeting to hear from peers about the challenges of identity and access management Continue Reading
-
Interview: Ed Vaizey MP talks digital economy and digital skills
Minister for the digital economy Ed Vaizey discusses his new role and the future of digital policy Continue Reading
-
The internet of things is coming: Is your datacentre ready?
Gartner estimates the IoT will see 26 billion units installed by 2020 – channelling huge volumes of data traffic into datacentres Continue Reading
-
What ingredients go into the successful app store?
An enterprise app store should provide the controlled availability of apps for employees.We look at what is available for organisations to use Continue Reading
-
A guide to smart home automation
Unless it is a new build, the challenge in creating a smart home is that technology must work irrespective of the age of the property Continue Reading
-
The pros and cons of iPads in the enterprise
The iPad is often the first platform for which developers produce apps – but it is substantially more expensive than its competitors Continue Reading
-
Principles of compliance in the financial services industry
Compliance in financial services can appear a staggeringly complex web of laws and regulations, but some key principles apply, says Mathieu Gorge of Vigitrust Continue Reading
-
Erasure coding vs Raid as a data protection method
Erasure coding is mooted as a potential successor to Raid and backup software Continue Reading
-
Target data breach: Why UK business needs to pay attention
Late last year, US retailer Target was hit by one of the biggest data breaches in the industry's history. So what happened and why is it relevant to UK businesses? Continue Reading
-
Hacktivism: good or evil?
IT lawyer Dai Davis looks at the rise of hacktivism and its impact on business and international politics Continue Reading
-
The UK’s problem with power
Datacentre power buyers say Britain’s deregulated energy market is as complex as trading in derivatives Continue Reading
-
Create a mobile policy employees can trust
With Gartner predicting a fifth of all enterprise BYOD projects would fail by 2016, we look at how businesses can embrace mobility successfully Continue Reading
-
Optimising performance and security of web-based software
On-demand applications are often talked about in terms of how suppliers should be adapting the way their software is provisioned to customers. Continue Reading
-
Why agile development races ahead of traditional testing
Traditional testing practices optimise large, centralised testing but struggle to support the rapid delivery of agile development. Continue Reading
-
Top 10 Android security tips
As Android becomes more prevalent in the enterprise, Computer Weekly gives you 10 top tips for keeping your devices secure Continue Reading
-
Big data journalism exposes offshore tax dodgers
How journalists harnessed big data to challenge offshore financial secrecy Continue Reading
-
An introduction to cyber liability insurance cover
Cyber liability insurance cover has been around for 10 years, but most security professionals seem to have not heard of it or know that it exists Continue Reading
-
Manage identity and access to improve business processes
Streamlining identity and access management is essential to exploiting your organisation’s assets and employees’ productivity. Continue Reading
-
The internet of things is set to change security priorities
IT leaders must protect against the security risks introduced by the growing interaction between technology and the physical world. Continue Reading
-
How to create a good information security policy
Information security policies provide vital support to security professionals, yet few organisations take the time to create decent policies Continue Reading
-
Windows XP end of support: What to do next
CIOs may not wish to carry on running a 12-year-old desktop OS, but thousands of incompatible applications leave many with no choice Continue Reading
-
How to tackle big data from a security point of view
Before leaping into big data, companies must be clear what they are trying to achieve, otherwise their investment will be wasted Continue Reading
-
How to find the most vulnerable systems on your internal network
Most corporate networks share common vulnerabilities, but many could be mitigated with education in “hacker thinking” for technical staff Continue Reading
-
Social media: A security challenge and opportunity
Generation Y workers are posing increasing security challenges to their employers as they share data unreservedly Continue Reading
-
Business priorities: what to protect, monitor and test
How information security professionals can prioritise what to protect, monitor and test in the light of current budget and resource constraints Continue Reading
-
Shore up your organisation’s fleet with the right MDM
There are many mobile device management products, but approaches vary. We outline how to choose the right one for your business Continue Reading
-
How to preserve forensic evidence in the golden hour after a breach
There is a golden hour at the outset where a clear head and good planning can make or break any subsequent forensic investigation Continue Reading
-
How to secure Macs in the enterprise
Apple computers are becoming increasingly used in the enterprise - we look at how to securely introduce Macs in the corporate network Continue Reading
-
CW500: Managing the mobile workforce (part 1)
Mobile working has transformed Colt Telecommunications beyond recognition over the past three years Continue Reading
-
Static code analysis tools gain traction in India as SDL models mature
Static analysis tools are gaining popularity with Indian companies as software development models and perspectives mature. Here are some popular choices. Continue Reading
-
HDFC Bank’s ISO 27004-compliant security metrics a boost toward GRC
An ISO/IEC 27004-compliant metrics program is a rarity in the Indian infosec circuit. Indian BFSI major HDFC Bank’s ISMS has been there, done that Continue Reading
-
Setting up a botnet is easier than you think
Acquiring, installing, configuring and using a powerful data-stealing banking Trojan toolkit is not as difficult as it sounds Continue Reading
-
Best practice in outsourcing security
The issues CIOs must consider in balancing security needs and budgetary constraints Continue Reading
-
Essar’s WAN encryption strategy to secure data in motion: In focus
Indian conglomerate Essar puts WAN encryption in place using Cisco’s GET VPN to protect data flows between remote locations. A closer look. Continue Reading
-
Bank of India’s 2FA with mutual authentication goes beyond OTPs
Indian BFSI major Bank of India chose mutual authentication when it required a two factor authentication (2FA) solution. There’s been no looking back. Continue Reading
-
Arup Chatterjee
SearchSecurity.in CISO Power List 2012 Profile: Arup Chatterjee, CISO, WNS Global Services. Continue Reading
-
Agnelo D'Souza
SearchSecurity.in CISO Power List 2012 Profile: Agnelo D‘Souza, CISO, Kotak Mahindra Bank. Continue Reading
-
Sunil Dhaka
SearchSecurity.in CISO Power List 2012, Profile: Sunil Dhaka, CISO, ICICI Bank. Continue Reading
-
Sameer Ratolikar
SearchSecurity.in CISO Power List 2012: Profile for Sameer Ratolikar, CISO, Bank of India. Continue Reading
-
Pankaj Agrawal
SearchSecurity.in CISO Power List 2012 Profile: Pankaj Agrawal, CISO & Head of Technology Governance, Aircel Continue Reading
-
Buyer's Guide: How to prepare your organisation for IPv6
The switch to IPv6 – on 6 June – shows just how imminent the transition from IPv4 to IPv6 is. Is your organisation ready? Continue Reading
-
When X.509 security certificates fail, servers break
Why are X.509 certificates causing computers to stop dead? Continue Reading
-
Alternatives to passwords: Replacing the ubiquitous authenticator
As the relative security of passwords falters, are they destined for obscurity? Continue Reading
-
The consumerisation of IT: it’s a trickle, not a tide, but you still need to be ready
If media headlines and supplier claims are to be believed, organisations today are faced with an unstoppable tide of many different types of personal device connected to the corporate network Continue Reading
-
The top five SME security challenges
Best practice in IT security and compliance for small and medium-sized enterprises (SMEs) is often seen as a "grudge purchase", but SMEs face the same threat as larger organisations - just without their budgets. Continue Reading
-
Self-encrypting drives: SED the best-kept secret in hard drive encryption security
The SED solves many common data loss problems and is easy to use and manage with minimal impact on system performance – yet relatively few businesses and governments use SEDs. Continue Reading
-
IT and marketing: working together for business success
The IT department builds things that scale and last, while marketing wants the next big thing - and needed it yesterday. How can heads of technology work effectively with marketing? Cliff Saran investigates Continue Reading
-
IPv6: The security risks to business
IT security professionals say the security holes that will open up in many business organisations as the world moves over to internet protocol version six (IPv6) constitute a substantial security concern Continue Reading
-
How to combat advanced persistent threats: APT strategies to protect your organisation
Simple defence strategies will go a long way to preparing businesses for APTs Continue Reading
-
Secure your SCADA architecture by separating networks
Many critical national infrastructure systems include supervisory control and data acquisition (SCADA) functionality. These systems can be viewed as the set of software, computers and networks that provide remote co-ordination of controls systems ... Continue Reading
-
EDS report on 'dangerous' Chinook software published for the first time
Computer Weekly is publishing, for the first time, a technical analysis of the software installed on the Chinook Mk2 helicopter, the Chinook model which featured in the RAF's worst peacetime crash. Continue Reading
-
Facing up to security perils of outbound traffic
What about the threat from within and, more specifically, the security issues that arise from outbound traffic risks? Continue Reading
-
Chinook helicopter disaster - computer software failure or pilot error?
Chinook helicopter crash: was it computer software failure or a cause we'll never know? This article gives the background to the Chinook helicopter disaster with links to all the relevant articles published by ComputerWeekly and other useful web ... Continue Reading
-
Vanderbilt hospital fights archive growth with grid
Vanderbilt University Medical Centre simplifies document management using Bycast's archiving grid system. Continue Reading
-
Checklist for purchasing hardware-based encryption
Encryption appliances sit inline on a network and use specially designed electronics to encrypt data at line speeds, essentially eliminating the performance penalty imposed by encryption software running on a general server. While software-based ... Continue Reading
-
How to select the right IP PBX
Selecting the right IP PBX system for your company can be complicated. Here are some important things to consider when purchasing an IP PBX. Continue Reading
-
Storage session downloads: infrastructure track
This track looks at San and Nas issues, virtualization, distance demands, remote offices and how to build out systems. Continue Reading
-
Understanding VoWLAN
Like VoIP, VoWLAN contributes to cost efficiency. Because calls can be routed over the data network internally or over the Internet externally, mobile telephony costs can be eliminated or decreased significantly. In the long term, VoWLAN deployment ... Continue Reading
-
User performs data storage U-turn
U-Store-It, a national self-storage company, decentralized its data centers, migrated data from SAN to DAS and de-clustered Exchange to simplify storage management. Continue Reading
-
SaaS apps being deployed by business units, not IT
When it comes to deploying applications via SaaS, IT is still behind the curve. What's preventing IT from getting control over the programs business units want? Continue Reading
-
Experts: IDS is here to stay
IDS technology has survived predictions that it would be replaced by IPS. One expert says it will remain a separate product while IPS is folded into firewalls. Continue Reading
-
Backup reporting expands to add capacity planning
Aptare adds capacity planning for primary data storage to its product line, joining Symantec in recent attempts to broaden the appeal of reporting software. Continue Reading
-
Firewall deployment options increase for enterprises
With a growing number firewall configuration options, companies need to spend more time and put more effort into determining how to design and deploy firewalls. Continue Reading
-
VoIP models and services: Complete guide
With clear, concise explanations of existing VoIP business models and deployment methodologies, this guide will enable you to weigh the pros and cons of each based on your needs. Continue Reading
-
How to cheat at VoIP Security
Securing a VoIP infrastructure requires planning, analysis, and detailed knowledge about the specifics of the implementation you choose to use. Continue Reading
-
Does compliance make encryption always necessary?
Many organisations look to encryption to protect sensitive data. Yet hundreds of millions of people who use the Internet also use encryption, yet most of them don't even know it. Continue Reading
-
ISO 27001 could bridge the regulatory divide, expert says
Karen Worstell, former CISO at Microsoft and AT&T Wireless, now on the advisory board of Neupart A/S, explains how ISO 27001 can be used to help companies comply with a variety of regulations and standards Continue Reading
-
Data migration product specifications
Part of the Tiered Storage Buying guide focusing on product specifications for data migration tools. Continue Reading