News

IT security

August 27, 2006 27 Aug'06
Third-party patching: Prudent or perilous?

Security patches issued by third parties have become more prevalent in recent months, and while some security pros endorse them, others say they're more trouble than they're worth.
August 24, 2006 24 Aug'06
Are tape backups a thing of the past when it comes to disaster recovery?

I guess we have to look at disaster recovery, when it comes to tapes, in order of priorities. So, if we're talking about your most critical applications nowadays -- your most critical data -- tape backup is actually losing favor to disk backup or ...
August 24, 2006 24 Aug'06
Security Blog Log: Opinions abound on IBM/ISS deal

Bloggers ponder what IBM's acquisition of ISS says about the industry as a whole. Is the end in sight for independent security vendors?
August 24, 2006 24 Aug'06
How do I identify what data to replicate and what data to simply backup?

It goes back again to the value of the data to your organization -- or the impact of losing access to this data. Typically, from a business continuity perspective, the best way to establish this is through what we call a "business impact analysis," ...

August 24, 2006 24 Aug'06
What is the difference between RPO and RTO (from a backup perspective)?

The recovery point objective (RPO) and the recovery time objective (RTO) are two very specific parameters that are closely associated with recovery. The RTO is how long you can basically go without a specific application. This is often associated ...
August 24, 2006 24 Aug'06
What is the most important aspect of data protection when it comes to DR?

You could answer that with one word really, and I would have to say "testing." Just "testing." Whatever you do when you're protecting data, whether it's a backup, whether it's replication, whatever it is, make sure that you test what you put in ...
August 24, 2006 24 Aug'06
Weekly compilation of storage news

Symantec peddles enterprise vault toolT and the new features developed because of a recent update to the US Federal Rules of Civil Procedure.
August 24, 2006 24 Aug'06
Aren't backups and archives essentially the same thing?

The answer to that can be a "yes" and "no." If we look at a very high level, a copy of data is a copy of data, and that's where a lot of people confuse both as being somewhat the same -- one copy is just kept longer. When we start digging into what ...
August 24, 2006 24 Aug'06
What do tiered storage and ILM have to do with disaster recovery?

That idea ties back into the topics of data growth, data control, data management and recoverability. Once you start categorizing your data based on criticality and recovery priority, it gives you an indication of your data segments. We have our ...
August 24, 2006 24 Aug'06
How far apart should my production and alternate recovery sites be?

As a good consultant, I would have to use the typical answer; it depends. We have a few things to consider here. First, what kind of disaster are you trying to protect yourself (or your organization) from? Second, what is your geography like?

August 24, 2006 24 Aug'06
Cisco patches flaws in multiple products

Attackers could corrupt files, cause a denial of service and bypass security restrictions via flaws in several of Cisco's firewall and VPN products.
August 23, 2006 23 Aug'06
Remote access, WAN optimization, and network analysis news

Briefs: Remote access from Positive Networks helps with disaster recovery plans; Ipanema Technologies provides WAN optimization; Lancope rolls out network behavior analysis and response system tools.
August 21, 2006 21 Aug'06
Briefs: VoiceCon in the news

This week at VoiceCon we saw everything from managed VoIP services to IP phones made to make mobile workers right at home, wherever they are.
August 21, 2006 21 Aug'06
IBM spruces up storage line

IBM floated a raft of announcements across its storage line, but analysts say they are still waiting for the updates stuck in the research phase.
August 20, 2006 20 Aug'06
AOL data spill leads to dismissals, resignation

AOL has fired two employees and its CTO has left the company after search data from 658,000 customers was accidentally exposed earlier this month.
August 17, 2006 17 Aug'06
Apple fixes Xsan security flaw

Attackers could exploit a security flaw in Apple's Xsan file system to launch malicious code and crash vulnerable machines, but a fix is available.
August 15, 2006 15 Aug'06
Cisco says it can't reproduce PIX flaw

Ever since a researcher at Black Hat outlined a flaw in the PIX firewall, Cisco has been trying to reproduce the security hole. So far, the company has been unsuccessful.
August 15, 2006 15 Aug'06
Cisco boosts VoIP certification

The upgraded CCNP midlevel Cisco certification now incorporates VoIP, security and wireless to boost converged network skills among enterprise professionals.
August 14, 2006 14 Aug'06
EMC sheds light on RSA integration plans

As the dust begins to settle on EMC's $2.1 billion acquisition of RSA Security, the hard work of integration begins. What's EMC strategy here?
August 14, 2006 14 Aug'06
Mocbot update targets MS06-040 flaw

Security experts raised the red flag Sunday as new malware targets the Windows flaw addressed in the MS06-040 patch. Attackers are using the flaw to expand IRC-controlled botnets.
August 10, 2006 10 Aug'06
Security Blog Log: Israeli-Hezbollah war spills into cyberspace

This week blogosphere warily watches online attacks inspired by the Mideast conflict and rants over the latest security incidents at AOL and the VA.
August 10, 2006 10 Aug'06
Vista kernel limits have security vendors on edge

Microsoft's PatchGuard feature will prevent extension of Windows Vista kernel, and antivirus vendors say it'll make it harder for them to produce good security products.
August 10, 2006 10 Aug'06
Symantec fixes Backup Exec flaw

Attackers could exploit flaws in Symantec Backup Exec 9.1 and 9.2 for NetWare Servers to cause a denial of service, launch malicious code and gain access to vulnerable machines.
August 09, 2006 09 Aug'06
Xiotech resurfaces with data compliance focus

Xiotech has been busy acquiring a legal discovery software vendor and building a data compliance practice, but what about storage?
August 08, 2006 08 Aug'06
Cheat sheet: Access management solutions and their pros and cons

Popular authentication methods such as passwords, biometrics and two-factor are assessed in this chart.
August 06, 2006 06 Aug'06
Security Bytes: CA fixes eTrust Antivirus flaws

Online thieves steal $700,000 from personal accounts, researchers expose e-passport vulnerability; and arrests are made in the VA security breach case.
August 03, 2006 03 Aug'06
Ajax threats worry researchers

Black Hat: While it makes smooth Web applications like Google Maps possible, the rush to adopt Ajax may fuel haphazard development and a feeding frenzy among hackers.
August 03, 2006 03 Aug'06
Vendors reject preferential knowledge sharing

While Cisco continues to investigate a potential PIX firewall flaw, it and other vendors say sharing security information quickly and indiscriminately is always the best policy.
August 03, 2006 03 Aug'06
EMC updates SAN Advisor design tool

EMC's SAN design tool now recognises zones and allows users to customise rules; HP and EMC sign five-year cross-licensing deal.
August 02, 2006 02 Aug'06
Twelve Microsoft fixes coming on Patch Tuesday

Microsoft Tuesday will release a dozen new security bulletins for its Windows and Office products, likely including fixes for several outstanding PowerPoint flaws.
August 02, 2006 02 Aug'06
Mobile security begins with policy

Mobile security can no longer be an afterthought. Mobile experts say security starts, but doesn't end, with policy.
August 02, 2006 02 Aug'06
Possible Cisco zero-day exploit revealed at Black Hat

Details of an alleged flaw related to SIP and PIX appliances, briefly mentioned in a Wednesday Black Hat presentation, are being kept under wraps as Cisco and US-CERT investigate.
August 02, 2006 02 Aug'06
SRM tools improve storage planning and deployment, page 2

Storage administrators are struggling to identify their storage resources and utilise those resources to their best potential
August 01, 2006 01 Aug'06
Arun Taneja: Blogs and more

Monthly blogs by Arun Taneja, as well as other material by this storage expert.
August 01, 2006 01 Aug'06
Security Bytes: Exploits targeting freshly patched Apple flaw

Apple patches nearly two dozen holes in OS X, but not before exploits are unleashed. Plus McAfee fixes a critical flaw and EMC gets the OK to buy RSA.
August 01, 2006 01 Aug'06
Litchfield: Database security is 'IT's biggest problem'

At Black Hat USA 2006, database security guru David Litchfield unveils 20-plus IBM Informix flaws that attackers could exploit to create malicious files, gain DBA-level privileges and access sensitive data.
July 31, 2006 31 Jul'06
Security Bytes: ISS warns of new Microsoft Windows flaw

Attackers could exploit the latest Microsoft Windows flaw to crash vulnerable machines and Symantec fixes a Brightmail AntiSpam flaw.
July 30, 2006 30 Jul'06
EqualLogic updates storage provisioning software

Users have more options when it comes to pooling storage with version 3.0 of EqualLogic's array software, but some are wondering whatever happened to the SAS disks.
July 27, 2006 27 Jul'06
ITIL framework finds new stakeholders with v3

Too many companies today don't have an accurate count of their assets, and therefore are underutilizing systems and being unproductive. A CMDB framework, used in support with an ITIL project, can provide databases and analysis tools to help IT ...
July 26, 2006 26 Jul'06
Mozilla issues critical security updates

New patches to fix 13 software security flaws, eight of which have been deemed critical.
July 26, 2006 26 Jul'06
DHS puts Zitz in charge of cybersecurity division

American career intelligence officer Robert S. Zitz has taken over day-to-day operations of the US National Cyber Security Division, but his department still has numerous digital defence problems to remedy.
July 26, 2006 26 Jul'06
Blue Cross bears burden of 'no wireless' policy

Blue Cross of Idaho had a "no wireless" policy on paper but never really enforced it. That is, until a team of auditors said the company had better do something.
July 25, 2006 25 Jul'06
Employee monitoring should be done with care

Employee monitoring is on the rise as firms try to safeguard their sensitive information and increase productivity.
July 24, 2006 24 Jul'06
Security Bytes: New Microsoft exploits in the wild

The exploits target issues Microsoft patched earlier this month. Meanwhile, flaws are reported in Oracle for OpenView and a Mozilla Firefox keystroke logger is on the loose.
July 19, 2006 19 Jul'06
Answers: VPN and remote access know-how quiz

the crucial questions answered
July 18, 2006 18 Jul'06
Midsized firms reach out to backup service providers

Data growth and ever-tightening compliance rules are among the factors driving some organizations to turn to service providers for help with backups.
July 16, 2006 16 Jul'06
VPNs and remote access quiz

Take this five-question quiz to see how much you've learned about VPNs and remote access.
July 14, 2006 14 Jul'06
CSI survey: Data breaches still being swept under the rug

The annual CSI/FBI Computer Crime and Security Survey shows companies are reporting fewer financial losses from data breaches. That doesn't mean the good guys are winning.
July 14, 2006 14 Jul'06
Answers: Compliance All-in-One Guide quiz

The key compliance questions unveiled
July 13, 2006 13 Jul'06
Security Bytes: Investigators slam VA over data breach

Meanwhile: Cisco patches a router application flaw, a Washington law firm sues IBM over a server attack; and spammers sucker Web surfers with fake Vladimir Putin death reports.