Opinion

Opinion

IT security

• PCI: a lesson worth sharing

  Large UK retailers, such as John Lewis and Tesco, have shown a relaxed, in control, strategic approach to meeting the Payment Card Industry Data Security Standard.  Continue Reading

• Secrecy and abuse of trust

  Lord Falconer, the lord chancellor, said of the Freedom of Information Act, "The more there is a culture of openness, the better decision-making will be." He promised a "change in way we are governed" because "real, informed accountability improves ...  Continue Reading

• Security begins with the reception desk

  A security policy is no help if nobody is listening  Continue Reading

• Brown must cut red tape

  UK businesses face an ever-growing mountain of legislation. Although the more ludicrous moves - such as the spy in your rubbish bin - are understandably ridiculed in the national press, much of this is well-intended.  Continue Reading

• Your shout: SLAs must focus on business, data protection, agile methods could boost NHS IT scheme

  Computer Weekly's readers give their views on the weeks news  Continue Reading

• Information security: Who can you trust?

  There is no single answer to internet authentication, and businesses must employ different internal systems to meet requirements  Continue Reading

• The human factor is key to good security

  Forget about attacks through your firewall. What about the guy who phones up the IT helpdesk, pretends to be a senior manager and gains access to your information that way? This is social engineering - exploiting human vulnerabilities rather than ...  Continue Reading

• Newer is not always better

  It is good to see older systems still going strong in spite of all the efforts of IT suppliers to encourage users to upgrade to the latest version.  Continue Reading

• High price of failing to tighten IT security

  Security policies are useless if not backed by action, says Kenneth Mullen  Continue Reading

• IT systems evolve, but the challenges remain

  The hurdles faced by PC pioneers in delivering affordable, usable and manageable computers are still very much at the heart of modern IT  Continue Reading

• Embrace the new era of IT

  The past 40 years have witnessed a steady transformation in the way computers are used and who has ultimate control over IT.  Continue Reading

• Time to put security first

  With each new generation of software, it seems that designers introduce yet more challenges for IT security - usually in the name of "usability" or "productivity".  Continue Reading

• DPM's diary: 23 January

  Monday: "I really don't know what all the fuss is about. Data sharing within the public sector is a matter of common sense. All that wishy washy data protection is so 20th century."  Continue Reading

• Downtime: Satnav thriller as bank shows us the money

  Downtime has never used satnav. We were put off by all the tales of people being directed off cliffs and suchlike.  Continue Reading

• Infosecurity and IT ops are on the same side, so let's act like it

  Bridging the divide between the information security and operations teams would benefit both sides, the IT department and the business as a whole  Continue Reading

• The productivity challenge: Working with the iPod generation

  Implementing policies that are enabling rather than restrictive can help attract and retain high quality staff, while still ensuring productivity and security  Continue Reading

• IPv6 offers data packet security and quality of service – but so does IPv4

  Don't expect major security and quality gains with new Internet Protocol  Continue Reading

• Your shout: The great ID cards debate

  Computer Weekly readers have their say  Continue Reading

• A suitable case for treatment

  Insufficient testing is the bane of many a promising IT project, but in most cases it leads to nothing more than frustration on the part of the end-user.  Continue Reading

• Who will foot the bill for ID card fraud?

  Government looks set to push liability on business  Continue Reading

• Does Vista show us the path to safer IT?

  Ibukun Adebayo outlines the dangers of Microsoft's Jack-of-all-trades approach  Continue Reading

• Manage people, not technology

  People are the crucial factor in organisational change, and only by understanding what motivates them can you ensure a major project's success  Continue Reading

• Who's liable for ID cards?

  The government is pitching ID cards as a solution for identity theft. But industry needs to recognise that the current approach represents a much greater risk of identity theft liability for businesses, who will be left to pick up the costs if ...  Continue Reading

• Your shout: IT heroes, free data, cool datacentres

  Computer Weekly readers have their say  Continue Reading

• Secure web use for all, without walls

  Few companies would lay claim to being able to protect all end devices. So in a deperimeterised environment a holistic approach to web access is required, says Paul Simmonds  Continue Reading

• Do you know where all your data is?

  Changes to the law mean that organisations will be required to account for all their data and documents in the event of litigation, says Bill Onwusah  Continue Reading

• Information security means better business

  It's time for an ongoing dialogue with the board  Continue Reading

• Educate the IT amateurs

  Everybody is an IT expert these days. It makes you wonder why any company bothers employing an IT director or a security specialist when everyone on the staff not only knows the word firewall but has their very own implementation at home.  Continue Reading

• Spotlight on data security

  With the recent Dispatches documentary on Channel 4 once again fanning the flames of anxiety around data theft, firms would do well to use the publicity as a wake-up call and turn the security spotlight on themselves.  Continue Reading

• See the bigger picture on data security

  Don’t let suppliers put the blinkers on – even the best electronic security won’t safeguard your data if the physical aspects of protection have been overlooked  Continue Reading

• Why we must shout about our IT security

  Promote security measures to reassure customers  Continue Reading

• Avoiding nasty contract surprises

  Taking some time to review the supplier's terms early on can help you to avoid contractual traps and get the most from your software licensing agreement, says Jimmy Desai  Continue Reading

• Don't stay in denial on information risk

  Boards must lead from the front on data security, says Ian Wylie  Continue Reading

• Checking the form on file formats

  Ensuring data is widely accessible is a key concern for all businesses, says Jack Schofield  Continue Reading

• The four domains of data security

  Security professionals are expected to be proficient with a range of security techniques, but which qualifications do you need to progress your career?  Continue Reading

• Punish real cyber villains

  New readers of this publication will have much sympathy for hacker Gary McKinnon who was recommended for extradition to the US by a judge last week. But the wise will question the effect McKinnon’s potential sentence will have on those tempted to ...  Continue Reading

• Strategy clinic: How to win over business leaders to enterprise-wide data security

  Our panel of experts offer advice on IT management dilemmas. This week: gaining a managing director’s commitment to system security  Continue Reading

• Storage: Win the generation game

  Companies need to look ahead to make sure that the data they are storing today can be accessed tomorrow, and that it remains secure over the long term, says Cliff Saran  Continue Reading

• Weighing up the security options

  Vision is vital, but dogma can be disastrous. This holds as true in IT security as in life generally, and it should be remembered by all those at this week's Infosec conference as they thrash out the merits and possible drawbacks of ...  Continue Reading

• Give Soca clout to tackle e-crime

  Unveiling the Serious Organised Crime Agency (Soca) on 1 April may not have given the latest addition to the UK's army of crimebusters the most auspicious of starts. It has certainly left the agency open to obvious quips about the timing of its ...  Continue Reading

• See security as a resource

  The boardroom is recognising that direct threats to the health of the business are increasing in volume and sophistication, but is less clear on how to be responsible with information security risk.  Continue Reading

• Good governance will deliver BPO success

  Business process outsourcing deals need to be grounded on a clear understanding of how governance procedures and metrics align between all partners  Continue Reading

• Limits of token gestures

  When talking about authentication, two-factor means something you know and something you have.  Continue Reading

• Ensure it's not your fault

  Criminal hacking is on the rise and threatening the security of domestic and international business, but firms must be careful that their own negligence does not contribute to the problem.  Continue Reading

• Ensure data doesn't leave with your staff

  If your data or developments would be at risk when an unscrupulous employee leaves, take a lesson in self-defence, and be ready to act promptly  Continue Reading

• Brown's budget cuts rely on IT

  As the smoke clears after Gordon Brown's budget last week, it is clear that the chancellor is relying on IT to deliver cost savings across Whitehall.  Continue Reading

• Leaving do for your data?

  What happens in your company when an employee leaves, taking customer or database information, copies of programs or code, or business-critical information?  Continue Reading

• Why time is the vital ingredient

  IT directors of pension providers have spent much of the past year working to prepare for the simplified pensions tax regime.  Continue Reading

• Thin line between advertising and spying

  Although the legal issues surrounding adware and spyware have yet to be fully examined in UK courts, the Data Protection Act and copyright laws can provide guidance  Continue Reading

• IT due diligence can be a clincher

  Buyer beware is always a useful adage, but times are changing and it is no longer enough.  Continue Reading

• Review of computer misuse laws essential to keep up with rapidly developing market

  Participate in consultation to develop most effective computer legislation  Continue Reading

• Revenue must learn to say no

  It is time for the leaders of Her Majesty's Revenue and Customs to spell out some home truths to ministers and opposition politicians. The staff and systems at HMRC cannot cope with more rapid change.  Continue Reading

• Opinion: Are you ready for a crisis?

  Business leaders must beware creeping complacency.  Continue Reading

• Business data follows where blog feeds lead

  An important bit of the business data infrastructure is now being decided in the "blogosphere" - that amorphous cloud of interlinked personal weblogs that mainly seems to consist either of geeks or teenagers writing about their personal lives.  Continue Reading

• True meaning of partnership

  Only a fool would dispute the importance of getting the written contract right in any major business relationship. But the relationship will always be more important than the contract if things are to go well rather than fall into dispute mode.  Continue Reading

• Revenue IT still has a hill to climb

  HM Revenue and Customs was coy late last year about listing its IT-related achievements. Aware that its chairman David Varney and chief information officer Steve Lamey had enjoyed some success with IT-enabled reforms, we had asked its officials for ...  Continue Reading

• Inside the hacker's mind

  Crime prevention requires a non-academic approach, says Ian Johnstone-Bryden  Continue Reading

• Outsourcing: keeping divorce private

  Public outsourcing failures could be laid bare by FOI, says Renzo Marchini.  Continue Reading

• IT departments do the business

  IT has proved its worth in 2005. In many organisations it has been a year of significant achievements, a year when IT enabled business innovation and business agility while showing prudent control of budgets.  Continue Reading

• Ten steps to get a grip on your IT spending

  Working smarter, not harder is the key to cutting the corporate IT budget. Simplify your department and take on the right projects to reap the financial benefits.  Continue Reading

• IT managers must measure up or lose out

  IT managers must measure up or lose out  Continue Reading

• Watch your KPIs as new law starts to bite

  The Operating and Financial Review (OFR) has become a legal requirement for all UK quoted companies for financial years beginning on or after 1 April 2005.  Continue Reading

• Protect yourself and get the best out of outsourcing deals with India and China

  There are several legal issues that companies need to consider in order to get the best from their offshore outsourcing arrangements with India and China.  Continue Reading

• What makes a good chief security officer?

  The qualities and skills of an effective chief information security officer include strong ethics, professional qualifications and the right experience, says Richard Starnes  Continue Reading

• Not all dangers have a headline

  The crash of the trading system at the Tokyo Stock Exchange because of a software problem offers a timely reminder that disaster recovery and business continuity planning are essential not simply because of the more sensational incidents such as ...  Continue Reading

• Beating the USB burglars

  Policies are needed to counter removable media risks, say John Rostern and Jared Landin  Continue Reading

• Getting serious about security

  Security is a topic that raises strong emotions among IT managers. Ask any one of them what they think should be done to improve the state of corporate security and you are likely to elicit one of two pessimistic opinions.  Continue Reading

• Dangers of compromise

  Stephen Castell, in his opinion piece (Computer Weekly, 13 September), related an all too familiar chain of events leading to a systems disaster, and eight points at which warnings should be seen. The problem almost certainly started way before his ...  Continue Reading

• Licensing: Do not become a target

  Beware licence complications of second-hand software, says Quentin Archer.  Continue Reading

• Your shout: Security is everyone's responsibility, e-recycling

  Computer Weekly readers have their say.  Continue Reading

• No jobs for the bad boys

  Can there ever be such a person as an ex-hacker?, asks Mark Hanvey  Continue Reading

• A question of quality

  It is good to see Oracle's chief security officer, Mary-Ann Davidson, admit that the IT industry's biggest challenge is software quality. With users needing masses of patches to manage, the industry is at the bottom of the curve of software quality,...  Continue Reading

• Polishing up the act

  The new Companies Act will affect firms to different degrees but makes proper data management essential, says Jon Fell  Continue Reading

• Tiers are not enough

  Everyone seems to want a tiered storage architecture but the correct approach is essential to business efficiency, says Geoff Hough  Continue Reading

• Storage and security

  Keeping data stored safely means finding a balance between accessibility, protection and staying within the law, says Correy Voo  Continue Reading

• SOA: Beware IT balkanisation

  Service-oriented architectures raise security issues, says Jean-Noël Ezingeard  Continue Reading

• Making a habit of strong security

  There is a lot of talk about creating a security culture in the workplace, but for most IT departments it is a tough job to get users across the organisation to understand why it is important, to put it into practice and, even more important, to ...  Continue Reading

• Think modular for effective recovery plans

  There is no one-size-fits-all business continuity strategy, so think of disaster recovery scenarios as modules that can be invoked depending on the situation, says Josh Krischer  Continue Reading

• Let's sort the bugs before we get regulated

  Developers need to focus on decreasing risk in new releases to an acceptable level. Rather than tackle every single flaw the most risky areas should be addressed first, says Sarah Saltzman  Continue Reading

• Need for testing limits value of automation as IT managers look to accelerate patching

  Worms and viruses that exploit newly discovered vulnerabilities are appearing faster and faster, prompting IT departments to install security patches at an ever greater speed.  Continue Reading

• Continuity plans are going public

  Once, business continuity was a matter between a company and its shareholders.  Continue Reading

• Virtualisaton key to service improvement in next phase of datacentre consolidation

  Datacentres are going through various stages of consolidation. Driven by the development of technology and the need to contain costs and improve services, the system infrastructure has become more resilient, more available and more secure.  Continue Reading

• High cost of ignorance

  Over the past couple of months I have attended a series of roundtables with IT managers, talking about asset management. They revealed that one of the biggest barriers to them taking greater control over their software assets was a lack of board ...  Continue Reading

• Overanxious or underinsured?

  The problem with business continuity planning is the third word in that phrase. All the planning in the world is pointless if the reality fails to match when things go pear-shaped.  Continue Reading

• European 'no' to software patent directive leaves doors open to protection of new ideas

  Software can still be patented as long as certain conditions are met  Continue Reading

• The devil is in the data

  The value of mergers or acquisitions can be reduced if data migration is not sorted out before completion  Continue Reading

• New approach to aid security management

  Data extraction software can provide comprehesive view of corporate systems.  Continue Reading

• Model-based automation can help users keep pace with changing security demands

  Setting up automated systems that respond to events can improve adaptability  Continue Reading

• Know your risks

  Speed is vital to assess and manage swiftly changing risks and meet regulatory demands. A matrix-based approach can offer a faster route than traditional, bottom-up methods  Continue Reading

• When IT should come last

  A new approach is needed to avert public sector failure  Continue Reading

• Classes of service won't guarantee quality of service in the brave new world of MPLS

  What every business should know before deploying Wan connectivity technology  Continue Reading

• US card fiasco is a warning for all

  The security breach which exposed the full personal and banking details of 40 million MasterCard, Visa and other card holders should act as a wake-up call to us all.  Continue Reading

• DPM's diary: CP bound

  The first hot weather of the year sees the return of a few old challenges to the department.  Continue Reading

• A CIOstands up for openness

  Steve Lamey, chief information officer at the newly merged HM Revenue and Customs, has set himself the task of removing major inefficiencies. He has discovered, for example, that staff in each of the UK's 72 tax offices do things differently.  Continue Reading

• Reliability and performance testing is the only way to guarantee quality of service

  If you want a successful IP network, test it before, during and after implementation  Continue Reading

• Cybercrime fight under-funded as millions 'wasted' on software piracy convictions

  National Hi-Tech Crime Unit should give piracy a lower priority  Continue Reading

• Your shout: Skills, security and communications

  Have your say at computerweekly.com  Continue Reading

• Developers should be encouraged to write security into the code for new applications

  Securing applications is as important as securing systems but is often overlooked  Continue Reading

• Don't become a sitting duck

  IT departments are fighting an increasingly fraught battle to keep their systems free of security vulnerabilities  Continue Reading

• Information security: Seeing the big picture

  Information security is about securely bringing together the organisation's two most important assets - information and people.  Continue Reading