|
New Books
Click on a book cover for more information or to order.
SAVE 20% AND GET FREE SHIPPING when you order these or any book online! Simply enter this code--813DA--when you checkout.
In the Virtual Era, Who Needs Insurance?
Even if the idea of another insurance policy is not appealing there is evidence that cyber liability insurance could become a prerequisite in the tendering process making it a necessity in the supply chain. Businesses will not want to trade with organisations that might lose or damage their data unless there is insurance in place to compensate. Therefore, even if you still think insurance is a waste of money, your customers and suppliers may disagree.
Get the Most from the Cloud (without the Hidden Costs)
One of the most popular new technologies today is the cloud. In order to understand not just the benefits of cloud, but also the challenges organizations are experiencing through their deployment, Symantec launched a global survey of more than 3,000 businesses. The results show several common costs that businesses may be overlooking in their haste to take advantage of the cloud's benefits.
Virtualization Overview: Focus on the Business Benefits
According to news.cnet.com, Larry Ellison said, "the computer industry is more fashion-driven than women’s fashion." He was referring to cloud computing, but his comment equally applies to virtualization. Virtualization has a definite business payoff, which we will identify. But virtualization is not the right fix for every problem, and there are many examples of virtualization with little or no business payoff. This is an excerpt from Data Center Storage: Cost-Effective Strategies, Implementation, and Management by Hubbert Smith.
Symantec Internet Security Threat Report Reveals Increase in Cyberespionage
Symantec’s Internet Security Threat Report, Volume 18 (ISTR) today revealed a 42 percent surge during 2012 in targeted attacks compared to the prior year. Designed to steal intellectual property, these targeted cyberespionage attacks are increasingly hitting the manufacturing sector as well as small businesses, which are the target of 31 percent of these attacks. Small businesses are attractive targets themselves and a way in to ultimately reach larger companies via "watering hole" techniques. In addition, consumers remain vulnerable to ransomware and mobile threats, particularly on the Android platform.
Android and the Secure Enterprise
Like it or not, Android is in the enterprise to stay, insecurities and all. This chapter from Android Security: Attacks and Defenses introduces you to the mobile device landscape and demonstrates why Android security matters. Authors Anmol Misra (Cisco Systems) and Abhishek Dubey (Webroot Software) analyze the evolution of mobile security threats, from basic phones to smartphones, including ones running the Android platform. They then introduce Android history, releases, and marketplaces for Android applications.
Securing Your Enterprise Data in a BYOD World
What happens if a device with access to corporate data is lost or stolen, or if an employee leaves? There are, says Trevor Goldberg, a number of security features that should be considered as mandatory when allowing an employee to have mobile access to systems, services and data that are ordinarily very secure when accessed within a corporate environment. Mobile is very different and has a whole set of new challenges for security.
Unit and Ubiquitous Internet of Things
Although the Internet of Things (IoT) will play a key role in the development of next generation information, network, and communication technologies, many are still unclear about what makes IoT different from similar concepts. Answering fundamental questions about IoT architectures and models, this book introduces essential IoT concepts from the perspectives of mapping and interaction between the physical world and the cyber world. It addresses key issues such as strategy and education, particularly around unit and ubiquitous IoT technologies.
Records Management in Microsoft SharePoint
To address records management challenges, many organizations are looking to Microsoft SharePoint. With its powerful recordkeeping capabilities, organizations can manage their records using the same platform used for everyday collaboration and document management. But as with all sensitive content within SharePoint, it's important not to overlook the security implications of storing records in SharePoint.
Draw Lines in the Sand to Jumpstart Virtual Teams
This article explores some of the usual challenges virtual teams face when it comes to carving out clear boundaries, the challenges that emerge in the absence of such boundaries, and some possible remedies. You can also jumpstart the creation of your own virtual team charter with a downloadable checklist of questions.
The Amazing Smartphone: No Guts, No Glory
The CTIA has developed an infographic on the evolution of the smartphone. They note that, "While we’re clearly enjoying all of the benefits that smartphones offer, do you know how much the networks, hardware and content have evolved? This has also impacted how consumers and businesses use mobile devices."
The BYOD Revolution
It’s not a question of if. It’s not even a question of when. It’s a question of will you be ready? It's not too late. This is an excerpt from Bring Your Own Devices (BYOD) Survival Guide by Jessica Keyes.
Call for Chapters: "Case Studies in Intelligent Computing" and "Case Studies in Secure Computing"
Digital Usage Policies and the ‘New’ Desktop
What happens if users misunderstand, forget or ignore the policy or are simply socially-engineered into installing risky applications? Can your organization rely any longer on mere usage policies to form a reliable part of their compliance stance? In any event, can applications be efficiently managed if IT staff lack reliable tools to perform simple discovery and control on a continuous basis?
We Have to Scale the Human Generated Big Data Mountain ‘Because It’s There’
First they were just molehills that grew into mounds. Now they are mountains of Big Data, and what used to be a nuisance on the enterprise’s lawn is now a goldmine. But, its size is enormous and we have to explore it all to realize its value. Using email as an example, this article examines the Big Data task ahead of us and explores some strategies to get us to the top.
How a Simple Storyboard Helps Command Attention and Get Results (Virtually)
You're in the process of designing your presentation and creating your meeting agenda. Since you will be leading the meeting from a conference room with several of the senior leaders, with others participating from various locations, you know that a critical success factor will be keeping everyone absorbed, engaged and enthusiastically participating in a productive dialogue. In the article, Nancy Settle-Murphy and Sheryl Lindsell-Roberts offer practical approaches for presenting important recommendations that grab and keep peoples' attention, wherever they are.
Check out Nancy's new book, Leading Effective Virtual Teams: Overcoming Time and Distance to Achieve Exceptional Results
Defining Enterprise and Transformation Challenges
This is an excerpt from Enterprise Dynamics Sourcebook edited by Kenneth C. Hoffman, Christopher G. Glazner, William J. Bunting, Leonard A. Wojcik, and Anne Cady.
How to Control Windows Store Apps in Windows 8
With the release of Windows 8, Microsoft introduced the Windows 8 App Store. Getting an application published in the store involves a testing and accreditation process,which provides an element of security around the applications. But given that the store is accessible to corporate users, the functionality of those applications may not be desirable for a corporate desktop. By implementing granular, flexible management of Windows 8 Store Apps across Windows 8 and Windows Server 2012 rollouts, you can ensure that only authorized applications can be installed and executed by users in an enterprise environment.
Virtualization Needs Physical Consideration
Why do people seem all too happy to do things in the virtual world they would never dream of doing in the real world? Organizations are happy to hand over bunches of keys that open every sensitive file and expose the softer underbelly of the network. Why do they do that? This article, written by Andrew Avanessian, Avecto’s VP of Professional Services, explores this and offers a virtual solution to the physical problems.
Effective Physical Security of a Mobile Device
This article explores the idea that it is impossible to provide effective physical security of a mobile device while using today’s technology and training practices. IT discusses current mobile security technologies, and their limitations, and presents potential new future to solve the problems. Finally, it proposes a solution that utilizes many different aspects of security measures to provide the best protection.
How Cisco's Revenue Shift from Products to Services Is Transforming Its Relationship with Its Partners
Cisco's revenue is more and more being driven by services, not products. How does a services model benefit Cisco’s channel partners who specialize in selling and installing infrastructure? Advanced Services is one way. This arrangement is becoming more and more crucial to channel partners’ business as firms move toward the Cloud and away from buying networking hardware. This article considers how Cisco's revenue shift is affecting its relationship with its channel partners.
Building Trust Calls for Different Approaches Across Different Cultures
This article, the first of a series, focuses on how different attributes, behaviors and attitudes are seen as trustworthy (or not) by a handful of cultures. Although it's true that all people deserve to be treated as individuals, virtual team leaders can accelerate the process of building trust across their teams by understanding certain patterns of behaviors within cultures.
Check out Nancy's new book, Leading Effective Virtual Teams: Overcoming Time and Distance to Achieve Exceptional Results
NEW! Excerpts from Recently Published Books
Fundamental Noise Concepts
This is an excerpt from Physical Principles of Wireless Communications, Second Edition by Victor L. Granatstein.
Why Measure Information Security?
This is an excerpt from PRAGMATIC Security Metrics: Applying Metametrics to Information Security by W. Krag Brotby and Gary Hinson.
Visit Security Metametrics
2013 Predictions Countdown from Infosecurity Europe
It’s the time of year again when IT security experts predict what the next year will bring. Here are some predictions and trends that Infosecurity Europe exhibitors expect to see in 2013.
Seven Top Tips to Get Your Windows Migration Right by Removing Admin Rights
A migration is the perfect time to remove admin rights. For users, they’ll be experiencing change anyway while getting used to the new operating system, so are unlikely to even notice that they’ve had their admin rights removed. As an organization, you need to clearly define and prioritize the objectives of the roll out. Here are seven tips to help as you prepare to migrate to a new operating system without admin accounts, and keep it that way.
Dividing Data after a Merger or Acquisition
There are many problems and challenges facing an organization that is about to merge with another organization or sell a subsidiary. Divesting yourself of a part of your company is rather like carrying out an elaborate surgical transplant - the correct parts of the existing entity have to be identified, isolated, and then meticulously extracted to ensure that nothing extraneous is inadvertently transferred from the source to the destination. This article examines the problem of how to migrate and separate your data during a merger, acquisition or sale without harming the patient.
8 Great Year-Round (Free!) Gifts Everyone on Your Team is Guaranteed to Love
So with all this talk of giving, Nancy Settle-Murphy got to thinking: How can we offer meaningful gifts to those we work with, especially those who are far away? And not just for holidays or birthdays or when we've achieved certain milestones - but on a regular basis, as a routine part of how we work together. How can we invoke this spirit of giving in such a way that it becomes second-nature? Here are some gift ideas that will strike a chord with team members near and far. They require very little extra time, and for the most part, they don't cost you a dime.
Check out Nancy's new book, Leading Effective Virtual Teams: Overcoming Time and Distance to Achieve Exceptional Results
NEW! Excerpts from Recently Published Books
New Directions of Modern Cryptography
This is an excerpt from New Directions of Modern Cryptography by Cao Zhenfu.
What Is Digital Forensics, and What Should You Know About It?
This is an excerpt from Digital Forensics Explained by Greg Gogolin.
HIPAA/HITECH Compliance Overview
This is an excerpt from The Definitive Guide to Complying with the HIPAA/HITECH Privacy and Security Rules by John J. Trinckes, Jr..
Complex Systems Engineering Principles
This is an excerpt from Leadership in Chaordic Organizations by Beverly Gay McCarter and Brian E. White .
Unique Challenges of Virtual Teams and Their Leaders
This is an excerpt from Leading Effective Virtual Teams: Overcoming Time and Distance to Achieve Exceptional Results by Nancy M. Settle-Murphy.
Service-Oriented Network Virtualization for Convergence of Networking and Cloud Computing in Next-Generation Networks
This is an excerpt from Building Next-Generation Converged Networks: Theory and Practice edited by Al-Sakib Khan Pathan, Muhammad Mostafa Monowar, and Zubair Md. Fadlullah.
Generation Tech: Young, Gifted but a Long Way from Bad
Young employees take more risks with software. This doesn't have to be a problem. From the point of view of traditional, centralized IT, BYOD and consumer software are inherently difficult to assimilate. Admins are instinctively wary and with good reason. In conventional IT, the users are the source of most problems, starting with the misuse of software. But here's an intriguing thought; far from being negative and risky, perhaps the way Generation Y adopts new applications could have long-term benefits if a way can be found to accommodate the behaviour.
Tapping the Quiet Power of Introverts in a Virtual World
In this article, Nancy Settle-Murphy explores ways that virtual team leaders can learn how to take advantage of the quiet power and special strengths of the introverts on their teams, instead of trying to make their introverts conform to the "extrovert ideal.
Social Networking: #Friend or #Foe
Social media can be a powerful business tool, but hackers are finding increasingly sophisticated ways to exploit our online relationships. This article by Joanne Rogers of CS Risk Management examines the many potential benefits and risks, and discusses what should be the key considerations for your enterprise when utilizing social media.
Privacy Compliance Laws: Why the European Commission Has Finally Got It Right
The debate about privacy compliance has always been a heated one. Add to the mix new European Commission legislation and you have a recipe for not only a lively debate but also a controversy about the interference in privacy of a European bureaucracy. This article concentrates on examining the stances that have been taken, their validity and, more importantly, what an enterprise needs to do as it turns from merely talking shop to setting and implementing concrete policies on privacy.
Introduction to the Smart Grid
Our current grid system is quickly becoming obsolete. One solution to this problem is smart grid. Smart grids will be able to efficiently handle our increasing energy demands and reduce the environmental impact by incorporating renewable resources. This chapter discusses what smart grids are and the technology they use, and provides case studies of early implementations.
Privacy Professor Tips of the Month
Rebecca Herold, author of several Auerbach books and co-editor of the Encyclopedia of Information Assurance, publishes a monthly newsletter of "Privacy Professor Tips of the Month." Here's a link to all of the monthly Privacy Professor Tips to date.
Complex Systems Engineering Principles
In this excerpt from Leadership in Chaordic Organizations, authors Beverly G. McCarter and Brian E. White delve into the science of complexity a little deeper, relate its principles to systems of people, and then discuss the impact on organizations.
Major Components of Data Management
Data management in a Business Intelligence (BI) project is like the blood circulation in an organism: it is needed everywhere but appears in various doses and throughput levels through various blood vessels from the aorta of the extract, transform, load (ETL) process to the capillaries of everyday atomic data capture on the shop floor. Data management with regard to BI and your role as a business analyst reflects on seven aspects.
Security As an Enabler of Innovation
For years, many enterprises have viewed IT security as a costly extra that has to be endured and that does not produce value for the enterprise. The past two years, however, have shown that this attitude is one that can be fundamentally flawed. Even multinational enterprises have suffered data breaches and have lost substantial sums of money as a result. This article looks at how IT security can be a major driver for business and an enabler of innovation.
Understanding Your Organization's Best Software Development Practices
Over time, as we continue to hear more about a particular technique or software process that has provided positive results, we come to label these occurrences as best software practices. And, I think that for the most part, the label is deserved. The relevant question at this point is to ask ourselves, what is the nature or what are the characteristics of a software development best practice.
Data Loss from Missing Mobile Devices Ranks as Top Mobile Device Threat
The Cloud Security Alliance (CSA) Mobile Working Group today released findings from Top Mobile Threats, a new survey that calls out the specific security concerns enterprise executives say are the real and looming threats to mobile device security in the enterprise environment. In addition to identifying the top threats, respondents also indicated a couple of additional concerns with 64 percent of respondents believing that NFC and proximity-based hacking will happen in 2013. Also 81 percent of respondents believe that insecure WiFi and rogue access points are already happening today.
10 Top Tips for Leading Great Lessons Learned Reviews in a Virtual World
When run well, a lessons learned review can yield big benefits. The trouble is, many teams approach a lessons learned review as a necessary evil has to be dealt with before they move onto the next project. In this article, Nancy Settle-Murphy and Kathleen Coyle, who is Senior Organizational Development & Training Consultant for Partners HealthCare System, apply many of the great tips found in Kathleen's excellent Top 10 Tips for Lessons Learned Reviews white paper to virtual teams, who face special challenges when it comes to designing lessons learned sessions.
Communication Middleware for the Internet of Things
This excerpt from The Internet of Things in the Cloud: A Middleware Perspective talks about the extensions and enhancements of the existing technologies in the device and connect layers. If the IoT applications are to be extended from the current insolated Intranet or Extranet environments to the wide area as well as global Internet landscape, some fundamental changes in the networking systems have to be considered in a converged next-generation network (NGN) setting.
Cloud Maturity Study Reveals the Top 10 Issues Eroding Cloud Confidence
Findings from a joint Cloud Security Alliance (CSA) and ISACA survey show that government regulations, exit strategies and international data privacy dominate the Top 10 areas where confidence in the cloud is lowest. The Cloud Market Maturity study provides insight into the maturity of cloud computing and will help identify any changes in the market. The report, released today, provides detailed insight on the adoption of cloud services among all levels within today’s global enterprises and businesses, including the C-suite.
BYOD and Spotting the Next Big Trend
We often get blind-sided by events because we don't see them coming, or don't believe they happen here. This article suggests that an analytical look into how the BYOD trend began may help us to be more prepared to spot the next big trend.
NEW! Excerpts from Recently Published Books
Data Warehousing and Business Intelligence: What, Why, How, When, When Not?
This is an excerpt from Open Source Data Warehousing and Business Intelligence by Lakshman Bulusu.
M3 and A5
This is an excerpt from Machine-to-Machine Marketing (M3) via Anonymous Advertising Apps Anywhere Anytime (A5) by Jesus Mena.
Cloud Enterprises
This is an excerpt from Cloud Enterprise Architecture by Pethuru Raj.
COSMIC Full Function Points (FFP) and the Worldwide Field Trials Strategy
This is an excerpt from The IFPUG Guide to IT and Software Measurement edited by IFPUG.
Building Security into Software
This is an excerpt from The 7 Qualities of Highly Secure Software by Mano Paul.
Essbase Foundational Hardware and Software Tips and Tricks
This is an excerpt from Developing Essbase Applications: Advanced Techniques for Finance and IT Professionals edited by Cameron Lackpour.
The Top 8 Benefits of Cloud-Based Server Monitoring
Have you considered cloud-based server monitoring for your infrastructure? If your IT organization spends a lot of time in reactive, fire-fighting mode, getting projects done on time will be a challenge. Cloud-based server monitoring is a quick and easy service to implement, with no upfront capital costs or infrastructure to deploy. You can have full monitoring of all your critical servers set up in minutes, while still tending to your day job. If you'd like to know more, here are the top eight benefits of cloud-based server monitoring.
Application Whitelisting for Infrastructure Control
Today application whitelisting is being most aggressively adopted for industrial control, medical, and manufacturing systems, where there is less configuration variation and the outcomes of infection are potentially extremely severe. Wider PC protection will undoubtedly follow as the trust model is extended to include other signing authorities and it becomes possible to self-update signature files without the need for in-house management. This article explores how the threat landscape is evolving and the resulting need for organizations to review their approach to virus protection.
9 Ways to Get (and Stay) Virtually Connected on a New Job
So, you're starting a new job. Trouble is, you'll be working quite a distance away from your new manager and most of your new team, with few opportunities for face-to-face (FTF) interactions. How can you overcome barriers of time and distance to forge a lasting connection to your new manager and team? In this article, Nancy Settle-Murphy and Beverly Winkler offer nine tips for making a great impression on your new manager (and the rest of the team), when you work from afar.
The Deadly Sins of Cloud Computing
What do the seven deadly sins have to do with cloud computing? Many organizations are sleepwalking into the cloud. Moving to the cloud may outsource the provision of the IT service, but it does not outsource the organization’s responsibilities. There are issues that may be forgotten or ignored when adopting cloud computing strategies. Of these sins, one above all can lead to problems with cloud computing: sloth, or laziness. Clearly, a good understanding of cloud is critical, as is effective governance over the cloud. Sloth affects cloud computing activities because it can lead to inattention to details.
From Identity and Access Solutions to Access Governance
Over the past decade, there has been a tsunami of identity and access management technology. However, many organizations have not realised the benefits because they have taken a technology-led approach rather than one based on governance.
Security Awareness: Telling Them Once Is Never Enough
Unless IT security is a core element of someone's job, it is not necessarily considered their on-going development needs. Without an ongoing systematic and proactive user awareness programme, a strong security posture is in jeopardy. There is no cure for stupidity or genuine human error, but you can educate your workforce to help them make the right decisions and avoid unnecessary mistakes. Here are seven things you can do to make sure your workforce is security aware.
Web 2 to Enterprise 2
Social networks are a great way of spreading useful information to employees; some people tend to check their Facebook account more often than their e-mail. Many managers see great potential in these kinds of tools. The collective take on collaboration tools is that they need to be institutionalized to meet the demands of the business. All of these can be "institutionalized" in some way to enhance employee productivity. Given the popularity of these sorts of tools among consumers, it is no wonder that a variety of these sorts of tools have cropped up that are geared to specific business disciplines.
The Severity of Bugs: Are We Doomed?
Everyone hates software bugs. Developers hate them in their code and consumers hate them in their products. Here are some facts about bugs.
The Day the QA Died
Where is QA now? What will happen to QA departments? In the new, Agile development world where working software is key, QA is becoming too expensive and slowing down the time-to-market. Eli Lopian, CEO of Typemock, details in the attached article, why QA became the ultimate testing solution and why it is no longer a feasible solution in today’s climate.
Structuring Successful Virtual Meetings: A Counterintuitive Approach
The structures that work for great virtual meetings are many of the very same ones that work for successful large, face-face (FTF) meetings. Why? In large FTF meetings, we need to keep everyone productively engaged, give them opportunities to speak and be heard, and sequence all activities perfectly to make sure everything gets done on time. And, as is the case with virtual meetings, in a large FTF gathering, we often have little ability to influence or even observe what participants in the far corners of the room are doing. This article looks at five specific structures to consider as you design your next virtual meeting, all borrowed from large group FTF meeting best practices.
What the Gurus of Secure Collaboration Couldn't Tell You: How to Do It Right
The introduction of cloud-based file synchronization such as Amazon, Gmail and iCloud has led to a state of interconnectedness that even the most visionary writer of management-speak books could not have imagined. As David Gibson, VP of Strategy for Varonis Systems, outlines in this article, this slow creep of interconnection through consumerization is exposing organizations to potential criminal activity, major data breaches, increased insider threat and the multiplication of common albeit innocent mistakes. However, there is another way and he outlines a strategy for secure collaboration that can work within the enterprise.
Threat Report Highlights Upsurge in Socially-Smart Attacks from China that Target PCs and Android Smartphones
AVG Technologies' Q2 2012 Community Powered Threat Report investigates how cybercriminals have combined social engineering with more complex malware authoring for PC and mobile to increase impact, and that many of these are emerging from China. Android smartphone users remain a lucrative target, and is on track to stay the most shipped mobile operating system until 2016. Much of this new malware has also been identified as originating from China and targeting users there and in neighboring markets, reflecting the fact that this is now the world’s top smartphone market with over one million mobile web users.
The Method Framework for Engineering System Architectures Added to Intel’s Recommended Reading List
The Method Framework for Engineering System Architectures by Donald G. Firesmith, Peter Capell, Dietrich Falkenthal, Charles B. Hammons, DeWitt T. Latimer IV, and Tom Merendino has been added to Intel’s Recommended Reading List. The book enables system architects and process engineers to create methods for effectively and efficiently engineering high-quality architecture for systems, subsystems, and software components.
Team Culture Trumps National Differences: 11 Expert Tips for Great Global Teams
Why are native English speakers often the worst communicators on a global team, even though English is the only language used by all? What are people from different cultures really saying when they're not saying anything? How can a team culture trump national differences? Those were just some of the topics covered during the 2012 Virtual Working Summit. In this article, Nancy Settle-Murphy paraphrases eleven of her favorite tips.
The Problems with Electronically-Stored Information as Discoverable Evidence
When we need to use electronically stored information in a court of law, or if we just need to understand how to find it and deal with it for whatever reason, we have to think about how it is different from any other type of data or information.
3 Risks of Failing to Monitor Internet Usage
Could your business cope without Internet access? Would you still be able to do business? It is unlikely that you could survive for long without an Internet connection. Yet, few businesses understand the risks of failing to monitor Internet usage. Employees downloading files, social engineering attacks, bandwidth consumption and negatively impacted productivity can all result from the misuse of employee Internet access privileges. Many of these risks can be mitigated by using software to monitor Internet usage over your network, and to apply proactive security measures to stay secure. Let’s take a look at the three most common pitfalls and how they can be avoided by Internet monitoring software.
When Users, Admins and Applications Go to War
This article looks at what happens when the power of administrators managing Windows application crashes head-on into the needs of employees. It examines two typical scenarios. The first in a small organization where a standard user asks to access an application, is given administrator rights, and is then armed with a huge amount of power, leaving the company open to serious security problems. The second scenario looks at where users are continually interrupted with User account control requests, blocking their work and productivity. These scenarios can be controlled and managed through simple privilege management’s layers.
Who Moved My (Virtual) Water Cooler?
A recent Harvard Business Review article laid out three important conditions that must be in place to promote the kind of conversations that lead to more collaborative, cooperative and creative conversations, whether team members work together or apart: Proximity, Permission and Privacy. This article builds on some of excellent ideas in that article to provide virtual teams with several ways they might replicate the kind of environment that enables casual conversations just like the water cooler, cafeteria or conference room does for teams that work together.
BYOD: It's Time to Throw Out the Rule Book
The Consumerization of IT, or Bring your Own Device (BYOD) as its becoming more commonly known, as a concept was born and with it a can of worms was not only opened, but flung all over the place. In far too many cases, IT is having to play catch up with some teams in danger of losing the game. Rather than always trying to pre-empt the next advance, technology teams need to find ways to secure the defences now that future proofs the organization for tomorrow's world.
Two-Thirds of Senior Management Don’t Know Where Their Company Data Is
Research from Varonis Systems has found that 67% of respondents say that senior management in their organizations either don’t know where all company data resides or are not sure. In addition, 74% of organizations reported that they do not have a process for tracking which files have been placed on third party cloud digital collaboration and storage services. With Bring Your Own Device (BYOD)—particularly mobile and tablet devices—and file synch services booming, companies are open to a wave of potential devastation. Files kept on third party cloud services can be lost, misplaced, accessed by unauthorized people or leave the company with the employee, causing data privacy and compliance issues.
Is Your Security Like Your Choice of Coffee?
So, what's security got to do with coffee I hear you ask? Well, what it aptly demonstrates is everyone knows what they want, and it's on their terms and not the coffee shop's.
Online File Sharing Poses Great Security Risks to SMBs
A new survey indicates that as online file sharing becomes increasingly common as a business practice, SMBs are more at risk than ever before. The SMB File Sharing Survey revealed that SMB employees are increasingly adopting unmanaged, personal-use online file sharing solutions without permission from IT. Symantec, who conducted the survey, recommends that SMBs implement some simple best practices to help ensure employees share files securely.
Could You Bring Your Company to Its Knees?
There’s a saying ‘do as I say, not as I do,’ which seems to resonate in the executive corridor of far too many organizations. In this cautionary tale, we use the saying to create a fictitious scenario. This is created to illustrate just how dangerous double standards can be with applied to information security policies and procedures. Our unfortunate protagonist is the managing director, who believes the rules don’t apply to him.
Cloud Choices: Adopting Cloud Computing Can Save Money, but It Is Important to Choose the Right Cloud Solution for Your Business Needs
The Cloud provides an alternative way of procuring IT services that offers many benefits, including increased flexibility as well as reduced cost. It extends the spectrum of IT service delivery models beyond managed and hosted services to a form that is packaged and sold. However, in a recent survey by global IT association ISACA, 30% of the 3,700 respondents said cloud computing is one of the top issues expected to impact their enterprise’s security in the next 12 months. Clearly, a good understanding of cloud is critical, as is effective governance over the cloud.
11 Leadership Tips for What to Do When Workloads Are Seriously Out of Whack
Say you're the leader of a team of hard-working professionals who work in different locations. It's crunch time, and pretty much everyone realizes they need to put aside their personal lives for the next few days (or maybe a tad longer) to meet a critical deadline. Trouble is, you discover that while some people are working feverishly to make sure the team meets the deadline, others are adamant that they are not willing to sacrifice their personal lives—again. Until now, your team has no explicit norms about addressing workload imbalance. Clearly, it's time to create some before people leap across the virtual table in frustration. Where should a virtual leader, or any leader, begin?
Building Security into Software
This excerpt from The 7 Qualities of Highly Secure Software discusses the need for building security into software. Building security in is about proactively designing and developing appropriate security controls into the software. The quality of building security in that will result in highly secure software can be achieved by addressing the people, the process, and the technology components in the software engineering process.
Research Uncovers What IT Security Wants Most from Big Data
More than two-thirds of IT people think Big Data should be a strategic priority according to research conducted by Varonis. More than half expect Big Data to be a strategic initiative over the next five years, but fewer than half of the respondents felt there was a clear definition of Big Data, even fewer felt they had adequate knowledge of Big Data products. When asked how they would like to use Big Data, the respondents had clear ideas. The top three most selected applications were: finding at risk sensitive data, identifying possible malicious activity and finding users with excessive access rights.
New EU Data Directive Will Drive Turning Point for Security
The European Commission is planning a raft of new directives on data security that commentators say will come to be seen as an important turning point. The new 24-hour data breach disclosure rules are a golden opportunity for organizations willing to embrace automation.
The Social Enterprising Environment
You may not realize this, but the collaborative web is getting ready to radically change the face of business. Some have taken to calling this use of collaborative technologies in business Enterprise 2 (E 2.0). E 2.0 constitutes the entirety of social networking applications, which includes blogs, discussion boards, workspaces, anything else that is sharable, and even mashups. The excerpt introduces social networking in such enterprise activities.
Fake Feds Attack Hijacks Computers for Ransom
Trusteer CTO Amit Klein on a new use of the Citadel malware platform (a descendent of the Zeus Trojan) to deliver code ransomware that poses as the US Department of Justice and highjacks victims' computers.
|