When faced with an automation requirement, there are two basic options: buy or build. If there is a commercial off-the-shelf (COTS) product that meets the requirement, buying off the shelf often seems like an easy decision.
COTS solutions can reduce development time, because components or applications can be purchased or licensed instead of being built from [...]

The following is an email conversation UK Ltd had in March 2010:
From: Dave Griffin, Managing Director
To: Elaine Pearce, CISO; Richard Winston, IT Manager
Subject: No Access to Sensitive Data – No Excuses
Dear Elaine and Richard,
You know we’ve been discussing the Data Protection Act (DPA), well I’ve just heard that The Information Commissioner’s said he’ll impose a [...]

With the growth of social networking, online media consumption and cloud computing, every day millions of people log in to a variety of different sites using a username and password or PIN combination.  However, over the last few months there have been a number of high-profile hacking attacks that have pointed to the inherent [...]

The IT security industry loves its acronyms, why is anyone’s guess – maybe it’s a speed thing, perhaps it’s the whole idea of writing code or overcome language barriers, I’ve even heard “it’s to do with saving bandwidth”, whatever! What I do know is it’s confusing for those on the outside to keep up when [...]

Virtualization platforms are software. All software has flaws. Therefore, virtualization platforms have flaws. Simple logic, right? The major virtualization platform vendors, VMware, Xen (now Citrix), and Microsoft, have all had several vulnerabilities over the last few years. However, the major components of a virtualization infrastructure and the IT strategy related to deployment and maintenance [...]

As enterprises seek to protect data from cybercriminals, internal theft or even accidental loss, encryption and key management have become increasingly important and proven weapons in the security arsenal for data stored in databases, files and applications, and for data in transit. No one needs to be reminded of the many high-profile, reputation-damaging and [...]

The outbreak of potential data breach reports in the UK prompts obvious and inevitable questions: How can these things happen in the first place? How many more times is personal information lost without anyone’s acknowledgement and, some would argue most importantly, what can be done to secure the corporate defences?
Mobile computing allows individuals [...]

The firewall is a mature technology, right? Then why do those who manage it feel like they’re running a daycare overrun with little savages?
Firewalls are a mature technology, right? Most companies have at least one, if not several. And since an established knowledge base exists to tap for issues and PCI DSS 1.1 and [...]

It happens in a moment – playing with my mobile before going into a meeting; I put it down for a moment and suddenly my host is standing in front of me. Two hours later I’m desperately searching for my phone. Rush back to reception but it’s not there. Here I am in Dubai and [...]