Security 101 | Page 2


Federal and State laws, as well as industry regulations, are major drivers in the security industry, and none are probably more far-reaching and controversial than the Payment Card Industry Data Security Standard (PCI DSS). Here, Fortinet provides an overview of PCI DSS and what you need to know about this regulation. It's not a law. Unlike data security laws that are created by legislators, PCI DSS is a worldwide regulation crafted by the PCI Security Standards Council, which is an open, global forum founded by: American Express, Discover, JCB... [Read More]
by RSS UnAttributed  |  Jan 15, 2014  |  Filed in: Security 101
You get a message in your inbox that appears to be from the popular online retailer Amazon.com, claiming that there was an error with your recent order. All you have to do is confirm who you are with login credentials or a credit card number, and they will be sure to address the glitch and reroute your package as soon as possible. The message looks convincing - yet don't really remember ordering anything on Amazon in the recent past. Or did you? Image courtesy of Richard Henderson In reality, the e-mail is not from Amazon - or any other... [Read More]
by RSS Stefanie Hoffman  |  Dec 04, 2013  |  Filed in: Security 101
VPN - for organizations with a remote and traveling workforce, it's a necessary feature of network security. Almost everyone who has logged into their organization's network from outside the corporate firewall has likely had to navigate a VPN connection in order to access sensitive corporate data and send private communications. With an expanding mobile and traveling workforce, it's not about to disappear any time soon. But what exactly is VPN? And why is it a critical component of security architecture? At a high level, a Virtual Private Network,... [Read More]
by RSS Stefanie Hoffman  |  Nov 26, 2013  |  Filed in: Security 101
A psychologist might tell you that the way a child plays in the sandbox is a reflection of how they will act in their adult life. The same is true for malicious software, though we aren't speaking about the same sandbox. There is a growing concern among security professionals about advanced persistent threats (APTs). The problem is not new, but it is of growing importance. Now, more than ever, highly targeted attacks (often specifically crafted to beat traditional defenses) pose a significant risk to enterprise level organizations. Despite advances... [Read More]
by RSS David Finger  |  Nov 19, 2013  |  Filed in: Security 101
Intrusion prevention system, or IPS, is like the secret ingredient in a favorite recipe -- it is rarely consumed by itself, but most security suites and Unified Threat Management devices wouldn't be considered complete without it. In fact, it's often taken for granted. IPS is a vital component of any comprehensive security solution and a necessary part of a compliance-driven environment. And while it is one of the most traditional security solutions on the market, its features continue to evolve to tackle a maelstrom of modern attacks. Essentially... [Read More]
by RSS Stefanie Hoffman  |  Nov 13, 2013  |  Filed in: Security 101
The debate on the merits and benefits of certifications has been long and varied. It's true that certifications differentiate IT professionals and make them more attractive to employers. But why? And what exactly do they entail? First, at a high level, professional IT certifications are awards that signify a level of expertise or achievement of qualifications as stipulated by a certifying authority. Among other things, the certification indicates things like completion of coursework, professional achievement or specific knowledge acquired in a... [Read More]
by RSS Stefanie Hoffman  |  Nov 06, 2013  |  Filed in: Security 101
In nature, predators on the hunt for food often wait by small ponds and marshes for their prey. The reason? Animals of all kinds will inevitably flock to a watering hole out of necessity in order to survive - including vulnerable prey. When that occurs, the predator only has to pounce in order to fulfill its objectives. Wikimedia Commons In short, the watering hole removes the challenge of finding and chasing an elusive target. The same concept applies to watering hole attacks. As the name suggests, watering hole attacks occur when an attacker... [Read More]
by RSS Stefanie Hoffman  |  Oct 23, 2013  |  Filed in: Security 101
Preventing an organization's most valuable and critical information from walking out the door is one of the biggest challenges facing IT and security administrators. It's also a pain point that routinely keeps them up at night. Perhaps most of the time, data loss is unintentional, attributed to employees that unknowingly violate security policy or attempt to get around e-mail based security solutions by using a personal Web-based e-mail, IM or online file sharing application to transmit sensitive documents. That said, the consequences of lost... [Read More]
by RSS Stefanie Hoffman  |  Oct 09, 2013  |  Filed in: Security 101
In light of new and sophisticated network security technology that stretches from Next Generation Firewalls to Unified Threat Management devices, the blogosphere has turned its attention to the importance and relevancy of an age old technology: the firewall. Opinions undoubtedly run the gamut, with not just a few concluding that firewalls in general are within throwing range of obsolescence. In actuality, nothing could be further from the truth. Firewalls, like anti-virus and spam filters, are esteemed as a cornerstone of any security arsenal -... [Read More]
by RSS Stefanie Hoffman  |  Oct 02, 2013  |  Filed in: Security 101
Gone are the days when Application Control was considered a luxury. Or even a kind of security value-add. In fact, it's safe to say, that for any business with an Internet connection the ability to secure and manage applications is not only a necessity but an inherent component of IT infrastructure. That said, Application Control has come a long ways since its inception. And it's had to. Its rapid evolution is driven, in part, by the fact that security solutions for other components in the network have already reached their stride. Many firewalls,... [Read More]
by RSS Stefanie Hoffman  |  Sep 25, 2013  |  Filed in: Security 101