Security News Curated from across the world
“Traditional firewall technologies can complicate several aspects of VoIP, most notably dynamic port trafficking and Network Address Translation (NAT) transversal,” says Victoria Fodale, In-Stat analyst.
“Security product vendors are adding functions that address voice applications in their products, but, as history has shown, security typically lags behind advances in technology.”
http://www.ebcvg.com/articles.php?id=876
Although most mobile operators have software in their networks to stop virus propagating, the protection must be focused on the end client to avoid propagation between two mobile devices.
“Handset to handset is a good way to deliver a virus,” said Richard Hales, UK manager for F-Secure.
For now, viruses for mobile devices can spread via Bluetooth or via multimedia messaging and most of them target the Symbian operating system which is by default installed on smart-phones.
http://www.ebcvg.com/articles.php?id=868
Such security applications are designed to cut costs and simplify management by integrating various functions into a single unit, but can be limited by their throughput.
The VPNs are clientless, eliminating the need for remote users to install software, and administrators can require users to go through a security check before they connect, ensuring they’ve got up-to-date antivirus software installed.
Filtering, designed to keep employees from viewing the wrong sort of material, is based on both URL lists and a technology called Dynamic Document Review (DDR), which lets administrators define blacklists of words and word relationships.
Users of existing 5400-series and 4400-series models can get the new features with an upgrade to Gateway Security v3.0 software, and users with active maintenance contracts get the upgrade for free.
http://www.xatrix.org/article4072.html
The Islandia, N.Y.-based company that SAML 2.0 support is available for eTrust SiteMinder, its Web access management solution.
CA said the federation platform would allow companies to share identity information on the Web, with secure and controlled automation. The access management support eliminates the need to re-authenticate at each site. The scalable system is designed to allow customers to federate as identity providers or as service providers with multiple partners. It provides a standardized means for exchanging user authentication, entitlement and attribution both internally and externally.
SAML is an XML-based framework developed by OASIS Security Services Technical Committee. It has an adaptable architecture and can easily be extended to partner organizations.
http://www.techweb.com/wire/security/170102622
Police now believe that the company’s 26-year-old head of data security in Helsinki stole banking software from the company along with passwords for its bank account. Accomplices then accessed the account from a laptop computer using an unprotected network at a nearby apartment building in Helsinki’s Kallio district. Suspicion initially fell on the owner of the Wi-Fi network until police searched his apartment and determined he was not involved. They then deduced from the laptop’s MAC address that it belonged to GE Money, and fingers started to point toward the bank’s security officer.
“After a while there were too many leads pointing against him, and after we found the laptop, that was it,” said Jukkapekka Risu, investigating officer for the Helsinki police.
The case was picked up by television news programs in Finland and caused something of a buzz. It also prompted the Finnish Communications Regulatory Authority to remind citizens this week about the dangers of not securing their wireless networks. Wi-Fi is starting to become popular in Finland, particularly among home users. The agency advised people to employ at least the standard WEP (Wired Equivalent Privacy) encryption.
http://www.pcadvisor.co.uk/index.cfm?go=news.view&news=4986
As a result companies are adopting a more strategic approach as they recognise that contingency to guarantee a robust and reliable IT infrastructure is critical. This is because they have neglected to make long-term plans which take into account the speed at which technology develops and changing market forces. Businesses are finding themselves locked into vendor relationships that fail to offer cost-efficient solutions for the long-term management of escalating volumes of data.
It is important to recognise that an effective managed business function is achieved through assessment, planning, execution and evolution. Through the adoption of a long-term strategy and the effective forward planning of data management, an enterprise can make more efficient use of existing capacity and have greater control over the movement and location of data.
For example, as it’s been estimated that approximately 65% of online data is rarely accessed, businesses should look to free up online resources for more core business applications.
The effective management and control of a comprehensive back-up solution is critical to minimising business risk, but companies are failing to make thorough disaster recovery plans or are adopting inefficient processes. It is vital in the current corporate environment, to ensure that a partner has a reliable support infrastructure, suitably skilled personnel and can guarantee levels of service. Failure to meet any of these critical elements will threaten the success of a managed services approach.
As standards become more defined and universally accepted, the rush to storage attached to the network is bound to accelerate.
http://www.ebcvg.com/articles.php?id=865