admini – Page 160 – CyberSecurity Institute

PGP Releases Bre-Boot Data Encryption For Mac OS X

Posted on June 10, 2008December 30, 2021 by admini

“We try to be sensitive to that and make sure the machine is still usable while you’re encrypting,” said John Dasher, director of product management at PGP.

The encryption solution comes at a time when Macs are becoming more ubiquitous in the enterprise environment. With the success of the iPhone and iPod, more and more businesses are incorporating Macs into their network environments, experts say.

A March Forrester Research study reported that the enterprise adoption of Macs tripled to 4.2 percent last year, while a Yankee Group survey found that 87 percent of companies now have at least some Macs in their offices — a statistic which has risen 48 percent from two years ago.

Execs tout the product as the the only one on the market that can accommodate an integrated environment for both Windows and OS X. Looking at the broader picture, Dasher said that the data encryption solution addresses the growing need for enterprises to protect critical data, which has become increasingly mobile, and as a result, increasingly vulnerable to loss.

It also comes at a time when companies are required to implement beefed up security to protect intellectual property and corporate brand quality, as well as sensitive customer information.

http://www.crn.com/security/208402993

Gartner Details Real-Time ‘Adaptive’ Security Infrastructure

Posted on June 4, 2008December 30, 2021 by admini

“We can’t control everything [in the network] anymore,” MacDonald says.

Among the key features of an adaptive security infrastructure are security platforms that share and correlate information rather than point solutions, so the heuristics system could communicate its suspicions to the firewall, for example. “Then the firewall could block the IP address” while the signature-based scanner could create a new signature for the threat, MacDonald says.

Other features would be finer-grained controls, automation (in addition to human intervention), on-demand security services, security as a service, and integration of security and management data.

A major change with this model of real-time, adaptive security is shifting authorization management and policy to an on-demand service that contains details and policy enforcement that matches compliance and can adapt to the user’s situation when he or she is trying to access an application, for instance.

MacDonald admits that the reality of an adaptive security infrastructure seems futuristic and faces plenty of challenges in adoption, but there are some of the building blocks available today, such as virtualization, authorization management, and deep packet inspection, for example.

Among the trends driving this vision is the increase in targeted attacks, as well as what Gartner sees as an explosion in the number of perimeters given mobile users, network guests, and business partners, for instance.

http://www.darkreading.com/document.asp?doc_id=155538&f_src=darkreading_section_296

Secure remote access for Apple iPhone from Check Point

Posted on June 4, 2008December 30, 2021 by admini

Check Point VPN-1 supports the L2TP client embedded in all current and future iPhone versions, giving customers immediate IPsec VPN access to corporate servers.

http://www.net-security.org/secworld.php?id=6182

New Payment Card Industry compliance solution

Posted on June 4, 2008December 30, 2021 by admini

Key SecureTrack Benefits for PCI-DSS Compliance: Continuous change tracking and analysis – ensuring all aspects of network and data security is inherent to the PCI standard.
Powerful security policy simulation and risk analysis – policy simulation is a key part of the PCI requirement to test security systems and processes regularly.
With SecureTrack’s Policy Analysis, managers can identify potential threats to cardholder data security and eliminate them before any damage can occur.
Periodic Auditing and Reports – intuitive, packaged reports for PCI-DSS compliance can be quickly customized to meet the specific requirements of every organization.

http://www.net-security.org/secworld.php?id=6186

New Google Service Helps Infected Websites Clean Up

Posted on June 3, 2008December 30, 2021 by admini

“Attackers often use sophisticated obfuscation techniques or inject malicious payloads only under certain conditions,” Provos wrote in the Google security blog.

This new resource should help website owners in cleaning and securing their sites faster, which will help protect even more internet users,” Stopbadware.org’s Erica George wrote in the organization’s blog yesterday.

Provos says the diagnostics page provides the current listing status of a site, as well as whether the site or some of its pages had been listed by Google in the past as dangerous.

http://www.darkreading.com/document.asp?doc_id=154607&f_src=darkreading_section_296

Apple releases Mac OS X security guide

Posted on June 3, 2008December 30, 2021 by admini

The manual includes an overview of the Mac OS X’s security architecture and advice on hardening the operating system against external attackers as well as locking down the system to protect against unauthorized access by people with physical access to the system.

“Certain instructions in the guides are complex, and deviation could result in serious adverse effects on the computer and its security,” Apple said in an introduction to the Security Configuration Guides.

http://www.securityfocus.com/brief/747?ref=rss