Security News Curated from across the world
Ultimately, security is everybody’s business, and only with everyone’s cooperation and consistent practices will it be achievable. Wireless security is a work in progress, so it is essential to administer a wireless network so that it becomes more and more secure. And with more organizations focusing strongly on wireless security, we can only expect to see many more secured wireless networks in the future.
http://www.onlamp.com/pub/a/security/2006/03/30/what-is-wireless-security.html
“We have to follow standards and listen to news groups. Adding encryption to prevent outsiders listening into conversations can also degrade performance.
“Providing QoS to use limited bandwidth but still encrypt data limits the ability to analyse what application is running, or decide what QoS should apply, ” said Gilad Brand, director of product management at VoIP gateway specialist Jungo.
SIP is an open standard that should help to address the security versus performance issue, but vendors’ implementations of the technology differ, so interoperability and uniform feature sets are not assured in the short term, said Slaby.
http://www.vnunet.com/2152383
It is for this reason that a choice between implementing network security in the middle of the network — in the cloud — or at the endpoints is a false dichotomy. An organization had no choice but to put its firewalls, IDSs and anti-virus software inside its own network. Security would be vastly improved if the major carriers implemented cloud-based solutions, but they’re no substitute for traditional firewalls, IDSs and IPSs.
http://www.computerworld.com.au/index.php/id;1786107200;fp;16;fpid;0
In the Stress of Security report, it was found that more than two-thirds of European IT managers leave the responsibility of managing what happens to a corporate laptop when it is out of the office in the hands of the employee.
As hackers become more ingenious in the ways they lure users into giving confidential information or downloading viruses and malware, ‘trusting’ remote workers not to misuse a corporate laptop — whether intentionally or not — is no longer an option, especially in an era when the number of mobile workers is set to rise significantly. As in the corporate environment, the most effective way of preventing remote workers from compromising the corporate IT networks with an infected laptop is to put in place safeguards that stop them visiting malicious websites, giving information away to fraudsters or downloading applications that infect the IT network and corrupt data files.
To be truly effective both inside and outside the office, an organisation’s employee Internet management policy needs to consider mobile security as much as the safety of fixed assets. New remote filtering applications can, for the first time, extend the same web filtering capabilities used in the corporate LAN to the laptop user.
Remote filtering removes the headache for IT administrators of worrying about what sites are secure or not. Once the remote filtering application is installed on a laptop, it ensures that every time a request is made to visit a website, a second request is sent back to the corporate system to determine if access is allowed.
Everyone understands laptops pose a problem but until now there has not been a suitable technology solution available to use that did not deplete bandwidth or slow down the network.
http://www.it-observer.com/articles/1060/remote_filtering_delivers_protection_field/
Best practices should include:
– Host-based protection.
– Real-time prevention decisions.
– Defense in depth.
– Real-time correlation.
– Behavioral approach.
– Flexibility.
– Ease of deployment.
– Centralized event management.
– Platform coverage.
– Administration.
http://www.cioupdate.com/article.php/3582536
VBroadcom and Marvell have already announced that they will start producing ‘draft-compliant’ chipsets, but Gartner labelled these claims as “misleading” and “premature”.
The analyst firm believes that the technology is likely to be changed before a final standard is approved, and that additional testing will be required to ensure compatibility with existing Wi-Fi standards.
http://www.vnunet.com/vnunet/news/2149265/gartner-pleads-restraint-802