Security
The Astaro Security Gateway is a product we have been using for a few years with various clients as a UTM (Unified Threat Management) device. It offers a number of features that they require, including network security, email security, and web surfing security.
This week, the Washingon Post reported a fascinating story on how “organized cyber-gangs in Eastern Europe are increasingly preying on small and mid-size companies in the United States.” They appear to be targeting small businesses for the simple reason that they are easier nuts to crack than large financial institutions.
We sometimes get support requests from frustrated clients who are in some way prevented from accomplishing a task because of system security policies. Unfortunately, they sometimes think that we have done this deliberately to make their job difficult. One of my jobs as a security professional is to explain to my clients just what security […]
I frequently hear security professionals and pundits proclaim that such and such a technology “is dead.” Lately, I’ve heard that “antivirus is dead,” “Intrusion Prevention Systems (IPS) are dead.” A while back it was “firewalls are dead,” and “SSL is dead.” People who utter phrases like this are doing a disservice to the security community.
Electronic greetings cards are a fad that, sadly, has not yet passed and is still quite popular. These things are bad for several reasons, which I’ll outline in today’s post.
“Unified Threat Management” is a buzzphrase (that is, a few buzzwords strung together) heard a lot in networking and network security. Essentially, this is something (usually a device) which combines several network security services, including email filtering, web content filtering, firewalling, intrusion detection/prevention, and others. A UTM device can provide other services as well, such […]
“Defense in Depth.” This is a fundamental principle of information security. Essentially it means that you add layers of security so you don’t rely on a single point of failure in your security model. For instance, if you have a hardware firewall for your network, you also run a software firewall on your desktop computers. […]
Note: While some of the content in this post is dated and no longer applicable, the principles and techniques remain valid as of late 2014. If you’ve read my previous post on why administrative rights over your computer are a bad thing and you are motivated to do something about it, you might ask “just […]
One of the absolutely most effective ways to shield yourself from viruses and spyware is to not log on to your computer as an administrator. As soon as I say this, I usually encounter some resistance, because users think that giving up admin rights equates to giving up power. In a way, you are, but […]
Last week, I posted an article explaining why security is everyone’s concern. Today I came across another article which underscores this. The Zeus botnet apparently self-destructed last month, effectively rendering 100,000 computers across the Internet non-functional.