Password Salting may be Effective, but is it Healthy?
Much of IT security revolves around the question of how much you believe users can think for themselves. Password salting is a solution likely to appeal to those who think users are unreliable, careless or otherwise unable to behave correctly when it comes to the proper use of passwords. Yet the brain is a muscle […]
Four Fatal Flaws in IT Security Flagged at Black Hat Europe 2015
IT security flaws are now myriad, but these four stuck out like sore thumbs at the recent Black Hat Europe 2015 conference on security. Their distinguishing feature for the most part was the massive scale on which hacking could be perpetrated, either because of the number or the size of the systems affected.
Employees are Still Unaware of the Need for Information Security
“Careless talk costs lives” was one of the slogans on posters displayed during the Second World War. It was a warning to people to avoid discussing confidential matters in public places, where spies could eavesdrop on vital secrets. Many people also know the saying “wall have ears”. Yet in enterprises and other organizations, too few […]
Auditing Security in New Virtualized IT Environments
In the old days, there was a physical cable running from A to B. One server ran just one application. Auditors could see the boundaries and could assess IT security accordingly. But today, matters have changed considerably. The virtualisation of X applications over Y servers, and the use of the cloud make it impossible to […]
Why You Should Keep Doing IT Penetration Testing
If the business and IT environment fluctuates so much, why then is it still important to do penetration testing?
Data Loss Prevention and the Insider Twist to IT Security
For many people, IT security is about keeping the bad guys out of the data centre by using firewalls to control external access and anti-malware programs to prevent hackers from infecting servers. That is only half the picture however. The threat that has also been growing comes from people already within the security perimeter of […]