This makes interesting reading – it’s a report, sponsored by those good people at Imperva, about password worst practices. It’s got some sage advice too, for anyone who wants to know how to get a bit better at setting passwords. Her’s the top 10 – personally I’m surprised that swear words don’t figure, but that’s [...]
Filed under: Mindlessness, Security | Leave a Comment »
(This talk was originally given at a CBR dinner club event in October 2009) It shouldn’t come as a surprise to anybody, to know that mobility does bring with it a business advantage. Last time was asked that question a couple of years ago, two thirds of companies of all sizes consistently said ‘yes’ – [...]
Filed under: Security | 1 Comment »
All new innovations in IT are a double edged sword – with the benefits come challenges and unintended consequences. Not least server virtualisation, which does have a number of security advantages over running software directly on servers. While it’s worth considering these, it’s also worth weighing them up against the challenges, particularly given the relative [...]
Filed under: Risk Management, Security, Systems, Virtualisation | Leave a Comment »
Just got an email through from those nice folks at RSA Conference Europe. Here’s the skinny: Session Track: Business of Security Session ID: BUS-207 Scheduled Date: Tuesday 28th October Scheduled Time: 16:05 – 17:05 hrs Session Title: Software and Security as a Service: the risks and the rewards Session Classification: Strategic Session Abstract: There is [...]
Filed under: NFIT, Security | Tagged: NFIT | Leave a Comment »
I was recently asked for some examples of events I have spoken at, so for the record this is what I’ve participated in so for this year: Taking back control of IT, Webinar, 28 February 2008 (video stream – registration required) Improving business productivity through effective content management, Webinar, 4 March 2008 (video stream – [...]
Filed under: Governance, Information Management, NFIT, Security, Virtual Worlds | Leave a Comment »
A while back, I remember seeing a sketch by Eddie Izzard. The detail eludes me but roughly speaking it covered the cyclic nature of being cool. One could progress from totally uncool, to slightly cool, to cool, to – put one matchstick in the corner of the mouth – very cool, to – put another [...]
Filed under: AnalystBiz, NFIT, Security | 5 Comments »
Like many people I suspect, I have struggled to get my head round identity management. This is less to do, I suspect, with the nature of the thing itself (great intro here, and I’d recommend Neil M’s reports on the subject), and more with the fact that there’s so much going on, in so many [...]
Filed under: Identity Management, Risk Management, Security | 1 Comment »
It’s now six weeks since RSA Europe, when I made a diary note to take a deeper look at the SAFECode forum. SAFECode stands for the Software Assurance Forum for Excellence in Code – we can be profoundly grateful that the founders didn’t try to expand out the entire acronym. It also stands for “increasing [...]
Filed under: Security | Leave a Comment »
I was fortunate enough to attend the IT Security Analyst Forum a few weeks ago, where I was one of many analysts meeting with a number of security vendors. A a kindly gentleman was there recording the proceedings, and I just came across the videoed results – isn’t the Web marvelous? Anyway, if you’d like to [...]
Filed under: Curricular, Security | 4 Comments »
In a break with tradition, I’m going to write about a specific company in this one, or at least a specific series of conversations. I’ve been talking quite a lot to the guys at Tier-3, a company specialising in software that can look for anomalies in how IT is being used. While there are many [...]
Filed under: Risk Management, Security | 1 Comment »
