Mar 30
Friday, March 30th, 2007
It depends; there are no easy answers to this. There are a number of initiatives that a company should undertake, including disaster recovery, business continuity planning, Sarbanes-Oxley (SOX) compliance and data security these are all exercises that force you to examine your data. The retention of data is based on the value of the data to the company and related legal implications or compliance requirements. Many companies are spending a lot of money on these exercises, and it would be wise to add the consideration of retention to any data management initiative.
Read more…
Posted in News | No Comments »
Mar 30
Friday, March 30th, 2007
A new security vulnerability puts Windows users at risk of serious cyberattacks, Microsoft warned late Wednesday. The vulnerability affects all recent Windows versions, including Vista, which Microsoft has promoted heavily for its security. The operating system software is flawed in the way it handles animated cursors, Microsoft said in a security advisory. An attacker could exploit the vulnerability through a Web page or e-mail message with rigged computer code, Microsoft said. “Upon viewing a Web page, previewing or reading a specially crafted message, or opening a specially crafted e-mail attachment, the attacker could cause the affected system to execute code,” Microsoft said in its advisory.
Read more…
Posted in News | No Comments »
Mar 30
Friday, March 30th, 2007
Irish Life Investment Managers (ILIM), which makes IT applications for the finance industry, is to develop future products that integrate under a service orientated architecture (SOA) following calls from customers for greater interoperability. An SOA takes the discrete business functions contained in enterprise applications, such as validating a trade against a live market feed, and organises them into interoperable, standards-based services that can be combined and reused with other applications and processes.
Read more…
Posted in News | No Comments »
Mar 30
Friday, March 30th, 2007
Businesses understandably put a great emphasis on having a robust and secure network but are they doing everything they can to manage it effectively with those goals in mind? It seems incredible to think companies could fail to protect themselves against some of the biggest threats on their network, yet in such a complex environment the pitfalls are all too plentiful. While most IT departments are well aware of the risks posed by malicious code and spam, less well-publicised threats and practices are still finding room to grow and prosper on many a corporate network.
Read more…
Posted in News | No Comments »
Mar 30
Friday, March 30th, 2007
During the last couple of months a lot has been said about Cross-site request forgeries and how to prevent them. Before presenting my approach of dealing with this type of attacks, let’s have a look on what Cross-site request forgeries are, for one more time. As I have discussed in the past, CSRF vulnerabilities occur on applications which allow every request that has a valid session identifier to be processed by the application business logic. This is bad for a number of reasons. More details see the URL : www.gnucitizen.org/blog/preventing-csrf
Read more…
Posted in News | No Comments »