Feeds

Articles about Security Management

Red Hat Shadowman logo

Red Hat plans unified security management for Fedora 21

Red Hat is planning a significant change to how its Fedora Linux distribution handles crypto policy, to ship with the due-in-late-2014 Fedora 21 release. In this wiki post, the Fedora Project outlines what it calls “system-wide crypto policy”. The idea is that Fedora would provide consistent security for all applications running …
Job cuts jpeg

Layoffs at EMC's RSA security division

RSA, the security division of EMC, has confirmed plans to restructure its business, a move than means an unspecified number of long-term staffers will be shown the door. Details are scarce, for now, but RSA said that it plans to make new hires that will more than offset job losses by start of 2014. It wrote in an email: While …
John Leyden, 20 Sep 2013
The Register breaking news

BT links with Huawei raise national security concerns, say MPs

Chinese telecoms giant Huawei has dismissed claims that its technology, which is used by BT, is a threat to the UK's national security. The company was forced to defend itself today, after a parliamentary security and intelligence committee report attacked the civil service for failing to inform ministers of BT and Huawei's …
Kelly Fiveash, 06 Jun 2013

Extreme Networks adds OpenDaylight to SDN suite

Extreme Networks has followed up its brand-new membership of the OpenDaylight Foundation (ODL) with an ODL-based OpenStack software defined networking (SDN) platform. The company had, two years ago, hitched its wagon to the Open Networking Foundation (ONF). It now explains its new focus on ODL on the basis that OpenDaylight- …
The Register breaking news

Microsoft rejigs enterprise end point security management

Microsoft has decided to drop a standalone anti-malware management product in order to concentrate on server-based security and management software and hosted services. The management component of Stirling, the already delayed next generation of the Microsoft Forefront Protection Suite for end points (business PC anti-virus), …
John Leyden, 21 Apr 2010
Network Security

The Death of the Corporate Network Perimeter

In a recent survey over 400 Reg Readers you gave us the inside track on the current state of corporate networks and their ability to handle changing work patterns. In particular, you make the case that your networks are ill prepared to tackle the increasing diversity and sophistication of security threats. As you see it, the …
Tony Lock, 06 Jun 2014
The Register breaking news

Putting the SaaS into security management

In all areas of business, security and privacy are built on good policy, properly applied. If you think moving to hosted services or software as a service (SaaS) changes this, then think again. While some aspects of security may be simplified, the cloud raises challenges in other areas. From the perspective of systems …
Tony Lock, 22 Dec 2010
The Register breaking news

Using systems management tools in IT security

Every IT professional recognises the importance of securing the IT systems that are now at the heart of many business processes. This recognition goes beyond simple deployment of security technologies. As Register readers have told us, drivers such as compliance with regulatory pressures, minimising financial risks, securing …
Tony Lock, 11 May 2010
NICT's Daedelus security scanner

Controlling Application Access

Key Points The pressure is growing on the corporate network and the systems it supports. When asked about their network and application access infrastructure in a recent research study, the 404 respondents who participated highlighted a range of escalating pressures. Organisations of all sizes are seeing greater demands as a …
Dale Vile, 06 Jun 2014
The Register breaking news

EMC slides Archer Technologies into security quiver

Storage behemoth EMC started down the 2010 acquisition trail on Monday by announcing an agreement to purchase Archer Technologies, a privately-held maker of IT governance, risk management, and compliance software. The vendor did not disclose the acquisition's price tag, but said the transaction is not expected to have a material …
Austin Modine, 04 Jan 2010

They've taken my storage hostage ... now what?

There's an encrypting ransomware Trojan making the rounds called Cryptolocker. I will save the details on my battle with this beastie for later*, but suffice it to say that if this encrypts your stuff you are done. There is no getting your data back unless you have backups or pay the ransom. Let's set aside the ultra-well …
Trevor Pott, 24 Oct 2013
The Register breaking news

Phone, internet corps SNUB US government's cybersecurity ABCs

Phone companies and ISPs in the US have convinced a top advisory panel to hold back the American government from forcing a set of basic IT cybersecurity standards on them. The Federal Communications Commission (FCC) set up a group of experts to figure out if the communications industry should be forced to adapt 20 "critical …

UK discovers Huawei UK staff auditing Huawei kit: Govt orders probe

Huawei will be probed by a top Whitehall official after the Chinese tech giant's staff in Oxfordshire were given the job of auditing Huawei's telecoms gear for Blighty's communications networks. The review was ordered following the publication of a report by an influential committee of MPs which warned of a conflict of interest …
John Leyden, 19 Jul 2013
arrow pointing up

Microsoft accuses Google of misleading feds over app security

Microsoft has accused Google of making "misleading security claims" to the US government, as the two companies continue to spar over the use of their respective online application suites among government agencies. With a recent lawsuit, various public statements, and posts to its website, Google has said that its Google Apps for …
Cade Metz, 11 Apr 2011
The Register breaking news

Cloudy admin? Here's how to ward off Call of Duty-playing teens

Palo Alto Network has gone virtual with the latest version of its next-generation firewall, the VM-Series. The tech, launched last week, is designed to protect virtual and cloud environments and comes as part of a wider industry push to market virtual security appliances. Analysts Infonetics Research says the booming market for …
John Leyden, 20 Nov 2012
The Register breaking news

Latest Java patch is not enough, warns US gov: Axe plugins NOW

Security experts advise users to not run Java in their web browsers despite a patch from Oracle that mitigates a widely exploited security vulnerability. The database giant issued an emergency out-of-band patch on Sunday, but despite this the US Department of Homeland Security continues to warn citizens to disable Java plugins …
John Leyden, 15 Jan 2013
server room

Patch Management: Should it even exist?

From the outside in, it’s easy to question the need for software patching. “Surely,” some might ask, “If software was written properly we wouldn’t need the IT department to spend time patching it?” The even more cynical might suggest that the whole thing is a money-making ruse – without the need for patching, we wouldn't have …
Martin Atherton, 30 Mar 2010
Screenshot of Windows 8.1's revamped Start screen

Microsoft lobs second Windows 8.1 preview at enterprise IT admins

Having already teased some of the consumer and small business features of Windows 8.1 with a preview release in June, Microsoft on Tuesday announced a second preview, this one with new features targeting larger IT departments. "Windows 8.1 Enterprise Preview builds on the Window 8.1 Preview which is currently available, adding …
Neil McAllister, 30 Jul 2013

EMC drops secret cash wad on Canadian software firm

EMC is on the acquisition trail again, if it ever really stepped off it. The latest target was Watch4net, a Montreal-based supplier of performance management software for undisclosed wads of cash. Watch4net is privately owned and was founded in 2000, with offices in Montreal, London, England, Munich and Toronto. Its software …
Chris Mellor, 01 Jun 2012

Office 365 hard enough to penetrate US government

Microsoft’s cloud productivity pack Office 365 has won an important certification from the US government, by ticking off all the to-do’s on the list to comply with the Federal Information Security Management Act (FISMA). FISMA requires US government agencies to develop and maintain security controls, the better to protect the …
Simon Sharwood, 11 May 2012
The Register breaking news

RIM: BlackBerry sales to US gov still on the rise

The White House and American government departments are still buying BlackBerrys, RIM's senior VP of security told Bloomberg, claiming that RIM had increased its share in the federal contract market. RIM's BlackBerry, one of few handsets to be security-approved by the Feds, is the top seller in US federal markets, said Scott …
Anna Leach, 10 Apr 2012
The Register breaking news

eBay: It's safe to buy busted lava lamps and bug-infested rugs again

eBay has resolved a cross-site scripting bug on its website that independent experts warned posed a significant risk of fraud to users of the auction site. The XSS flaw meant that, once logged into a seller account on eBay, an attacker could insert an XSS exploit code into a listing of an item for sale. The XSS security flaw on …
John Leyden, 22 Nov 2012
The Register breaking news

Brit upstart flogs cloudy SaaS to clipboard-waving bods

UK-based startup SureCloud is flogging a cloud-based auditing and compliance platform at mid-market businesses with high info-security standards. SureCloud’s Unified Compliance Platform pulls together component elements such as vulnerability scanning, SIEM (security information & event management), wireless intrusion detection ( …
John Leyden, 24 Apr 2012
The Register breaking news

Amazon, eBay, banks snub anti-fraud DNS tech, sniff securo bods

Despite the best attempts of security vendors, neither online stores nor the financial industry seem particularly keen to adopt DNSSEC tech - an anti-fraud mechanism that makes it difficult for fraudsters to spoof legitimate websites. DNSSEC (DNS Security Extensions) uses public-key encryption and authentication to guard against …
John Leyden, 18 Feb 2013
The Register breaking news

Symantec to extend security management portfolio

ComputerWire: IT Industry Intelligence Having released the first stage in its security management software strategy last month, Symantec Corp's president and COO, John Shwarz, has been talking to ComputerWire about the Cupertino, California-based company's plans to expand its management strategy. The first stage in the plan …
ComputerWire, 05 Nov 2002
graph up

LogicaCMG clinches ESA satellite security deal

LogicaCMG is sniffing out subcontractors to help it service a €20m contract to develop a security management system for the European Space Agency’s Galileo satellite navigation system. The services vendor has secured three contracts covering: the Public Regulated Services Key Management Facility; the Mission key Management …
Team Register, 08 May 2006
cloud

Rivals dismiss MS Forefront security push

Microsoft released the final version of Forefront Client Security, its anti-malware software for enterprises, to manufacture on Wednesday. Security rivals were quick to suggest that the software will prove little better than the company's consumer anti-virus software, which performed disappointingly in independent tests earlier …
John Leyden, 03 May 2007
graph up

Security salaries hold up during economic gloom

Information security salaries are holding up well during the economic downturn but capital spending projects are feeling the axe, according to a pair of surveys from training organisation (ISC)2 and specialist recruitment consultant ISS. The survey of more than 600 respondents, contractors and permanent employees based in the UK …
John Leyden, 29 Apr 2009
The Register breaking news

Malware-flingers can pwn your mobile with OVER-THE-AIR updates

Vulnerabilities in the baseband processors of a wide range of mobile phones may allow attackers to inject malicious code, monitor calls, and extract confidential data stored on the device, according to recent research from mobile security experts. However, according to El Reg's mobile correspondent, Bill Ray, this would be …
John Leyden, 07 Mar 2013
globalisation

IT bosses: directors don't take security seriously

Most IT managers believe that while their board-level superiors pay lip service to compliance and security, they don't really take it seriously, according to a survey carried out for software developer NetIQ. The survey also revealed that 51 percent of the 218 UK companies queried still do not have the processes and procedures …
Bryan Betts, 13 Aug 2007
For Sale sign detail

WildPackets adds inTechnology to keep an eye on things

Network and application performance management system vendor WildPackets has announced inTechnology Distribution as distributor for the Australian market. The appointment adds the WatchPoint and OmniPeek software to inTechnology’s software offerings. The 11-year-old distributor describes itself as specialising in security, …
The Register breaking news

Dell splashes cash on SonicWall's powerful firewall erections

John Swainson, president of Dell Software, took control of the giant's nascent software business last week and has moved fast, using the Dell checkbook to snap up SonicWall – a firewall and threat-management software and appliance maker – for an undisclosed sum. SonicWall, which was founded in 1991 by brothers Sreekanth and …
arrow pointing up

EMC VSPEX storage torpedo could sink FlexPods

The consensus among storage insiders is that NetApp and Cisco's FlexPods are in EMC's sights with its coming VSPEX validated bundle of bits. El Reg storage desk thinks the thing may be FlexPod-like. So rather than being a "product" like the VCE Vblock, VSPEX may be an architectural template or reference document specifying a …
Chris Mellor, 10 Apr 2012
The Register breaking news

EMC buys NetWitness after its impressive hack smackdown

EMC has announced its acquisition of network security monitoring and analysis platform outfit NetWitness. Financial terms of the deal, announced Monday, were undisclosed. NetWitness helped EMC's RSA division in the aftermath of the latter's high profile hack last month. Post acquisition, NetWitness will become a core component …
John Leyden, 05 Apr 2011
Office 365 Portal

Microsoft offers Office 365 build tailored for government

Redmond has released a new build of its Office 365 cloudy productivity suite that's been specially hardened and certified for government use. "Office 365 for Government is a new multi-tenant service that stores US government data in a segregated community cloud," blogged Kirk Koenigsbauer, VP of Microsoft's Office division. " …
Iain Thomson, 31 May 2012
The Register breaking news

Google finally wins DoI cloud apps contract

Google has snatched victory from the jaws of defeat by winning the US Department of the Interior (DoI) contract for its Apps for Government platform, after Microsoft had snaffled the original deal. "We’re honored that the Department of the Interior has selected Google Apps for Government, and we look forward to working closely …
Iain Thomson, 02 May 2012
The Register breaking news

Scores of US federal agencies still open to 2008 cache attack

US federal agencies are still struggling to roll out mandated technology that would make it much harder for attackers to spoof their websites. The Federal Information Security Management Act set a December 2010 deadline to deploy DNSSEC, or DNS Security Extensions, on federal domains. However a survey by Domain Name System …
John Leyden, 23 Mar 2012
The Register breaking news

BlackBerry squeezes MS on security, management, and control

Mobile email is a hot topic on enterprise agendas at the moment, with many already investing in this area or planning to invest, as we have previously seen. While there are numerous options open as organisations look to implement and/or scale up their installations, there are some obvious choices to make. One of these, …
Dale Vile, 22 Jun 2007
The Register breaking news

McAfee head vanishes, replaced by two more

McAfee has decided that it needs two presidents – namely Michael DeCesare and Todd Gebhert – to replace David DeWalt, who is quitting the firm. The Intel-owned vendor said it is creating an office of the president for the duo, who will report to Renee James, senior veep and GM at Chipzilla and chairman of McAfee. In a blurb …
Paul Kunert, 12 Jul 2011
The Register breaking news

RIM PlayBook nabs first US gov't tablet certification

Research in Motion's BlackBerry PlayBook has received a much-needed shot in the arm by becoming the first tablet to earn US government security certification. "RIM is pleased to announce that the BlackBerry PlayBook is the first tablet approved under FIPS for use within the US federal government," said BlackBerry Security …
Rik Myslewski, 22 Jul 2011
The Register breaking news

On joining up physical security and cyber-security

A group of US technology firms have formed an alliance to develop better integration between physical and cyber security systems. The stated aim of the Open Security Exchange (OSE), , is to develop best practices and vendor-neutral specifications to enable the straightforward integration of physical and cyber security systems. …
Warning: roadworks

Microsoft puts in Stirling work for unified security Nirvana

Microsoft is prepping a security software suite that will take it deep into Symantec and McAfee heartland. They won't be quaking in their boots just yet: the suite, called Stirling, hits the streets in 2009, at the earliest. Stirling integrates Microsoft's anti-virus, anti-spam and content filtering software, Internet Security …
Gavin Clarke, 06 Jun 2007
The Register breaking news

Verizon buys up cloud start-up

Cloud software start-up, CloudSwitch, has been snapped up by Verizon for an undisclosed sum. The three-year-old company specialises in high security management of enterprise grade applications running via the cloud. The start-up had raised around $US15 million from Boston based VC firms to date. Verizon is set to integrate …
hands waving dollar bills in the air

Security pros win out in office politics

More than a quarter (25.4 per cent) of the security workforce in Europe spends most of their workday dealing with internal politics or selling security to upper management, according to early results from a new survey. The second annual workforce study from security certification and training organisation ISC(2) also found that …
John Leyden, 18 Oct 2005
channel

Google counterattacks MS in US.gov cloud contract row

Google has fired back at Microsoft allegations that its cloud-based service aren't fit for government. The search giant argues that Redmond's technology has not yet met government-mandated security standards while cloud-based services from Google have, despite Redmond's suggestions otherwise. Last week, Microsoft accused Google …
John Leyden, 15 Apr 2011
The Register breaking news

Google cries foul, Feds dump Microsoft cloud monopoly

Google is dropping its case against the US Department of the Interior over that organization’s refusal to consider any cloud-applications provider apart from Microsoft. Google brought the case after it was excluded from bidding for the contract to provide cloud-app services to the DoI, which determined that only Microsoft’s …
Iain Thomson, 29 Sep 2011
globalisation

CA reorganisation puts emphasis on security

Computer Associates Tuesday announced a reorganisation of its business to place more emphasis on its core systems management and security operations. CA is dividing itself into business units rather than product-based divisions in a strategy that will see the software giant organised along the same lines as arch-rival IBM. CA's …
John Leyden, 06 Apr 2005
channel

Data theft replaces malware as top security concern

Theft of information and regulatory compliance are beginning to replace malware infestation and hacking as the top security concerns, according to a poll of enterprise IT security chiefs. The second annual Cisco-sponsored poll of 100 infosec pros in large UK enterprises found that 38 per cent of respondents place theft of …
John Leyden, 19 Apr 2007
The Register breaking news

Ex-NASA man stuffs OpenStack with Paxos

One of the NASA brains behind the project that became OpenStack is taking the wraps off a start-up that promises an enterprise-grade cloud using open source. Josh McKenty today unveiled Piston Cloud Computing, a start-up that fuses Google-class algorithms with enterprise security and compliance policies to deliver what McKenty …
Gavin Clarke, 27 Sep 2011
cloud

UK.gov 'pay as you go' IT services cloud to float in March

The opportunity for suppliers to join the government's £60m G-Cloud framework is drawing to a close, according to Mark O'Neill, proposition director for innovation and delivery at the Government Digital Service (GDS). "We plan to launch the first tranche of the G-Cloud catalogue in March," O'Neill told the Cloud Expo event in …