Author: Scott D. Rosenberg

Microsoft Enterprise Agreement: Watch That True-up
Scott D. RosenbergMicrosoft, Microsoft Licensing Compliance, Microsoft Licensing TipLeave a Comment on Microsoft Enterprise Agreement: Watch That True-up

If you have 250 computers in your organization, you probably have a Microsoft Enterprise Agreement (EA). A perpetual license, the EA is designed to standardize the Microsoft products enterprise-wide, while providing the most current version. Microsoft and its resellers love EAs because it brings recurring revenue with its three-year agreement and maintenance fees. Under an EA, the organization has a standard yearly “True-up”, where full payment is required for any new usage on products included in the EA for the […]

Big Brother made me do it!
Scott D. RosenbergIT Security, PCI (Payment Card Industry), Security Assessments, Security RiskLeave a Comment on Big Brother made me do it!

Our personal favorite hacker, Albert Gonzalez, said that the government knew about his theft of 130 million credit and debit card numbers from Office Max, TJX, Heartland Payment Systems and Dave & Busters. In fact, he filed a 25-page petition seeking to overturn his 20-year sentence. The Secret Service declined to give comment. Within 5 years, Gonzalez collected $2.8 million. Now, he is saying that it was all government sanctioned. By all means, let’s pass the buck.

How Data Loss Prevention Technology Can Help You
Scott D. RosenbergAccess management, Compliance, Database security, DSS (Data Security Standard), Identity management, IT Security, Oracle database, PCI (Payment Card Industry), Risk, Security Assessments, Security Risk1 Comment on How Data Loss Prevention Technology Can Help You

Data Loss Prevention (DLP) is one of the key IT security measures a company must undertake. DLP is one of the 20 Critical IT Security Controls that the nonprofit security training agency SAN recommends. A recent news item provides a great real life of how Nationwide Insurance used DLP technology to prevent an employee’s unlawful activities. Nationwide recently installed new monitoring software to prevent unlawful transmission of data by its employees. The software snagged Qiang “Michael” Bi, a 36-year old […]

Using Oracle Database Firewall
Scott D. RosenbergAccess management, Center of Internet Security (CIS), Compliance, Contract Lifecycle management, Cost Containment/Negotiation, Database security, DSS (Data Security Standard), Enterprise Agreement, GRC (Governance, HIPAA, Identity management, IT Asset Management, IT Security, Licensing Change Alert, Microsoft Licensing Compliance, Microsoft Licensing Tip, Microsoft: News You Can Use, Miro News, Oracle database, Oracle Licensing Compliance, Oracle Licensing Tip, Oracle: News You Can Use, PCI (Payment Card Industry), Risk, Security Assessments, Security Risk, software asset management, Software audit, SQL, Uncategorized, VirtualizationLeave a Comment on Using Oracle Database Firewall

We’re all familiar with network firewalls, which prevent unauthorized access to your network from external sources. However, network firewalls don’t protect your databases from malicious attacks, which sometimes come disguised as privileged internal users. Web applications are a major source of data attacks, through stratagems such as SQL Injection, for example. Oracle’s Database Firewall (a product Oracle gained through its acquisition of Secerno, a British firm, in 2010) offers a solid defensive perimeter to monitor and enforce accepted behavior on […]

The New Ponemon Institute End Point Security Report
Scott D. RosenbergAccess management, Compliance, Database security, Identity management, IT Security, Oracle database, Risk, Security Assessments, Security RiskLeave a Comment on The New Ponemon Institute End Point Security Report

Ponemon Institute has just (Dec 2010) released a new State of Endpoint report (http://www.lumension.com/Media_Files/Documents/Marketing—Sales/Others/Ponemon—State-of-Endpoint-Risk.aspx). The study, sponsored by Lumension, reveals that a full 64 percent of the 570 respondents surveyed report that their networks are less secure than they were a year ago, or they aren’t sure. And 58 percent report that their security costs are increasing, with malware incidents being the main driver of the escalating costs. A very interesting thing to note is the fact that most IT […]

In Archive