Month: February 2011

SANS 20 Critical IT Security Controls #2: Inventory all Software

Most companies do a pretty good job of keeping an inventory of all their hardware such as servers, work stations, laptops and PD As. However, companies don’t usually put the same type of effort into tracking software that’s installed on their systems. Of course, there are many strong reasons for this, including the fact that it’s not easy to keep update with all the different types of software you need to use today. Hackers are always looking for vulnerable software […]

SANS Critical IT Security Controls #1 – Inventory your devices

Cyber attackers are constantly devising ways to hack into computer systems. You may have several test and development databases lying around across your in a semi-protected fashion. Or, your company may have recently bought and assigned a bunch of laptops. It’s essential that you patch ALL the computing devices in your environment, regardless of the purpose those devices may serve. In order to do this, however, you must first know the devices that your company owns. Even a small company […]

Oracle Advanced Security Option

Most people are aware of Oracle’s Advanced Security Option (ASO), but many aren’t quite sure as to what exactly this option offers you. I know most people understand that data encryption is the most common reason one looks at the ASO option, but they aren’t quite sure how it works. They are also not completely aware of the other benefits of ASO. The ASO data encryption feature is very flexible and fairly easy to implement. Unlike a homemade encryption solution, […]

Making the most of Oracle Support

earchOracle.com has just today, published an article title: Has the Phrase Oracle Support become an Oxymoron? Well, the article lashes into Oracle by referring to customer complaints about how well Oracle Support responds to customer support requests. The paper provides results of a study that say that only 54% of all Oracle’s customers are “satisfied” with its support infrastructure.

How Data Loss Prevention Technology Can Help You

Data Loss Prevention (DLP) is one of the key IT security measures a company must undertake. DLP is one of the 20 Critical IT Security Controls that the nonprofit security training agency SAN recommends. A recent news item provides a great real life of how Nationwide Insurance used DLP technology to prevent an employee’s unlawful activities. Nationwide recently installed new monitoring software to prevent unlawful transmission of data by its employees. The software snagged Qiang “Michael” Bi, a 36-year old […]

In Archive