Another Brick from the Wall - Leadership thoughts
Jericho Forum
Subscribe to this blog
About Author
The Jericho Forum is an international group of organisations working together to define and promote the solutions surrounding the issue of de-perimeterisation. Members include top IT security officers from multi-national Fortune 500s & entrepreneurial user companies, major security vendors, government, & academics. Working together, members drive approaches and standards for a secure, collaborative online business world.
Contact Author
Email JerichoRecent Posts
Standards, standards, everywhere...
But not a real cloud security standard in sight.
Don’t you just love standards? Evidently everyone does, because they are all proposing their own… thereby defeating the whole object of a standard.In the past few weeks we have seen the Open Data Centre Alliance come out with its defining...
November 8, 2010 4:14 PM Read Full Post
'Firesheep' tells us that web security is broken
Web developers insist on doing it their way...
Eric Butler's Firesheep plugin has been causing a stir, as it makes it extremely simple to hijack other people's web account. Once you have installed the plug-in into Firefox, you can see the unprotected websites that other people access over...
October 29, 2010 10:43 AM Read Full Post
Patches, patches, everywhere...
But not much security in sight.
So Tuesday was a mega-patch day, we had both Microsoft and Oracle with their biggest ever patch offerings. The good news is they are at least they are sending out patches.The less positive news is how long it will take...
October 13, 2010 3:10 PM Read Full Post
Mysteriously, Internet Explorer 6 hangs on
Why do old browsers never get upgraded?
As recent market share figures tell us, many corporates are still using IE6 years after it stopped being current. Meanwhile, the oft-touted Microsoft browser killer, Firefox has about the same market share as IE6. It could be that Microsoft’s true...
September 29, 2010 3:11 PM Read Full Post
Data security is not enough - we need provenance too
Just because the 'porn pirates' were on a database does not prove their guilt
Another high-profile data loss story in a long line, this time a law firm that collected data on alleged file-sharing media and porn pirates which was then stolen for all to see. There are at least two issues here, the...
September 29, 2010 12:44 PM Read Full Post
What happens when the cloud goes down?
Google, Amazon and now Microsoft have cloud interruptions
So there has been another cloud outage, this time it was Microsoft. While this is not uncommon, both Google and Amazon have had outages in recent months; it does raise a number of questions, especially when it is you that...
September 13, 2010 1:21 PM Read Full Post
Geolocation - a security technology in disguise
Proving where someone is can be a security credential
A lot has been written about Geolocation services, ranging from the good stuff - ‘Where’s the nearest pizza shop to me - right now,’ to some of the less good stuff - ‘We know where you are right now,”. Unfortunately,...
September 3, 2010 3:14 PM Read Full Post
What is a security policy?
The beginning of any security policy is the employee
Security people talk about security policies a lot. Firewalls filter packets according to a security policy; applications control users according to a security policy. But what, actually, is a security policy? How can we tell a good one from a...
August 26, 2010 3:20 PM Read Full Post
Classifying data breaches using 'visibility'
Putting a number to the problem
Assemble a group of information security professionals to discuss data classification terminology, and you'll likely end up with a long discussion on what is meant by ‘restricted’, ‘confidential’, ' secret’, ‘personal’, ‘company confidential’, ‘classified’, ‘top Secret’, with little agreement. Following...
August 25, 2010 3:45 PM Read Full Post
Cloud security - time for some tough questions
Out of sight should not be out of mind...
Good news... if you are using a cloud based application and there needs to be security patch applied, it can all happen transparently and without you even realising it’s happened. If you use GMail (as I do), then you will...
August 18, 2010 12:21 PM Read Full Post
[ Previous ] [ 1 ] [ 2 ] [ 3 ] [ 4 ] [ continued on page 4 >> ]
Powered by the Pagination plugin for Movable Type
