http://www.computerworld.com/ en_US (c) Copyright 2012 Computerworld, Inc. All Rights Reserved. Sun, 27 May 2012 03:54:16 GMT 2012-05-27T03:54:16Z en_US (c) Copyright 2012 Computerworld, Inc. All Rights Reserved. http://www.computerworld.com/s/article/9227254/Red_Alert_for_Child_Pornography?source=rss_keyword_smj A .mov file with a highly suggestive name is enough to kick off an investigation into what's on an employee's PC. Mon, 21 May 2012 10:00:00 GMT mathias_thurman@yahoo.com (Mathias Thurman) http://www.computerworld.com/s/article/9227254/Red_Alert_for_Child_Pornography?source=rss_keyword_smj 2012-05-21T10:00:00Z http://www.computerworld.com/s/article/9227017/Security_Manager_s_Journal_SOX_is_out_of_control?source=rss_keyword_smj Complying with the act is consuming more and more time and detracting from real security work. Wed, 09 May 2012 16:27:00 GMT jf.rice@engineer.com (J.F. Rice) http://www.computerworld.com/s/article/9227017/Security_Manager_s_Journal_SOX_is_out_of_control?source=rss_keyword_smj 2012-05-09T16:27:00Z http://www.computerworld.com/s/article/9226906/Security_Concerns_Over_a_Data_Center_in_the_Cloud?source=rss_keyword_smj When the company data center moves to various cloud configurations, the provisioning of servers will need to be addressed. Mon, 07 May 2012 10:00:00 GMT mathias_thurman@yahoo.com (Mathias Thurman) http://www.computerworld.com/s/article/9226906/Security_Concerns_Over_a_Data_Center_in_the_Cloud?source=rss_keyword_smj 2012-05-07T10:00:00Z http://www.computerworld.com/s/article/9226412/Who_s_Got_Your_Mail_?source=rss_keyword_smj When a chance discovery reveals that anyone in the company can access one executive's email, the brainstorming begins. Mon, 23 Apr 2012 10:00:00 GMT mathias_thurman@yahoo.com (Mathias Thurman) http://www.computerworld.com/s/article/9226412/Who_s_Got_Your_Mail_?source=rss_keyword_smj 2012-04-23T10:00:00Z http://www.computerworld.com/s/article/9225758/Security_Manager_s_Journal_Shrinking_staff_and_a_time_crunch?source=rss_keyword_smj Our manager handles the quarterly SOX report himself after more layoffs. Mon, 02 Apr 2012 16:10:00 GMT jf.rice@engineer.com (J.F. Rice) http://www.computerworld.com/s/article/9225758/Security_Manager_s_Journal_Shrinking_staff_and_a_time_crunch?source=rss_keyword_smj 2012-04-02T16:10:00Z http://www.computerworld.com/s/article/9225455/Getting_Validation_at_RSA?source=rss_keyword_smj Our manager talks to colleagues and attends various breakout sessions and talks, where he might learn something new or (even better) get validation for his security program and priorities. Mon, 26 Mar 2012 10:00:00 GMT mathias_thurman@yahoo.com (Mathias Thurman) http://www.computerworld.com/s/article/9225455/Getting_Validation_at_RSA?source=rss_keyword_smj 2012-03-26T10:00:00Z http://www.computerworld.com/s/article/9225031/Plugging_a_SaaS_Access_Hole?source=rss_keyword_smj Our manager's company has a lot of sensitive data on Salesforce.com servers, and until now, we could access it from any device. Mon, 12 Mar 2012 10:00:00 GMT (Mathias Thurman) http://www.computerworld.com/s/article/9225031/Plugging_a_SaaS_Access_Hole?source=rss_keyword_smj 2012-03-12T10:00:00Z http://www.computerworld.com/s/article/9224865/Security_Manager_s_Journal_When_executives_want_to_be_above_the_law?source=rss_keyword_smj Security policies work best when they apply equally to everyone in the company. Of course, there are always some people who think they should be exceptions. Mon, 05 Mar 2012 13:18:00 GMT (J.F. Rice) http://www.computerworld.com/s/article/9224865/Security_Manager_s_Journal_When_executives_want_to_be_above_the_law?source=rss_keyword_smj 2012-03-05T13:18:00Z http://www.computerworld.com/s/article/9224108/Security_Manager_s_Journal_Hackers_Call_Home_on_Our_Dime?source=rss_keyword_smj Someone is making calls costing thousands of dollars via the IP telephony setup in a small European office. Mon, 13 Feb 2012 11:00:00 GMT (Mathias Thurman) http://www.computerworld.com/s/article/9224108/Security_Manager_s_Journal_Hackers_Call_Home_on_Our_Dime?source=rss_keyword_smj 2012-02-13T11:00:00Z http://www.computerworld.com/s/article/9223574/Security_Manager_s_Journal_You_Can_t_Secure_Every_Home?source=rss_keyword_smj By chance, our manager discovers that unauthorized network access from remote PCs at employees' homes and elsewhere has been widespread. Mon, 23 Jan 2012 11:00:00 GMT (Mathias Thurman) http://www.computerworld.com/s/article/9223574/Security_Manager_s_Journal_You_Can_t_Secure_Every_Home?source=rss_keyword_smj 2012-01-23T11:00:00Z http://www.computerworld.com/s/article/9223224/Security_Manager_s_Journal_BYOD_Planning_Gets_a_Boost?source=rss_keyword_smj A virtual desktop infrastructure will be the security key to reaching the CIO's goal of allowing personal devices on the corporate network. Mon, 09 Jan 2012 11:00:00 GMT (Mathias Thurman) http://www.computerworld.com/s/article/9223224/Security_Manager_s_Journal_BYOD_Planning_Gets_a_Boost?source=rss_keyword_smj 2012-01-09T11:00:00Z http://www.computerworld.com/s/article/359933/A_Rush_to_Judgment_on_DLP?source=rss_keyword_smj Our manager has just gotten funding for data leak prevention added to his current budget. But that budget expires in a few weeks. Mon, 05 Dec 2011 11:00:00 GMT (Mathias Thurman) http://www.computerworld.com/s/article/359933/A_Rush_to_Judgment_on_DLP?source=rss_keyword_smj 2011-12-05T11:00:00Z http://www.computerworld.com/s/article/359754/Sensitive_Data_in_the_Wild?source=rss_keyword_smj It isn't easy to stop your employees from posting things they shouldn't on social media and file-sharing sites. Mon, 21 Nov 2011 11:00:00 GMT (Mathias Thurman) http://www.computerworld.com/s/article/359754/Sensitive_Data_in_the_Wild?source=rss_keyword_smj 2011-11-21T11:00:00Z http://www.computerworld.com/s/article/9221894/Security_Manager_s_Journal_Why_would_a_company_not_spring_for_Cadillac_security_?source=rss_keyword_smj Too many corporate decision-makers think it's wise to shore up only the most glaring security weaknesses. But attackers will always be able to find the weaknesses you decided you could live with. Wed, 16 Nov 2011 17:41:00 GMT jf.rice@engineer.com (J.F. Rice) http://www.computerworld.com/s/article/9221894/Security_Manager_s_Journal_Why_would_a_company_not_spring_for_Cadillac_security_?source=rss_keyword_smj 2011-11-16T17:41:00Z http://www.computerworld.com/s/article/359571/Spending_a_10K_Windfall_Wisely?source=rss_keyword_smj When you're suddenly offered an unexpected sum to spend on security quickly, you say yes first and figure out how to invest it later. Mon, 07 Nov 2011 11:00:00 GMT (Mathias Thurman) http://www.computerworld.com/s/article/359571/Spending_a_10K_Windfall_Wisely?source=rss_keyword_smj 2011-11-07T11:00:00Z http://www.computerworld.com/s/article/9221297/Security_Manager_s_Journal_Sometimes_even_managers_get_their_hands_dirty?source=rss_keyword_smj When you have a skeleton crew but a long list of things that need to get done, it just makes sense to do them yourself. Fri, 28 Oct 2011 17:20:00 GMT jf.rice@engineer.com (J.F. Rice) http://www.computerworld.com/s/article/9221297/Security_Manager_s_Journal_Sometimes_even_managers_get_their_hands_dirty?source=rss_keyword_smj 2011-10-28T17:20:00Z http://www.computerworld.com/s/article/358923/Getting_the_Most_Out_of_SIEM?source=rss_keyword_smj The CIO isn't convinced about the value to be derived from investing in a security incident and event management tool. Time to think outside of the box. Mon, 10 Oct 2011 10:00:00 GMT (Mathias Thurman) http://www.computerworld.com/s/article/358923/Getting_the_Most_Out_of_SIEM?source=rss_keyword_smj 2011-10-10T10:00:00Z http://www.computerworld.com/s/article/9220164/Security_Manager_s_Journal_The_bad_guys_are_in_the_house?source=rss_keyword_smj New IDS detects something horrifying. Wed, 21 Sep 2011 15:55:00 GMT jf.rice@engineer.com (J.F. Rice) http://www.computerworld.com/s/article/9220164/Security_Manager_s_Journal_The_bad_guys_are_in_the_house?source=rss_keyword_smj 2011-09-21T15:55:00Z http://www.computerworld.com/s/article/358334/Assessing_the_Company_s_Apps?source=rss_keyword_smj A third party peers at our manager's Web-based applications and finds several problems. Mon, 12 Sep 2011 10:00:00 GMT (Mathias Thurman) http://www.computerworld.com/s/article/358334/Assessing_the_Company_s_Apps?source=rss_keyword_smj 2011-09-12T10:00:00Z http://www.computerworld.com/s/article/358142/Keeping_the_DMZ_Safe?source=rss_keyword_smj A security manager has to be vigilant about what goes into the exposed portion of the company network, and he has to make sure it's all configured correctly. Mon, 22 Aug 2011 10:00:00 GMT (Mathias Thurman) http://www.computerworld.com/s/article/358142/Keeping_the_DMZ_Safe?source=rss_keyword_smj 2011-08-22T10:00:00Z http://www.computerworld.com/s/article/9219318/Security_Manager_s_Journal_New_economic_woes_lead_to_deep_cuts?source=rss_keyword_smj Needed security projects get the ax. Can layoffs be far behind? Fri, 19 Aug 2011 13:27:00 GMT jf.rice@engineer.com (J.F. Rice) http://www.computerworld.com/s/article/9219318/Security_Manager_s_Journal_New_economic_woes_lead_to_deep_cuts?source=rss_keyword_smj 2011-08-19T13:27:00Z http://www.computerworld.com/s/article/9218602/Security_Manager_s_Journal_Shrinking_IT_staff_leaves_security_projects_in_the_lurch?source=rss_keyword_smj Newly purchased security products aren't going to deploy themselves. Fri, 22 Jul 2011 17:59:00 GMT jf.rice@engineer.com (J.F. Rice) http://www.computerworld.com/s/article/9218602/Security_Manager_s_Journal_Shrinking_IT_staff_leaves_security_projects_in_the_lurch?source=rss_keyword_smj 2011-07-22T17:59:00Z http://www.computerworld.com/s/article/357475/The_Perils_of_Enterprise_Search?source=rss_keyword_smj First and foremost, you have to make sure you don't compromise the rule of least privilege. Mon, 18 Jul 2011 10:00:00 GMT mathias_thurman@yahoo.com (Mathias Thurman) http://www.computerworld.com/s/article/357475/The_Perils_of_Enterprise_Search?source=rss_keyword_smj 2011-07-18T10:00:00Z http://www.computerworld.com/s/article/9217811/Security_Manager_s_Journal_Sometimes_nothing_gets_done_if_you_don_t_do_it_yourself?source=rss_keyword_smj Our manager's growing IT department has a lot of new managers, and they want to oversee the actual implementation of security projects. But very little implementation is actually taking place. Tue, 21 Jun 2011 15:34:00 GMT jf.rice@engineer.com (J.F. Rice) http://www.computerworld.com/s/article/9217811/Security_Manager_s_Journal_Sometimes_nothing_gets_done_if_you_don_t_do_it_yourself?source=rss_keyword_smj 2011-06-21T15:34:00Z http://www.computerworld.com/s/article/356811/Cloud_Storage_Gets_the_Ax?source=rss_keyword_smj None of the SaaS storage vendors at this point have implemented adequate safeguards that will keep corporate data safe. Mon, 06 Jun 2011 10:00:00 GMT mathias_thurman@yahoo.com (Mathias Thurman) http://www.computerworld.com/s/article/356811/Cloud_Storage_Gets_the_Ax?source=rss_keyword_smj 2011-06-06T10:00:00Z http://www.computerworld.com/s/article/9217114/Security_Manager_s_Journal_Not_even_security_managers_immune_to_FakeAV_infection?source=rss_keyword_smj This insidious malware is hard to root out, which is why it's making a lot of money for its distributors. Fri, 27 May 2011 16:07:00 GMT jf.rice@engineer.com (J.F. Rice) http://www.computerworld.com/s/article/9217114/Security_Manager_s_Journal_Not_even_security_managers_immune_to_FakeAV_infection?source=rss_keyword_smj 2011-05-27T16:07:00Z http://www.computerworld.com/s/article/356243/Tracking_the_ROI_on_SIEM?source=rss_keyword_smj The company's limited deployment of a security information and event management tool is paying off. But now it's time to convince the CIO and CFO that the payoff is real. Mon, 23 May 2011 10:00:00 GMT mathias_thurman@yahoo.com (Mathias Thurman) http://www.computerworld.com/s/article/356243/Tracking_the_ROI_on_SIEM?source=rss_keyword_smj 2011-05-23T10:00:00Z http://www.computerworld.com/s/article/356025/When_Email_Gets_Hacked?source=rss_keyword_smj An executive's webmail account is compromised, and it contains plain-text passwords for corporate apps. Mon, 09 May 2011 10:00:00 GMT mathias_thurman@yahoo.com (Mathias Thurman) http://www.computerworld.com/s/article/356025/When_Email_Gets_Hacked?source=rss_keyword_smj 2011-05-09T10:00:00Z http://www.computerworld.com/s/article/9216205/Security_Manager_s_Journal_Software_security_comes_down_to_checking_inputs?source=rss_keyword_smj Our manager is surprised how little his company's developers know about making their software safer. Wed, 27 Apr 2011 13:32:00 GMT jf.rice@engineer.com (J.F. Rice) http://www.computerworld.com/s/article/9216205/Security_Manager_s_Journal_Software_security_comes_down_to_checking_inputs?source=rss_keyword_smj 2011-04-27T13:32:00Z http://www.computerworld.com/s/article/355815/Keeping_Our_Code_Safe?source=rss_keyword_smj Our manager's company has shockingly little oversight on the security of software code written for it by third parties. Mon, 18 Apr 2011 10:00:00 GMT (Mathias Thurman) http://www.computerworld.com/s/article/355815/Keeping_Our_Code_Safe?source=rss_keyword_smj 2011-04-18T10:00:00Z http://www.computerworld.com/s/article/9215261/Security_Manager_s_Journal_Helping_out_the_in_house_developers?source=rss_keyword_smj They're working on a Web-based service and want to build in the authentication capability. But why not just use Active Directory? Mon, 28 Mar 2011 16:56:00 GMT jf.rice@engineer.com (J.F. Rice) http://www.computerworld.com/s/article/9215261/Security_Manager_s_Journal_Helping_out_the_in_house_developers?source=rss_keyword_smj 2011-03-28T16:56:00Z http://www.computerworld.com/s/article/355258/Developing_a_Metrics_System?source=rss_keyword_smj Quarterly reports to the CIO will keep him aware of risks in the environment, and hopefully will reduce those risks. Mon, 21 Mar 2011 10:00:00 GMT mathias_thurman@yahoo.com (Mathias Thurman) http://www.computerworld.com/s/article/355258/Developing_a_Metrics_System?source=rss_keyword_smj 2011-03-21T10:00:00Z http://www.computerworld.com/s/article/354765/Firming_Up_Firewall_Protection?source=rss_keyword_smj Our manager's company is trying out the latest generation of firewalls, which offer some exciting possibilities. Mon, 07 Mar 2011 11:00:00 GMT mathias_thurman@yahoo.com (Mathias Thurman) http://www.computerworld.com/s/article/354765/Firming_Up_Firewall_Protection?source=rss_keyword_smj 2011-03-07T11:00:00Z http://www.computerworld.com/s/article/9211518/Security_Manager_s_Journal_Security_that_doesn_t_get_in_the_way?source=rss_keyword_smj The RSA conference and Disneyland both demonstrate ways that it can be done. Fri, 25 Feb 2011 18:20:00 GMT jf.rice@engineer.com (J.F. Rice) http://www.computerworld.com/s/article/9211518/Security_Manager_s_Journal_Security_that_doesn_t_get_in_the_way?source=rss_keyword_smj 2011-02-25T18:20:00Z http://www.computerworld.com/s/article/9208299/Getting_a_Handle_on_Our_Data?source=rss_keyword_smj Improved data handling should be an easy win for our manager, who is especially excited about the opportunity to better protect his employer's intellectual property. Mon, 07 Feb 2011 11:00:00 GMT http://www.computerworld.com/s/article/9208299/Getting_a_Handle_on_Our_Data?source=rss_keyword_smj 2011-02-07T11:00:00Z http://www.computerworld.com/s/article/9205882/Dangers_Under_the_Rocks?source=rss_keyword_smj A security manager in a new job is like a gardener assessing the threats that lie below the rocks. Mon, 24 Jan 2011 11:00:00 GMT mathias_thurman@yahoo.com (Mathias Thurman) http://www.computerworld.com/s/article/9205882/Dangers_Under_the_Rocks?source=rss_keyword_smj 2011-01-24T11:00:00Z http://www.computerworld.com/s/article/9205621/Security_Manager_s_Journal_SOX_giveth_as_well_as_taketh_away?source=rss_keyword_smj The Sarbanes-Oxley Act is a costly compliance nightmare, but it can help a security manager get what he needs sometimes. Thu, 20 Jan 2011 13:51:00 GMT jf.rice@engineer.com (J.F. Rice) http://www.computerworld.com/s/article/9205621/Security_Manager_s_Journal_SOX_giveth_as_well_as_taketh_away?source=rss_keyword_smj 2011-01-20T13:51:00Z http://www.computerworld.com/s/article/353366/Stopping_Stupid_Human_Tricks?source=rss_keyword_smj Widespread use of SaaS apps at our manager's new company makes it essential to raise employees' awareness of security risks. Mon, 10 Jan 2011 11:00:00 GMT mathias_thurman@yahoo.com (Mathias Thurman) http://www.computerworld.com/s/article/353366/Stopping_Stupid_Human_Tricks?source=rss_keyword_smj 2011-01-10T11:00:00Z http://www.computerworld.com/s/article/9202059/Security_Manager_s_Journal_Coming_through_for_the_business?source=rss_keyword_smj Our manager finds a way to enable iPhones and Android devices to be used on the corporate network. Wed, 22 Dec 2010 15:56:00 GMT jf.rice@engineer.com (J.F. Rice) http://www.computerworld.com/s/article/9202059/Security_Manager_s_Journal_Coming_through_for_the_business?source=rss_keyword_smj 2010-12-22T15:56:00Z http://www.computerworld.com/s/article/353119/Buried_in_SIEM_Configuration?source=rss_keyword_smj The first rule in deploying a security incident and event management tool: Don't make assumptions. Mon, 20 Dec 2010 11:00:00 GMT (Mathias Thurman) http://www.computerworld.com/s/article/353119/Buried_in_SIEM_Configuration?source=rss_keyword_smj 2010-12-20T11:00:00Z http://www.computerworld.com/s/article/352873/Tightening_Up_SaaS_Security?source=rss_keyword_smj Our manager's new company uses more 30 SaaS apps, a situation that opens many doors to potential data compromise. Mon, 06 Dec 2010 11:00:00 GMT mathias_thurman@yahoo.com (Mathias Thurman) http://www.computerworld.com/s/article/352873/Tightening_Up_SaaS_Security?source=rss_keyword_smj 2010-12-06T11:00:00Z http://www.computerworld.com/s/article/9198298/Security_Manager_s_Journal_Assessing_the_plan_for_the_new_year?source=rss_keyword_smj Our manager ends his first year at his new company ahead of the strategic plan, but challenges always await. Mon, 29 Nov 2010 15:45:00 GMT jf.rice@engineer.com (J.F. Rice) http://www.computerworld.com/s/article/9198298/Security_Manager_s_Journal_Assessing_the_plan_for_the_new_year?source=rss_keyword_smj 2010-11-29T15:45:00Z http://www.computerworld.com/s/article/352685/Heading_for_the_Clouds?source=rss_keyword_smj Our manager wanted a new challenge. His new job at a company that is offering software as a service fills the bill. Mon, 22 Nov 2010 11:00:00 GMT mathias_thurman@yahoo.com (Mathias Thurman) http://www.computerworld.com/s/article/352685/Heading_for_the_Clouds?source=rss_keyword_smj 2010-11-22T11:00:00Z http://www.computerworld.com/s/article/352517/Spying_or_Something_Innocent_?source=rss_keyword_smj When a log indicates that two high-level executives logged into a tool that they shouldn't mess with, it's time to investigate. Mon, 08 Nov 2010 11:00:00 GMT mathias_thurman@yahoo.com (Mathias Thurman) http://www.computerworld.com/s/article/352517/Spying_or_Something_Innocent_?source=rss_keyword_smj 2010-11-08T11:00:00Z http://www.computerworld.com/s/article/351851/Keeping_Things_Simple_for_NAC?source=rss_keyword_smj The first step toward deployment of network access control is to set up a network segmentation model. Mon, 11 Oct 2010 10:00:00 GMT (Mathias Thurman) http://www.computerworld.com/s/article/351851/Keeping_Things_Simple_for_NAC?source=rss_keyword_smj 2010-10-11T10:00:00Z http://www.computerworld.com/s/article/351687/Looking_Gift_iPads_in_the_Mouth?source=rss_keyword_smj Our manager's company celebrates stellar earnings with free iPads for everybody, but can all those personal devices be allowed on the network? Mon, 27 Sep 2010 10:00:00 GMT mathias_thurman@yahoo.com (Mathias Thurman) http://www.computerworld.com/s/article/351687/Looking_Gift_iPads_in_the_Mouth?source=rss_keyword_smj 2010-09-27T10:00:00Z http://www.computerworld.com/s/article/350874/Incident_Shows_IP_Still_at_Risk?source=rss_keyword_smj Event management software could help, but it's expensive and resource-hungry. Mon, 09 Aug 2010 10:00:00 GMT (Mathias Thurman) http://www.computerworld.com/s/article/350874/Incident_Shows_IP_Still_at_Risk?source=rss_keyword_smj 2010-08-09T10:00:00Z http://www.computerworld.com/s/article/350778/Offshoring_What_Can_Go_?source=rss_keyword_smj Our security manager is willing to outsource some things, but others are simply out of the question. Mon, 26 Jul 2010 10:00:00 GMT (Mathias Thurman) http://www.computerworld.com/s/article/350778/Offshoring_What_Can_Go_?source=rss_keyword_smj 2010-07-26T10:00:00Z http://www.computerworld.com/s/article/350506/E_mail_Shortcut_Sounds_Alarm?source=rss_keyword_smj A look at the company's intranet chat board leads to the discovery that employees are getting around the VPN. Mon, 12 Jul 2010 10:00:00 GMT mathias_thurman@yahoo.com (Mathias Thurman) http://www.computerworld.com/s/article/350506/E_mail_Shortcut_Sounds_Alarm?source=rss_keyword_smj 2010-07-12T10:00:00Z http://www.computerworld.com/s/article/9178483/Security_Manager_s_Journal_The_need_for_real_security_in_a_virtual_world?source=rss_keyword_smj Virtualization, cloud computing and SaaS all carry their own security challenges. Thu, 24 Jun 2010 20:50:00 GMT jf.rice@engineer.com (J.F. Rice) http://www.computerworld.com/s/article/9178483/Security_Manager_s_Journal_The_need_for_real_security_in_a_virtual_world?source=rss_keyword_smj 2010-06-24T20:50:00Z