Source: Security Pipeline - Posted by Pax Dickinson
Best Buy reports that its most frequently returned products are Wi-Fi networking gear. While many end users want the benefits of Wi-Fi, apparently very few can figure out how to set the wireless security features and get them working properly. Even experienced networking pros have trouble configuring security on today's Wi-Fi networks.
VeriSign plans to significantly increase the number of DNS servers it operates, a move that it says will make a key part of the Internet's infrastructure more resilient to cyberattacks.
Over the next year, VeriSign aims to place additional replicas of one of its Domain Name System root servers--the "J"--in up to 100 data centers around the world, Aristotle Balogh, VeriSign's senior vice president of operations and infrastructure, said in an interview with CNET News.com on Thursday. The company runs two of the DNS root servers--the "A" is the other--that form an essential part of the Internet's naming system.
Source: Security Pipeline - Posted by Pax Dickinson
Use of public wireless hotspots is increasing, giving mobile workers and others access to essential data. The bad news: Security threats against hotspot users also are increasing.
That's the word from Richard Rushing and he should know since he is chief security officer for AirDefense, which specializes in security of mobile workers.
Source: Security Pipeline - Posted by Pax Dickinson
Wireless LANs utilize radio waves for transporting information, which results in security vulnerabilities that justifiably worry network managers. To assuage those worries, most companies implement authentication and encryption to harden security.
However, WLANs have a whole host of other vulnerabilities that can be more difficult to completely smother such as illicit monitoring, unauthorized access, and denial of service (DoS) attacks. For example, someone using a wireless sniffer, such as the freely-available NetStumbler, can easily monitor wireless traffic for fun or malicious intent while sitting in their car next to your office building.
Source: TechTarget.com - Posted by Benjamin D. Thomas
To manage risk, maintain razor-sharp security architecture and still enjoy a peaceful night's sleep, security professionals at this week's InfoSec World conference offered this advice: Know your limits, speak the boss's language and embrace change.
It also wouldn't hurt to learn the 80/20 principle -- the theory of 19th-century economist-mathematician Vilfredo Pareto that 20% of what you do makes 80% of the difference.
A stolen laptop made public last week by the University of California, Berkeley contained unencrypted personal data on nearly 100,000 graduate students and applicants and is just the latest case to underscore the need for increased protection of personal information.
Source: Security Pipeline - Posted by Pax Dickinson
Security specialists are constantly on the lookout for proven methods we can replicate to keep our networks and data safe. Independent consultants provide an outsider's perspective and carry with them the aggregate experience of helping hundreds of clients. But not every practice consultants see in the field is a good one--in fact, they encounter some stunningly bad ideas. Because sometimes one whopper of a mistake can be more instructive than a binder's worth of best practices, we interviewed more than a dozen security consultants to arrive at our 10 worst practices list. See which ones apply to you, then check our links for advice on how to do things better.
Source: ComputerSecurityNews - Posted by Benjamin D. Thomas
You've set up your Boingo account, you're hanging out at the Home Turf sports bar in LAX and you figure you'll do a little business or check your e-mail while sipping a Chardonnay. Well, that's the point of all this; being able to take care of a few things while in a relaxing atmosphere.
Don't, however, get so relaxed that you ignore security and give all your confidential information to some unscrupulous hacker. Yeah, you see the guy. He's over in the corner wearing that fake nose and glasses with the ridiculous Bozo the Clown cap. Yep, drinking a Blatz.
I finally settled on a strategy for wireless security. As wireless access points began appearing on our company's network, we configured them with Cisco's Lightweight Extensible Access Protocol (read my previous article, Migrate WLANs away from Cisco's LEAP). LEAP forces users to authenticate to the access point with their enterprise credentials - the same credentials used for virtual private network access, as well as services such as payroll and Microsoft Exchange e-mail. That's because we use a centralised directory that ties into most of our core applications and lets employees use a single password to sign on.
Mesh Networking and community wireless broadband reached new heights with a world first for Locustworld MeshAP PRO when a Shadow microlight aircraft flew over Lincolnshire UK and successfully tested air to ground mesh networking and voice over broadband. South Witham broadband (Lincolnshire UK) joined forces with Make Me Wireless (Australia) and using LocustWorld MeshAP PRO and Asterisk VoIP equipment, seamlessly created air to ground voice communications at 2000 feet with the 16 node South Witham community broadband network.
