The importance of monitoring your computer system and personal information simply cannot be overstated. In today's online environment, hackers hungry for users' account information and other sensitive details seem to be lurking around every corner. To keep these attackers at bay, companies must always have an eye on system and account activity, and be able to react quickly should anything...
Endpoint security has been a hot topic in the technology and corporate sectors for a few years. Especially with the emergence of bring-your-own-device practices, it has become even more critical to put safeguards in place to ensure the security of sensitive information.
Active Directory is a staple of enterprise IT and it nominally ensures secure, authenticated access to a company's core business applications. It can become problematic if it isn't properly monitored and supported by up-to-date security software, modern hardware, and access controls. Accordingly, system administrators face many potential risks when working with Active Directory.
Highly regulated organizations such as those in the banking industry have a strong history with IBM i, and for good reason—the platform offers an unprecedented level of security.
Attackers often target servers used for mission-critical data, and servers running AIX are no exception. In this on-demand webinar, cybersecurity expert Robin Tatam explains how a well-defined security policy can help protect your systems, focusing on the 10 most important issues to consider for setting a strong AIX security policy.
If your organization is thinking about using (or is using) IBM's Cryptographic APIs (e.g. QC3ENCDT, Qc3EncryptData) for encrypting database fields, then this article is for you.
Many Power Systems users still believe Linux, AIX, and IBM i are immune to viruses because viruses are a Windows threat. That’s not the case in today’s connected environments.
A denial-of-service attack is any attempt to interrupt or inflict downtime upon IT systems, but a basic DoS threat is smaller in scale than its DDoS counterpart. With the former, the influx of traffic may come from a single source, while in a DDoS attack, traffic comes from numerous sources – making it more difficult to deal with.
The bring-your-own-device trend has made significant waves in both the private and public sectors as workers increasingly rely on their own devices to handle their unique needs.
The recent string of breaches at prominent retailers such as Target and Neiman Marcus demonstrated that too many organizations still falsely equate PCI compliance with comprehensive security. Fully compliant organizations are being hit with attacks that compromise payment card data on a regular basis.
During an audit a few years ago, I revealed to the client’s security team that corporate payroll information on every employee, including the CEO, was being archived in an output queue (called PAYROLL) for weeks at a time. Due to poor configuration, this information was accessible to every employee.
Though methods vary between companies, the counterintuitive truth is that managers may have to be more transparent with their motives in order to accomplish the oversight they want.
Smack in the middle of the holiday shopping season, Target was hit with a malware attack that infiltrated its point-of-sale systems and enabled the theft of credit card numbers and personally identifiable information from more than 70 million shoppers.
As is often the case in the technology industry, the details surrounding security information and event management can be a little unclear. While vendors may offer solutions of varying complexity, there is still a basic idea behind most SIEM products…
Compiled with significant input from the private sector, the Cybersecurity Framework isn’t a prescriptive compliance document and instead gives companies significant leeway in how they use it to inform their security strategies. As a relatively new source of guidance, its implications for regulated industries aren’t clear yet.
The constantly changing cybercrime landscape paired with the speed of new technologies can make it difficult to know which skills a security administrator should focus on.
As companies bounce back from recession and place a stronger emphasis on digitally-driven innovations, IT departments are finally receiving the funds they need to hire qualified, new colleagues who can lighten the workload. However, the first order of business will be getting these recent hires up to speed.