What can we do to better protect ourselves from authentication-based attacks?
According to the 2013 Verizon Data Breach Investigations Report, authentication-based attacks continue to plague enterprises as 80% of all attacks collected by Verizon (and other partners) were authentication-based. Who’s to blame for these attacks? Well. Tom Bowers, regional security architect at ePlus, says it’s users and their passwords. What can we do to better protect [...]
Answer Question
| May 6, 2013 1:06 PM
Password, Security, Security management
According to the 2013 Verizon Data Breach Investigations Report, authentication-based attacks continue to plague enterprises as 80% of all attacks collected by Verizon (and other partners) were authentication-based. Who’s to blame for these attacks? Well. Tom Bowers, regional security architect at ePlus, says it’s users and their passwords. What can we do to better protect [...]
Answer Question
| May 6, 2013 1:06 PM
Password, Security, Security management
Computer misuse
I was wondering if you could answer this question for me. I was given access to the HPI system (checks finance on vehicles) over 8 years ago through my employer. I thought this service was a free service as we are in the transport industry. I did 3 personal checks on this system (bearing in [...]
Answer Question
| April 24, 2013 11:01 AM
HPI system, Security, Security management
I was wondering if you could answer this question for me. I was given access to the HPI system (checks finance on vehicles) over 8 years ago through my employer. I thought this service was a free service as we are in the transport industry. I did 3 personal checks on this system (bearing in [...]
Answer Question
| April 24, 2013 11:01 AM
HPI system, Security, Security management
Strong security measures (hardware and software) for data integrity
Please help me in choosing how subject would be achieved to defend against hacker attack – especially against information theft and intruders. Critically compare and contrast the different methods (why should i choose certain than others) available…I need it for remote sites and main office.
Answer Question
| April 7, 2013 10:55 PM
Security, Security management
Please help me in choosing how subject would be achieved to defend against hacker attack – especially against information theft and intruders. Critically compare and contrast the different methods (why should i choose certain than others) available…I need it for remote sites and main office.
Answer Question
| April 7, 2013 10:55 PM
Security, Security management
Stopping EMF radiation from a server room for security
I want to shield one room against EMF emitted by the computers from escaping the room. This is for security of the data, not some crazy health craze. Will a simple faradays cage suffice? Should I ground the cage? What about the power lines and LAN lines and phone lines that could potentially emit signal [...]
Answer Question
| February 18, 2013 7:46 AM
Security, Security management
I want to shield one room against EMF emitted by the computers from escaping the room. This is for security of the data, not some crazy health craze. Will a simple faradays cage suffice? Should I ground the cage? What about the power lines and LAN lines and phone lines that could potentially emit signal [...]
Answer Question
| February 18, 2013 7:46 AM
Security, Security management
Security management
How a problem of a computer losing its system security can be solved?
Answer Question
| January 28, 2013 6:01 PM
Security, Security management
How a problem of a computer losing its system security can be solved?
Answer Question
| January 28, 2013 6:01 PM
Security, Security management
computer security
What is a client-side attack and what are its potential effects (impact on confidentiality, integrity, availability) and what methods might be used to get the user to direct a browser to the rogue web server?
Answer Question
| November 12, 2012 12:14 PM
Security, Security management
What is a client-side attack and what are its potential effects (impact on confidentiality, integrity, availability) and what methods might be used to get the user to direct a browser to the rogue web server?
Answer Question
| November 12, 2012 12:14 PM
Security, Security management
Confidential Information Theft
I suspect a company who is managing my business stealing or at least know private information which they are not supposed to do. Private memo and things. Is there a way for me to detect how they are doing it. Want to catch then red handed.
Answer Question
| November 8, 2012 5:23 AM
Security, Security management
I suspect a company who is managing my business stealing or at least know private information which they are not supposed to do. Private memo and things. Is there a way for me to detect how they are doing it. Want to catch then red handed.
Answer Question
| November 8, 2012 5:23 AM
Security, Security management
Open IT Forum: How is your company protecting its data from being attacked?
In his latest blog post on IT Compliance Advisor, independent security consultant Kevin Beaver talked about five ways your company can help prevent a data breach. His list included: 1. Having the right people on board 2. Really understand the risk 3. Approach management and corporate compliance carefully 4. Have a plan 5. Intellectual property [...]
Answer Question
| May 29, 2012 8:23 PM
Security, Security management
In his latest blog post on IT Compliance Advisor, independent security consultant Kevin Beaver talked about five ways your company can help prevent a data breach. His list included: 1. Having the right people on board 2. Really understand the risk 3. Approach management and corporate compliance carefully 4. Have a plan 5. Intellectual property [...]
Answer Question
| May 29, 2012 8:23 PM
Security, Security management
SPCAUT = *NONE
What can you do on the command line if you have it but have SPCAUT = *NONE. I’m just trying to understand the risks and the benefit of having it = *NONE. My understanding is that there is no risk as you cannot do anything, but if that is the case, can I set the [...]
Answer Question
| March 22, 2012 3:36 PM
Identity management, Security management
What can you do on the command line if you have it but have SPCAUT = *NONE. I’m just trying to understand the risks and the benefit of having it = *NONE. My understanding is that there is no risk as you cannot do anything, but if that is the case, can I set the [...]
Answer Question
| March 22, 2012 3:36 PM
Identity management, Security management
Outlook web security
I updated the S/MIME for Outlook Web access and now I can’t paste text into a message. In some browsers I can paste, but Hyperlinks are removed. How can I fix this or uninstall the S/MIME?
Answer Question
| June 14, 2011 6:03 PM
MIME, Outlook Web Access, OWA, S/MIME, Security management
I updated the S/MIME for Outlook Web access and now I can’t paste text into a message. In some browsers I can paste, but Hyperlinks are removed. How can I fix this or uninstall the S/MIME?
Answer Question
| June 14, 2011 6:03 PM
MIME, Outlook Web Access, OWA, S/MIME, Security management
Security Permissions on Shared Folders
I have a resource server that serves a large number of users. We place all of our user accounts in groups based on their geographical location and organization function. We limit the permissions on folders to read/ srite, execute and delete. However, we do not give Full Control permissions. If a user creates a folder, [...]
Answer Question
| June 8, 2011 8:02 PM
Folder permissions, Folder security, Security, Security management, Shared folders, Windows XP
I have a resource server that serves a large number of users. We place all of our user accounts in groups based on their geographical location and organization function. We limit the permissions on folders to read/ srite, execute and delete. However, we do not give Full Control permissions. If a user creates a folder, [...]
Answer Question
| June 8, 2011 8:02 PM
Folder permissions, Folder security, Security, Security management, Shared folders, Windows XP
Defining security policies for OU
How can I define security policies for each OU in Windows server 2008using Active Directory?
Answer Question
| June 7, 2011 8:08 PM
Active Directory, Security management, Security policies, Windows Server 2008
How can I define security policies for each OU in Windows server 2008using Active Directory?
Answer Question
| June 7, 2011 8:08 PM
Active Directory, Security management, Security policies, Windows Server 2008
Password policies that aren’t too crazy but effective
What password policies are the best without going crazy? We want security but changing passwords 2 times a month is too much. What is a healthy middle ground between security and convenience?
Answer Question
| June 7, 2011 8:01 PM
Open IT Forum, Password management, Password policies, Security management, Security policies
What password policies are the best without going crazy? We want security but changing passwords 2 times a month is too much. What is a healthy middle ground between security and convenience?
Answer Question
| June 7, 2011 8:01 PM
Open IT Forum, Password management, Password policies, Security management, Security policies
Best way to lock down and secure Windows Server 2008
What is the best way to lock down and secure a Windows server 2008? We want to block all remote connections and secure passwords and what not.
Answer Question
| June 8, 2011 7:55 PM
Password management, Remote access security, Remote connection, Security management, Windows Server 2008, Windows Server 2008 Administration, Windows Server Security
What is the best way to lock down and secure a Windows server 2008? We want to block all remote connections and secure passwords and what not.
Answer Question
| June 8, 2011 7:55 PM
Password management, Remote access security, Remote connection, Security management, Windows Server 2008, Windows Server 2008 Administration, Windows Server Security
WEP password cracking without SSID
Can a WEP password really be cracked in under 5 minutes with a packet sniffer? Is this true even if the site does not have a SSID?
Answer Question
| April 25, 2011 2:49 PM
Packet sniffers, Packet Sniffing, Password cracking, Security, Security management, SSID, WEP
Can a WEP password really be cracked in under 5 minutes with a packet sniffer? Is this true even if the site does not have a SSID?
Answer Question
| April 25, 2011 2:49 PM
Packet sniffers, Packet Sniffing, Password cracking, Security, Security management, SSID, WEP
Blocking weak passwords from our system
Is there a way to block a list of common passwords from our network even though they fit the complexity rules they are still weak like p@$$w0rd.
Answer Question
| April 20, 2011 2:27 PM
Password management, Password policies, Password strength, Security management, Security protocols
Is there a way to block a list of common passwords from our network even though they fit the complexity rules they are still weak like p@$$w0rd.
Answer Question
| April 20, 2011 2:27 PM
Password management, Password policies, Password strength, Security management, Security protocols
Middle ground password security policies
What password policies are the best without going crazy? We want security but changing passwords 2 times a month is too much. What is a healthy middle ground between security and convenience?
Answer Question
| April 12, 2011 4:28 PM
Password policies, Security, Security management, Security policies, Windows Security
What password policies are the best without going crazy? We want security but changing passwords 2 times a month is too much. What is a healthy middle ground between security and convenience?
Answer Question
| April 12, 2011 4:28 PM
Password policies, Security, Security management, Security policies, Windows Security
Security Implementation
With the recent spate of news stories about the apparent information assurance/security failures that have come to light as a result of the events that transpired between Aaron Bar and Anonymous, I’ve been discussing security program implementation with my classmates at the Universtity of Advancing Technology. We’ve argued back and forth about what could have [...]
Answer Question
| February 27, 2011 6:03 AM
information assurance, Security management, Systems Security Implementation
With the recent spate of news stories about the apparent information assurance/security failures that have come to light as a result of the events that transpired between Aaron Bar and Anonymous, I’ve been discussing security program implementation with my classmates at the Universtity of Advancing Technology. We’ve argued back and forth about what could have [...]
Answer Question
| February 27, 2011 6:03 AM
information assurance, Security management, Systems Security Implementation
Open IT Forum: What are your cloud security concerns for 2011?
Everyone has their own reasons for not wanting to experiment in the cloud, but more and more the enterprise is trusting mission critical applications to the cloud. What are your major security concerns for 2011 regarding the cloud, if any? How have those concerns changed or evolved since 2010? We’ll give you 100 knowledge points [...]
Answer Question
| December 16, 2011 9:44 PM
Cloud Computing, cloud computing management, Cloud computing security, Cloud Security, Open IT Forum, Security, Security management
Everyone has their own reasons for not wanting to experiment in the cloud, but more and more the enterprise is trusting mission critical applications to the cloud. What are your major security concerns for 2011 regarding the cloud, if any? How have those concerns changed or evolved since 2010? We’ll give you 100 knowledge points [...]
Answer Question
| December 16, 2011 9:44 PM
Cloud Computing, cloud computing management, Cloud computing security, Cloud Security, Open IT Forum, Security, Security management
Securing SIP signaling without deteriorating VoIP traffic
How can we lock down and secure all of our SIP signaling so that it is not readable as plain text? The solution can not deteriorate the VoIP traffic either.
Answer Question
| January 31, 2011 3:12 PM
Security, Security management, SIP Attacks, SIP Vulnerabilities, VoIP
How can we lock down and secure all of our SIP signaling so that it is not readable as plain text? The solution can not deteriorate the VoIP traffic either.
Answer Question
| January 31, 2011 3:12 PM
Security, Security management, SIP Attacks, SIP Vulnerabilities, VoIP
