Keeping PCs Safe on the Internet

PC Security Journal

Subscribe to PC Security Journal: eMailAlertsEmail Alerts newslettersWeekly Newsletters
Get PC Security Journal: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Top Stories

Great American technologists from academia and industry have always ensured our national security has the edge it needs, in peace, crisis and war. Academic Fredrick Terman (pictured) brought us radar and Silicon Valley. Edwin Land brought us overhead ISR. Gordon Moore ensured integrated circuits were accelerated into our community first. Scott McNealy drove security into Operating Systems. Bill Gates and Larry Ellison and a long list of other great IT leaders have also dedicated significant effort to the national security community in ways many will never know. Great technology heroes also serve in government.  Thanks to them government has been pioneering advances in secure cloud computing, biometrics, IT security, collaboration, geospatial, visualization, remote sensing and collaboration. Government IT leaders routinely contribute to our nation’s understanding of... (more)

Mashable Sees Double Rainbows as Google Goes Gaga for OAuth

Enterprise developers and architects beware: OAuth is not the double rainbow it is made out to be. It can be a foundational technology for your applications, but only if you’re aware of the risks. OAuth has been silently growing as the favored mechanism for cross-site authentication in the Web 2.0 world. The ability to leverage a single set of credentials across a variety of sites reduces the number of username/password combinations a user must remember. It also inherently provides for a granular authorization scheme. Google’s announcement that it now offers OAuth support for Go... (more)

'Internet of Things' OWASP Top Ten

The Open Web Application Security Project (OWASP) is focused on improving the security of software. Their mission is to make software security visible, so that individuals and organizations worldwide can make informed decisions about true software security risks and their OWASP Top 10 provides a list of the 10 Most Critical Security Risks. For each risk it provides a description, example vulnerabilities, example attacks, guidance on how to avoid and references to OWASP and other related resources. Many of you are familiar with their Top 10 Most Critical Web Application Security R... (more)

IBM Readies Cloud for Business

IBM (NYSE: IBM) introduced the industry's first set of commercial "cloud" services and integrated products for the enterprise. This will give clients a reliable way to standardize IT functions that are rapidly becoming too costly or difficult to use. Based on nearly two years of research and hundreds of client engagements, the IBM Smart Business cloud portfolio is meant to help clients turn complex business processes into simple services. To accomplish this, Smart Business brings sophisticated automation technology and self-service to specific digital tasks as diverse as software... (more)

Security and the Cloud

I was talking with Avanade’s Senior Director for Enterprise Security, Ace Swerling, earlier today. The conversation touched on a wide range of security and identity management issues that I’ll probably return to, but one of Ace’s comments brought my attention back to an issue that has been nagging at me for a while. As I’m sure we all know, security concerns often figure highly in discussions about moving Enterprise applications and data to the Cloud. Indeed, I spoke with other Avanade executives earlier this year to report on a survey they had commissioned that suggested just h... (more)

The Reach of a Breach

It comes as no surprise that the CEO of Target has resigned in the wake of their massive data breach. The 2nd executive, if I remember correctly, to resign due to the mishap. Data breaches are costly according to the most recent Ponemon 2014 Cost of Data Breach Study: United States and the main reason for the steep increase in costs is ‘the loss of customers following the data breach due to additional expenses required to preserve the organization’s brand and reputation.’ The cost of each lost or stolen record, on average, increased from $188 to $201 per record from 2012 to 2013 ... (more)