Tom Olzak
9 Stories
Three ways to prevent typo-squatting data leakage
Techguide Typo-squatting is more than a way for squatters to make a buck--it also could lead to data leakage. Find out what defense you can take.
Tags: Risk Management, Domain names, Web sites, Security Management, Microsoft Corp., Domain Name, Domain, Tool, Microsoft Internet Explorer 7, Advertisement
Hosts file pharming and other botnet recruitment methods
Techguide Fighting spam and other botnet recruitment efforts requires constant vigilance. The bad guys may not be eliminated, but we can make it harder for them to use our networks for financial gain.
Tags: Business security, Network security, Data security, PC security, Security Management, Security, Spam, Bot, Pharming, IP Address
New MD5/SSL exploit is not end of civilization as we know it
Techguide MD5 insecure? Absolutely. SSL hacked? Sort of, but it's not broken. A case of certificate authority negligence? You decide.
Tags: Authentication and encryption, Network security, Security Management, Certificate, Security, SSL, VeriSign Inc., SHA-1, Tool, Risk
Highly predictive blacklists: What, how, and caveats
Techguide General blacklisting is not always efficient--SRI International and the SANS Institute have developed highly predictive blacklists. Find out more in this article.
Tags: Network security, Data security, Security applications/tools, Security Management, Highly Predictive Blacklist, Security, SANS Institute, IP, Blacklist, Access Control
Use DropMyRights to protect systems from admin users
Techguide Providing only the local system access necessary for business users to perform their jobs should be the ultimate goal. But until then, we can drop their rights when appropriate.
Tags: Security Management, Business security, Sandbox, IT Professional, EULA, Admin User, Microsoft Windows Vista, Steve Gibson, MCSE, Tom Olzak
Restless data: Diffusion via virtualization
Techguide Left on its own, data will find its way to the farthest recesses of your data center. But when helped along by implementation teams, there's no limit to data diffusion.
Tags: Data Management, Security Management, Security implementation/standards, Data, Security, Virtualization, Diffusion, Database, HR Database, Tom Olzak
Social networking risk: Managing the inevitable
Techguide The enterprise needs to shift its attention to a more insidious potential use of social networking sites--social engineering activities.
Tags: Business security, Data security, Security Management, Security applications/tools, Friend, Friendship, Survey, social engineering, Tom Olzak, phone
Three control elements in role-based access design
Techguide Each access control element plays an important role and must be assessed when evaluating multifactor authentication and single sign-on solutions.
Tags: Security Management, Risk Management, Authentication and encryption, Authentication, Security, Biometrics, Single Sign-on, Role, Identity, Identity Verification
Free sandboxing tool isolates risky behavior
Techguide Sandboxie creates an isolated operating environment which prohibits applications from directly writing to anything on local or mapped drives unless the user wants it to.
Tags: Security, Software, Sandbox, Virtual Desktop, Tool, virtual folder, Tom Olzak, Sandboxie, Recovery Folder, Environment
