XP End of Support Options

The end of support for Windows XP has disastrous potential for those who do not prepare for it. Anyone still on the OS can expect an onslaught of malware after April 8th, 2014 – the date Microsoft will no longer ship security patches for XP.

Any bad guy out there with an XP exploit will likely sit on it until EOS for obvious reasons – it’s simply more profitable for them.

> Read More

Managing Security Risks in a Virtual Environment

Before virtualization even became an official buzzword, IT industry watchers began pointing to its security risks. Now that virtualization is mainstream, few will come out and say virtual environments are inherently less secure—but there remains a tendency to deploy virtual servers and virtual desktops insecurely.

Of course, with that tendency comes the potential for security breaches.

> Read More

Where Did We Fall on 2012 Predictions?

About this time last year, I wrote out my predictions for the good, bad and ugly of 2012. While pulling together what I think the 2013 IT security landscape will look like (which is the topic of my SecuritySCAPE 2012 presentation and subsequent blog posts here on Optimal Security), it’s always interesting to first look back at how I did.

> Read More

2012 Endpoint Security Trends

What’s in Store for 2012?

A new year brings a new IT security landscape and smart IT pros are planning ahead. To find out more about what 2012 will look like and what IT departments can be doing now to prepare, Lumension asked three experts to make their predictions and offer practical steps on what to do next.

> Read More

What Security Companies Can Expect in 2012

‘Tis the season for predictions….and here’s an obvious one. Security manufacturers definitely have their work cut out for them in 2012. (Also listen to the podcast with Paul Henry and Randy Franklin Smith.)

IT has big concerns about what the coming year will bring. In our newly-completed State of the Endpoint survey conducted by the Ponemon Institute,

> Read More

Reasons to Consider Power Management in Your Enterprise

Chris Andrew, VP of Security Technologies for Lumension, shares his thoughts on power management considerations.

What are some best practices to implementing PC power management in midsize and large enterprises?

The average computer is left on all the time in a business environment, and that can waste a tremendous amount of power when you factor in the number of desktop PCs within an organization.

> Read More

2010 Predictions Redux- 2nd Half Predictions and Looming Threats

As we ended 2009 and entered 2010, many predicted that 2010 was poised to go down in history as “the year of insider threats”. It was not a risky prediction to make considering our economic peril and our industries continued unwavering albeit misplaced focus on the gateway rather then endpoint security.

The Worldwide State of the Endpoint Survey 2010 highlighted the reasons why the neglect of the endpoint is poised to increase enterprise risk:

  • Organization’s increasing use of technologies that improve productivity and reduce costs but create endpoint risks.

> Read More

The Case for Endpoint Operations and Endpoint Security Convergence

Ask any IT administrator where their greatest security risk lies and they will tell you it’s at the endpoint. The endpoint has expanded well beyond a desktop to include mobile devices, which allow greater user flexibility and productivity but also increase security risks to your network. Data that once resided on secure centralized servers (and was accessed only by local desktops within a company) has migrated to remote “offices” where technology is distributed,

> Read More

Six Critical Elements to Achieve Economies in FISMA Compliance

We recently sat down with Michael Rasmussen, President and Risk & Compliance Advisor at Corporate Integrity, to discuss how public sector organizations can meet the requirements of FISMA in a cost-efficient but effective manner.

Q. How are public sector organizations adapting to FISMA compliance and why is this critical?

> Read More

The Worldwide State of the Endpoint: What Organizations Should Pay Attention to in 2010

We’ve been discussing how unprepared organizations in the U.S. are for cyber attacks, and now there’s new research that backs up these concerns and illustrates the inherent weaknesses that must be addressed if we’re to adequately safeguard our information and vital systems.

A new Ponemon-Lumension survey on the worldwide state of the endpoint shows that companies feel less secure than they did last year,

> Read More

Operationalizing Endpoint Security: Striking a Balance between IT Operations and IT Security

Gartner recently released a report on operationalizing endpoint security – on how signature-based anti-malware is losing effectiveness in the face of an overwhelming volume of threats. I have a few thoughts about the report’s findings and what organizations can do to better protect their endpoints.

As the Gartner report made clear, signature-based anti-malware is losing its effectiveness.

> Read More

Server Virtualization: Are We Doomed to Repeat the Security Sins of the Past?

Here is an experiment for you to try.  Go to google.com and type in the term “server virtualization” but don’t press ENTER.  If “Google Suggestions” is working you should see a ranked list of about ten suggested searches that Google Suggestions creates from the “… relative popularity of common searches…”.  When I did this test it was obvious that “server virtualization security” was not a very popular search. 

> Read More