Security Issues Blog

Account Lockout - Has Time Passed it By?

Thu, 11 Nov 2010 16:44:48 -0500

When I first got into the cybersecurity arena, I read all the books that I could find on the subject. There weren’t many back then in 1991. A number of the books dealt with securing Unix systems and they all had a section on Account Lockouts.

Account Sharing – What’s the Real Purpose?

Mon, 25 Jan 2010 00:03:00 -0500

MHO, items listed in a IT security, data security or IT acceptable use policy must be enforceable. The “stick” might be another organizational policy, local, state, or federal laws. If a policy item isn’t enforceable, then the policy is worthless.

Are We Hampered by Insecure Software?

Mon, 25 Jan 2010 16:57:00 -0500

Well, it’s that time of the year when EDU IT staff recover from the initial “school’s back in session” marathon. Now, we get to evaluate vendor software offerings for a wide range of IT services ranging from remote desktop support, data encryption to physical surveillance.

Banning P2P? Can you say Antitrust?

Wed, 03 Nov 2010 00:09:24 -0400

I decided to take a break from cyber geek stuff and spend a little time talking about the RIAA/MPAA’s efforts to cure the illegal movie/music downloads by forcing sites to ban P2P or they’ll get sued.

Local Admin Rights for a User: Losing battle.

Mon, 25 Jan 2010 17:02:00 -0500

Security and the Business Practice

Tue, 02 Nov 2010 23:55:46 -0400

We’re often asked to provide an opinion on the security of a software product. We do a preliminary analysis of the software for common software vulnerabilities and hopefully, we don’t find any. However, there have been cases when we do find one.

Why Security is Difficult in the EDU World

Thu, 11 Nov 2010 17:00:13 -0500