January 2007 Issue of SCMagazine

January 2007 Issue of SCMagazine

Editorial

Start some good habits this new year

New Year's resolutions frequently center on starting a good habit or stopping a bad one. Such oaths should be no different for the corporate world.

Update

Company news

Richard Stiennon has joined Fortinet, maker of multi-threat security solutions, as its chief marketing officer. He will be charged with driving the firm's market strategies ...

Debate

Is the best approach to database security monitoring traffic before it enters the database?

News briefs

Vista worldVista was released to corporate customers the same day as the latest version of the companys business suite, Microsoft Office 2007. Home consumers can ...

2 minutes on

Sarbanes, Oxley pass torch

The swearing in of the 110th Congress this month marks the end of an era for IT security-related legislation, as both authors of the Sarbanes-Oxley ...

Me and my job

Me and my job

Of what are you most proud in your job? I'm most proud of the employees of Arlington County who have adopted "common sense" cybersecurity thinking ...

Opinion

It's all about the hierarchy

Everyone's talking about their preferred security organization of the future. Whether you're a CSO, CISO, director, manager, security specialist, or whatever, you have an opinion ...

Put on your consulting hat

Despite increasing government data regulations to guard against information leaks and cyberattacks, security pros can no longer simply lock down corporate IT systems. Nor can ...

CSO's desk

Consider trust and reputation risks

I recently read an excellent study about the impact of security and privacy on brand reputation and customer loyalty. I was looking for some solid ...

Features

10 ways to a solid ROI

Ever since the arrival of the first anti-virus software in the mid-1980s, accountants have been battling with IT managers to control and quantify the efficiency ...

Patching process

There are many different names for the second Tuesday of every month: Patch Tuesday, Super Tuesday, Black Tuesday — and maybe even some other unsavory ...

Fast growing threats

If you think what you don't know won't hurt you, then you probably shouldn't be running a website. With literally hundreds of hidden security-related vulnerabilities ...

Guarding the exit

When Verdasys co-founder and CEO Seth Birnbaum was heading up engineering at NeoGenesis Pharmaceuticals, three employees thought they had a foolproof plan to steal drug ...

Sweet sixteen

The way the organizers of this year's RSA Conference see it, thanks to the advent of the internet, Americans are living in the modern day ...

The verdict on Vista

Ever the punching bag for hackers and security professionals, Microsoft is hoping to polish its tarnished security track record with the final release of its ...

Product Section: Two staples of information protection

This month, we have juxtaposed two of the foundations of information security: data protection and vulnerability assessment. On the protection side, we look at some ...

Product Reviews

Rapid7 NeXpose

Rapid7 NeXpose is, generally, an impressive appliance. Although it is a hybrid (vulnerability scanner and penetration test tool), the pen tool is used specifically to ...

Core Impact 6.0

Impact 6.0 from Core Security is a pure penetration testing tool. It is optimized for production use and comes with a suite of pre-programmed exploits. ...

SecurStar DriveCrypt Plus Pack

If James Bond had encryption software he would have the DriveCrypt Plus Pack. This software includes many more features than the other products in this ...

Utimaco SafeGuard Easy

Utimaco SafeGuard Easy is just what its name promises — the package is easy enough to install that the average end-user could do it. The ...

BeCrypt Disk Protect

BeCrypt Disk Protect provides for two-factor authentication and also advanced encryption standard (AES) encryption of the entire hard drive. We configured BeCrypt Disk Protect to ...

eEye REM Security Manager

We found the combination of the REM Security Manager and the Retina Scanner to be easy to use and deploy. In fact, ease of use ...

Tenable Network Security Passive Vulnerability Scanner

The Tenable Passive Vulnerability Scanner (PVS) is a most interesting product. It is truly passive in that it does not perform active scans of any ...

NetClarity Branch Auditor 5.0

Last year we reviewed NetClarity’s Enterprise Auditor product and we liked it a lot. This year we looked at its little sibling, the Branch Auditor. ...

StillSecure VAM

The StillSecure VAM is a solid vulnerability assessment appliance with a longstanding pedigree. The VAM also is available in a software-only version. Implementation of the ...

WinMagic SecureDoc

WinMagic Data Security’s SecureDoc Hard Disk Encryption provides advanced encryption standard (AES) encryption of the entire hard drive. SecureDoc Hard Disk Encryption also supports two-factor ...

PGP Whole Disk Encryption

PGP Whole Disk Encryption provides the easiest to install hard drive encryption package we tested. Both the standalone and enterprise products were easy to configure ...

Secude Secure Notebook

The Secude Secure Notebook has the ability to authenticate the user using two-factor authentication, such as smart cards and USB tokens. The drive encryption product ...

Tenable Nessus 3

Nessus is one of the granddaddies of vulnerability scanners. Today, Nessus is not only a powerful open source product in its own right, it is ...

Saint Scanner + Exploit

We have been watching Saint a long time. Saint, as many old-timers may recall, began life as an open source version of Satan, one of ...

ISS Proventia Network

The ISS Proventia Network Enterprise Scanner is part of a larger security management system and, as such, shows its best performance as part of that ...

TrueCrypt.org TrueCrypt

As a big fan of open source software (this entire review was written in Open Office), we were hoping that TrueCrypt would give the pay ...

Red Seal Systems Inc. SRM 3000

Red Seal SRM 3000 defines a new breed appliance.

Last Word

Good enough for your business?

If you're part of a financial institution, chances are you've memorized the Federal Financial Institutions Examination Council (FFIEC) guidance chapter and verse, and, with risk ...

Letters

Got something to say?

Send your comments, praise or criticism to scfeedbackus@haymarketmedia.com. We reserve the right to edit letters.