Security

Successful Open Source Security Is Knowing What to Secure

Wed, 27 Aug 2008 14:23:00 EDT

Imagine the CIO of a consumer bank who thinks he is running 50 Oracle databases, but now finds out that in fact he has 100 databases installed behind his firewall. He doesn't have any idea where the other 50 came from. He doesn’t know the name of the vendor(s) supporting them. And he doesn’t have anyone on his IT team assigned to managing them. This scenario would be totally unacceptable to anyone.

Application Security for Open Source - The New Frontier

Fri, 23 May 2008 14:15:00 EDT

Hybrid applications made up of proprietary, open source and third-party components are the result of today's fast-paced and complex software development landscape. Applications developed within the last five years - whether internal or external - are at least 50% open source software (OSS) and third-party components.

Why 'LiveCD' Should Be a Part of Every Computer User's Vocabulary

Fri, 07 Mar 2008 11:00:00 EST

Throughout the last decade, society has witnessed an explosion of network connectivity among PCs and mobile devices as well as a vast proliferation of networked applications, ranging from Web-based email to online banking. The end result of this is that network connectivity has become an almost indispensable resource for many individuals.

SSO, Open Source and the 'Modern' Enterprise

Thu, 17 Jan 2008 12:00:00 EST

Efforts to modernize enterprise infrastructure have never been more complex. While the need is certainly there on multiple fronts - competitive edge, cost savings and new business initiatives, to name just a few - new hurdles seem to pop up no matter where an IT administrator might look. That includes not just management issues such as cap/ex costs and user resistance, but also an increasing pancake stack of integration layers within and among applications.

Proactively Preventing Data Corruption

Thu, 03 Jan 2008 14:00:00 EST

Data corruption is an insidious problem in storage. While there are many forms of corruption, there are also many ways to prevent them. For example, enterprise class servers use error checking and correcting caches and memory to protect against single and double bit errors. System buses have similar protective measures such as parity. Communications going over the network are protected by checksums.

Trust But Verify

Fri, 06 Apr 2007 17:00:00 EDT

Some years ago, a small manufacturing firm was hijacked by its IT employees. They didn't use weapons, but they did commit murder: They killed the business. Unfortunately, they were aided and abetted by the company's own lax security policies.

EOS Cover Story — Linux Authentication Using PAM and LDAP

Wed, 18 Oct 2006 15:00:00 EDT

In an environment with more than a few Linux servers, managing users, groups, and other information securely across those systems is critical. Pluggable Authentication Modules (PAM) and the Lightweight Directory Access Protocol (LDAP) give administrators a way to accomplish this without having to distribute flat files or rely on RPC services, such as the insecure Network Information Service (NIS).

The Open Source Advantage in Secure Application Development

Mon, 24 Jul 2006 13:00:00 EDT

The security benefits and risks of Open Source code is one of the most debated topics in information security today. The views of proponents of the Open Source model are typified by Eric Raymond's argument that Open Source software is intrinsically more secure since its open nature lets a greater number of programmers view the source code and uncover potential security threats before they're released to the wild.