The 6 million passwords stolen from LinkedIn have once again put password security in the news. Among the recommended practices, forcing users to change their passwords every 60 or 90 days comes up tops. This measure crystallizes users’ anger as it creates a strong and inevitable restriction. But is it the only effective measure? The subject is a hot topic for debate within the information security community, and the answer isn’t so clear-cut, even for Bruce Schneier.

The perception that Apple mobile devices are more secure than others might, for the time being, be true, but there is good reason to believe that this relative safety may be short-lived. 

This week, a piece of security news was in the spotlight – the publication of a report commissioned by French governmental organization, Hadopi. What security and information systems managers expect from their firewalls was clear: to block the threats mentioned in this report. But let’s take a look at what more can be done. 

So you've finally taken possession of that new 3rd generation iPad, revelled in the beauty of its "Resolutionary" display and are now wondering how you can securely connect it to your organisation's network.

With small and medium businesses accounting for 44% of all global IT spend in 2012 (Gartner: Agenda for Small and Midsize Business Go-to-Market Strategy, 2012), equal to $900 billion and estimated to surpass $1 trillion in 2014, everybody wants a piece of the SMB market and security vendors are no different. The prevailing logic is that small businesses need almost the same level of protection as larger Enterprises, but made simpler, since they probably don’t have the dedicated IT staff - let alone security specialists – to manage it. This has resulted in most vendors offering stripped down versions of their Enterprise portfolios with fewer options and less horsepower.
But is this really what SBs need?

As we saw in A brief history of firewalls and the rise of UTM, many layers have been added to the humble firewall in the last 15 years. Where today’s UTMs and Next Generation Firewalls tend to differ, is in their handling of intrusion prevention and application control.

As if protecting resources in the age of BYOD wasn’t already hard enough, the beleaguered unsung heroes of corporate IT security increasingly have to look beyond the plethora of user-access devices and consider the security of equipment such as printers, fax machines, and even the routers and switches from which the network is built.

GUEST BLOG by RICHARD STIENNON
In this guest edition of our blog, security expert and Chief Research Analyst for IT Harvest, Richard Stiennon, offers a sneak preview from his forthcomming book, Cyber Defence: Countering Targeted Attacks

 Now the dust has settled, what will happen next?
Last weekend, there was a lot of media noise about the shutdown of Megaupload.Even the US and French presidents have chipped in, although they perhaps weren’t expecting such strong reactions from Anonymous and their operation #OPMegaUpload.
While it’s not for NETASQ to take sides in the debate over digital rights, we nevertheless have a role to play, since we design, manufacture and sell solutions which our customers expect to help them stay the right side of the law. We therefore have to provide the tools to block unwanted sites including those potentially hosting illegal downloads.

Photo courtesy of John Palmer