Office collaboration services look like 1985
Microsoft Outlook and Exchange server have been the staple for office collaboration for over 10 years, with a model that has been around since Novell and Lotus in the mid-80’s. Collaboration services are clunky, bloaty, and every IT administrator and techie hates both of them with a serious passion. […]

An audit framework for evaluating structured security program frameworks
How many readers implemented a new security plan for 2006 or 2007? How many had clients that implemented a new security program? Which frameworks were involved?
Possible frameworks (Criteria)

No structured security program, or one based around a single vendor or regulation
Mike Rothman’s Pragmatic CSO (P-CSO)
Gunnar Peterson’s […]

I love wikis. I’ve been working on a security portal at work and it just got so much better with the addition of embedded RSS feeds. With this extension, I’ve embedded the Security Whitelist and Aggregated Vendor and Security News Sites pipes on the front page. This gives our team the ability to check the […]

So your DNS team sends you the company’s entire domain name inventory in a CSV (comma-separated values) file. You’re tasked with port scanning those hosts, to perform a network inventory, discover rogue services and other policy violations. It’s simple to do this with a short list of domains and a small number of servers. For […]

Several people in the corporate IT security group where I’m interning this summer have been working hard on creating a program to educate users on the company’s acceptable use policies and some basic security awareness. They’ve done a great job and the stuff they came up with looks top notch. During lunch they’re out talking […]