-
Understand role-based access control in Microsoft Excha
Role-based access control in Microsoft Exchange Server 2010 enforces the principle of least privilege, and allows companies to delegate email management efficiently.
-
Intelligent threat management podcast
Listen to this podcast featuring security guru Joel Snyder to find out how and where to spend your security dollars to make the most impact. Learn unique ways of leveraging existing threat manageme...
-
Five NAC-like endpoint settings enforced with group pol
Complexity and cost may keep you from investing in NAC. Fear not, endpoint integrity enforcement, for example, can be achieved through directory group policies.
-
Five things to do before your first PCI DSS compliance
Put these steps in motion before your organization's first PCI DSS compliance audit.
-
Take four steps toward Macbook security
Your organization may primarily be a Windows shop, but Macbooks are becoming popular among executives and Macintosh computer security must be understood.
-
How to detect malicious insiders by monitoring antiviru
Antivirus logs can be a low-cost, low-effort approach for resource-strapped companies to look for threats posed by malicious insiders.
-
Windows Firewall with Advanced Security beefs up Window
Windows Firewall with Advanced Security extends security to Windows 7 and Windows Server 2008 end users.
-
How to maintain network control plane security
Use access control lists and secure configurations to maintain the security of your organization's network control plane.
-
Validate your perimeter network security devices are wo
Validation tests on your perimeter network security tools such as antimalware can help identify security gaps and misconfigurations.
-
How to examine a DD image on Windows or Linux
A slew of open source and commercial tools will help you examine a DD image on either Windows or Linux.
-
Locking down Windows Vista User Account Control
Windows Vista's User Account Control feature can effectively lock down users' desktops and prevent malicious processes and applications from executing. However, it's not exactly the perfect defense...
-
How to automate and apply Microsoft Windows 7 AppLocker
Microsoft Windows 7 AppLocker enables administrators to automate rules generation, but proceed slowly to get a feel for its whitelisting capabilities.
-
Using Windows 7 AppLocker for whitelisting applications
Windows 7 AppLocker is Microsoft's latest tool to help organizations block the execution of unwanted applications on endpoints.
-
How to choose an external compliance auditor
Headed for a PCI DSS, HIPAA or Sarbanes-Oxley audit? Picking the right auditor is a key decision; select one who becomes a business partner, ally and educator.
-
PCI DSS: Writing an information security policy
The final set of PCI requirements relates to maintaining a security policy, and also addresses awareness training, personnel screening and managing service provider relationships.
-
Tradeoffs and advantages of network access control with
Microsoft NAP's endpoint security policy compliance checks and integration with third-party security products make it an attractive option over traditional network access control solutions.
-
Should you disable IE ESC, or manage it in Windows serv
Internet Explorer Enhanced Security Configuration (IE ESC) locks down IE on Windows servers, but admins often disable it.
-
How to choose full disk encryption for laptop security,
Full disk encryption is becoming a priority for laptop security in midmarket companies because of regulatory compliance and fear of data breaches. Consider central management, ease of deployment, u...
-
PCI DSS requirement: Monitoring and testing security
The fifth focus area of PCI-DSS requires regular monitoring of systems and activity, as well regular testing of controls.
-
How to create a bit-image copy of a live server
Part of your incident response plan should include the creation of a bit image copy of a live server. Free and open source tools are available to simplify this process.
-
Assessing Windows Phone 7 security features
Windows Phone 7 security features are proving to be a mixed bag. Sam Cattle assesses the enterprise security pros and cons of the latest Windows mobile platform.
-
Which security certifications are best for your career?
Whether starting your career or planning your next step as an IT security professional, this tip will guide you toward the best certifications for your interests and experience.
-
An SMB security risk assessment in five steps
Assessing your organization's security threats and risks takes just five steps, says Robbie Higgins. Check out his quick guide to the SMB security risk assessment process.
-
Nmap, Nessus, Nikto for do-it-yourself pen tests
Nmap, Nessus and Nikto are penetration testing tools that security operators can use to conduct pentests on their networks and applications.