Tips

Tips

Configuration and patch management

• Unix SSH example configurations that boost Unix security

  Using a Secure Shell (SSH) is a better way to manage Unix servers than command-line access or Telnet, and expert Joel Snyder details three simple modifications you can make in SSH to make your servers more secure.  Continue Reading

• How to avoid attacks that exploit a Web browser vulnerability

  Beyond patching, Tom Chmielarski explains what you'll need to do to avoid application exploits caused by Web browser vulnerabilities.  Continue Reading

• Windows patch deployment tools: WSUS 3.0 or third-party software?

  Gregg Braunton discusses Windows patch deployment tools and reviews when you should (and should not) use WSUS to send updates to your employees' workstations.  Continue Reading

• How to test Windows operating system patches

  Windows patch testing may be easy when it comes to applications like Outlook. Tom Chmielarski reviews how to test more difficult updates to the operating system.  Continue Reading

• What is the best Windows patch management procedure?

  There's no one-size-fits-all approach for deciding when a patch needs testing. Tom Chmielarski shares his thoughts on an ideal patch management process.  Continue Reading

• PCI DSS requirement: Building and maintaining a secure network

  The first PCI focus area requires a set of documented configuration standards, perimeter and endpoint protection.  Continue Reading

• Take four steps toward Macbook security

  Your organization may primarily be a Windows shop, but Macbooks are becoming popular among executives and Macintosh computer security must be understood.  Continue Reading

• How to fill patch management gaps using Microsoft MBSA

  Microsoft Baseline Security Analyzer examines and quantitatively summarizes the state of your organization's Windows security.  Continue Reading

• Assess your security state in five steps

  Prioritize your security spending by identifying how data moves and users interact, and what vulnerabilities exist in infrastructure, systems and applications.  Continue Reading

• Determine when to use a workaround rather than patch systems

  Vendor security patches sometimes unintentionally break production applications. Learn how to determine when your midmarket organization should employ a workaround, rather than patch immediately.  Continue Reading

• Auto shutoff switches save money, tighten security

  Learn how auto shutoff is a good way to secure unused network ports  Continue Reading

• Nipper audits routers, reveals insecure settings

  In this column, contributor Scott Sidel examines Nipper, a network infrastructure parser that helps security professionals keep routers and firewalls properly configured.  Continue Reading

• Automating the patch installation process

  In this Ask the Expert Q&A, our platform security expert discusses how to control patch installations for Microsoft applications. He also explains where to find resources that will help you manage this process.  Continue Reading

• How to prepare for security patch testing

  Learn what steps organizations can take prior to security patch testing to ensure a successful patch testing phase.  Continue Reading

• Maintaining data security when the employee base goes remote

  Mike Chapple reviews which security practices and policies need to be enforced when your employee base works entirely from home.  Continue Reading