Remote wipe can be managed using third-party mobile device management platforms. The remote, segmented wipe capability is significant, Henry says, noting the number of pending lawsuits brought by employees against their employers for mistakenly deleting personal data from their devices. Windows 7 customers will migrate to 8. Businesses still running XP have made the decision to forego the security benefits of a newer operating system because XP still is sufficient for their organization, or they lack the financial resources to upgrade.
The migration will happen once XP is no longer enough, or the organization needs the new features. Fahmida Y. Rashid is a journalist with 10 years of experience covering information security and technology issues.
Earlier in her career, she spent a decade as a network administrator and software developer. From heightened risks to increased regulations, senior leaders at all levels are pressured to improve their organizations' risk management capabilities. But no one is showing them how - until now. Learn the fundamentals of developing a risk management program from the man who wrote the book on the topic: Ron Ross, computer scientist for the National Institute of Standards and Technology.
In an exclusive presentation, Ross, lead author of NIST Special Publication - the bible of risk assessment and management - will share his unique insights on how to:.
Sign in now. Need help registering? Contact support. Contact Support. Create an ISMG account now. Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.
Sign In. Create an Account. Become A Premium Member. All Topics. ATM Fraud. ACH Fraud. Social Media. Cybercrime as-a-service. Account Takeover. Insider Threat. Risk Assessments. Vendor Risk Management. Remote Workforce. Operational Technology. Security Operations. DDOS Protection. Cloud Security. Privileged Access Management. Breach Notification.
Digital Forensics. Endpoint Security. Device Identification. Internet of Things Security. Next-Gen Security Technologies. Big Data Security Analytics. Application Security. Threat Modeling. Threat Hunting. Threat Intelligence. Infrastructure as Code. Threat Detection. It sounds like an interesting alternative to traditional passwords, however, the robustness of the system remains to be seen.
An interesting new security feature could be hidden in the Windows Reader, the new integrated document reader for Windows 8.
This reader supports PDF documents, a format that has become very popular as an attack vector. Including a lightweight reader within the OS that would be patched using the regular Windows Update process could potentially increase the default security of the platform, by reducing the need of potentially insecure applications or plug-ins. Address Space Layout Randomization ASLR was introduced in Windows Vista and is essentially a technique to mitigate the infamous "Buffer Overrun" vulnerabilities by randomly moving the location of code and data in memory.
Other mitigations include changes to the Windows kernel and heap, including new integrity checks and randomization using a similar approach to ASLR. These following features will only be available to the business-oriented Pro and Enterprise versions of Windows Bitlocker is the full-disk encryption solution Microsoft introduced in Windows Vista and then extended to removable drives with Bitlocker To Go in Windows 7. Not much has changed from the previous version, but it will now include the option of backing up the encryption key of Bitlocker To Go to a SkyDrive Account.
EFS is Microsoft's original solution for encrypting individual drives, folders or files. It was originally introduced nearly twenty years ago in the Windows NT family of products, but now it's been largely overshadowed by Bitlocker, Bitlocker To Go, and a number of free encryption alternatives. As usual, these two features are the ones that mostly differentiate the consumer version of Windows from the business-oriented version.
The ability to become a member of an Active Directory domain is critical for a centralized managed environment. Once joined, administrators can create and apply Group Policy Objects to members of the domain and control many aspects of their operation, including security.
Windows 8 introduces new policies specific to the new OS:. Finally, organizations with Software Assurance agreements will have access to Windows 8 Enterprise, which includes the following security features:. Applocker is Microsoft's solution for application control. This solution was introduced in Windows 7 and works with either blacklists or whitelists of applications.
With Applocker, an administrator can create policies that restrict or allow specific applications from being installed or run by users. In Windows 8 Applocker evolves in order to manage both traditional desktop applications and the new Metro apps. DirectAccess connections don't require launching an additional application to connect and can help organizations maintain compliance on remote or mobile computers by applying policies and patches seamlessly.
This feature doesn't appear to have changed much from the previous version introduced in Windows 7. In an age where signature-based technologies will not be useful in protecting against these cyberattacks, Abhishek remarked. As such, other security technologies which go beyond perimeter defense must be used along with Windows 8, he advised. For example, having a security tool which can catch an attack in real-time, based on behavior, will complement the security offerings in Windows 8, he suggested.
Vulnerabilities exist on Win 8 Sentonas pointed out vulnerabilities were discovered in the Windows 8 preview release. Even though some of these were also present in older operating systems and applications, the fact remains there will be vulnerabilities in the new OS and attackers will try to exploit them, he cautioned. He noted that Vupen, a French penetration-testing company, last week found a way to bypass security mechanisms of Windows 8. ELAM is also based on loading a trusted module during the boot process until the full antivirus engine is loaded, Abhishek added.
However, there were cases where valid certificates of Microsoft and Adobe had been used by malware, which were able to evade antivirus scanners, he said.
I've changed the way I charge my iPhone. You should, too. Time for a Linux smartphone? Developers are in short supply. Here are the skills and programming languages employers need. Windows Do these six things right away after you finish setup. The painful shame of owning an Android phone. If you use Google Chrome, you need to install this now.
0コメント