Strategy: How Cybercriminals Choose Their Targets and Tactics

April 17, 2013

They are out to get you, make no mistake. But there are things you can do to make sure that your organization is unappealing to a cybercriminal bent on finding easy pickings. The key is to understand what cybercriminals are looking for and how they go about the business of infiltrating vulnerable systems and networks.

Strategy: Securing The Mobile User

April 17, 2013

The complexity of managing mobile devices should get easier going forward, but that's not the case right now. As traditional laptop PCs continue to die a slow death, most IT departments will be forced to alter the way they approach client management. Despite the growing popularity and acceptance of the bring-your-own-device -- or BYOD -- movement, there are a number of things working against IT. Fortunately, there are also a number of tools, some of them free, that security professionals can use along with strong policy and best practices to close the enterprise mobile security gap.

Strategy: How Cybercriminals Choose Their Targets and Tactics

February 05, 2013

They are out to get you, make no mistake. But there are things you can do to make sure that your organization is unappealing to a cybercriminal bent on finding easy pickings. The key is to understand what cybercriminals are looking for and how they go about the business of infiltrating vulnerable systems and networks.

Strategy: How to Get Your MSSP In Line With Expectations

December 26, 2012

A managed security service provider should lift at least some cost and resource burden from the IT department's shoulders. But what if it doesn't? What if you aren't any more secure after entering into a contract with an MSSP? And how do you even know if it's doing everything it promised? There is an art to managing the MSSP relationship after the initial deal is done. In this report, Dark Reading provides recommendations for testing the mettle of MSSPs and for dealing with providers if their performance isn't up to snuff.

Best Practices: 6 Steps to Developing a Risk-Based Security Strategy

December 18, 2012

If there’s one thing that’s true about security, it’s that an organization can never be completely secure. The trick is to determine what’s most valuable to your organization, and how big the threats to those assets really are. That’s putting risk-based management simply, but it doesn’t have to be complicated. In this report we provide some perspective around risk-based security, as well as recommend some best practices for developing and effectively implementing a program.

Fundamentals: Cloud ID Management

November 15, 2012

Worried about controlling access to all the cloud applications your employees use? IT has a variety of options to help manage cloud-based identities, including Active Directory synchronization, federation and purpose-built cloud services that provide single sign-on for online applications.

A Guide to Security and Enterprise Directories

November 13, 2012

Security isn't necessarily the first thing people think of when they consider enterprise directories. But directories can be used in a number of ways to tighten and extend your organization’s security. In this report, we examine enterprise directories -- through the lens of Microsoft Active Directory -- and their potential as a solution for a wide array of security initiatives.

Windows 8 Survival Guide: Server 2012

November 12, 2012

With all the hoopla surrounding Windows 8, the recent release of Server 2012 is flying way under the radar. And that's a shame, because it has a lot to offer. Here are five features that could tempt you to jump sooner rather than later--and five that shouldn’t sway you.

Windows 8 Flop Wouldn't Doom Server 2012

October 26, 2012

Even if Microsoft's new OS was a complete disaster, like Vista, enterprise IT can be assured that Windows Server 2012 will continue to thrive.

| Read Article »

A Guide to Network Vulnerability Management

October 18, 2012

Building a more robust network vulnerability management program can help you identify security holes before an attacker does, as well as develop more secure systems and applications in the future. In this Dark Reading report, we examine the products and practices that will get you there.

Design on a Dime: VDI

October 18, 2012

Virtual desktops are a proven way to provide remote access to applications that are difficult or expensive to deliver using other means. In this report, we'll provide a comprehensive analysis of what it might cost to deploy a 50-user VDI infrastructure using services from Citrix, Microsoft and VMware.

Strategy: Keeping DNS Services Safe And Operational

October 18, 2012

If DNS is down--for whatever reason--your business is hobbled. IT pros must understand what makes DNS work and what can cause it to fail, including hackers targeting the inherent weaknesses in the service. In this Dark Reading report, we'll detail what you need to worry about when it comes to DNS and provide recommendations for protecting your environment against DNS problems.

Single Sign-On For The Cloud

October 10, 2012

Worried about controlling access to corporate cloud apps? There's an app for that.

| Read Article »

5 Reasons To Like Windows Server 2012

September 24, 2012

Microsoft has packed in plenty of features to help solve pressing business problems.

| Read Article »

Strategy: Achieving Compliance in the Smart Grid

September 21, 2012

In most industries, compliance mandates can feel like more of an annoyance than a necessity. In the energy business, strict compliance mandates could be all that stands between business as usual and a catastrophic, long-term power outage. Standards regulating the smart grid, are rightly stringent and often difficult to meet, but they can be modified and leveraged by organizations in all industries to lock down corporate and customer assets.

Strategy: Lessons Learned From Duqu

September 21, 2012

After Stuxnet, security researchers wondered what was next. It was Duqu, a sophisticated piece of malware dubbed the 'steal everything' virus for its ability to strip a computer system clean. While your organization may be able to avoid Duqu itself, variants and copycats are real, imminent threats.

Windows Sever 2012: 3 Key Changes

September 04, 2012

Microsoft Windows Server 2012, a significantly revamped server OS, launches Tuesday. Our hands-on look explores some of the worthwhile changes for enterprise IT.

| Read Article »

Strategy: Threat Intelligence: What You Really Need to Know

July 23, 2012

If there was ever a time when threat intelligence could be put on autopilot, that time is over. With the increase in advanced, multidimensional threats, organizations can no longer depend solely on existing gateway tools to weed out nefarious activity. More and more organizations are considering development of an in-house threat intelligence program, dedicating staff and other resources to deep inspection and correlation of network and application data and activity. In this report, we will examine the drivers for implementing an in-house threat intelligence program, the issues around staffing and costs, and the tools necessary to do the job effectively.

5-Step IaaS Migration Plan

April 30, 2012

SMBs have saved big buying complex software on a subscription model. Here's how to determine if infrastructure services can pay off, too.

| Read Article »

Windows 8 Server: Hands-On First Impressions

March 27, 2012

Microsoft talks up every release of Windows Server as the best ever. But based on our first experience with Windows 8 Server, some key changes deserve your attention.

| Read Article »

Strategy: FISMA Lifts All Compliance Boats

March 07, 2012

FISMA may not be on your radar now, but it likely will be at some point. Geared specifically toward the federal government and its affiliate agencies and third parties, FISMA is a very specific set of requirements aimed at establishing and maintaining at least a baseline level of computer and network security. FISMA requires unique categorization and classification of information assets, not to mention a boatload of documentation to prove compliance. But once your organization achieves FISMA compliance, it will likely be compliant with just about every security mandate out there.

Fundamentals: Cloud vs. In-House IT: Spend Smart in 2012

February 17, 2012

Are you maintaining extra in-house capacity to handle demand spikes that rarely materialize? Cloud services can help meet scale-out computing and storage needs, but the rent-vs.-buy decision is about more than just elasticity. It's about using the money you have in the most efficient manner to provide the services the business needs in an agile fashion.

Strategy: Smartcard Security

February 02, 2012

Recent compromises of smartcard data have exacerbated concerns about the technology’s privacy, security and standards (or lack thereof). Yet the promise of smartcards is too compelling to ignore. New technologies and applications prompt us to take a fresh look.

Windows Server 8: An Inside Look

December 19, 2011

We drill into the good and bad of Microsoft's forthcoming OS and share exclusive survey results on IT deployment plans.

| Read Article »

6 Steps To A Private Cloud

November 14, 2011

A phased data center upgrade makes technical and financial sense.

| Read Article »