Archive for February, 2009

Intellectual Property Protection: Part 2

In my previous blog entry I raised the issue that intellectual property is the “bread and butter” of most businesses and that many information security practices have could add considerable value to the organizations they serve by stepping in to better identify and safeguard such information. Despite the importance of intellectual property to businesses, information security practices’ strategies, policies and standards too often omit any specific mention of intellectual property and the need to safeguard it. Don’t get me wrong—terminology such as “proprietary,” “sensitive, and “confidential” information runs rampant, but such terminology misses something that is very important, namely that some kind of information (intellectual property) is the company’s life blood. I thus highly recommend that information security practices initiate concerted efforts to locate such information, wherever it exists, and to initiate efforts to create and assign special levels of protection for it. Creating a special “intellectual property” classification for such information would serve as an excellent start. Read more…

Categories: Uncategorized Tags:

Intellectual Property Protection: Part 1

Intellectual property in loose terms means the output of original thinking. Intellectual property thus (among many other things) includes inventions, engineering, industrial and other types of designs, research data, artistic and literary works, symbols, designs, images, and names that are used for business purposes, and patents, copyrights and trademarks. From a practical perspective, intellectual property is any type of information that may prove of benefit to a company, but that is also likely to attract the interest of and potentially prove of benefit to that company’s competitors. Read more…

Categories: Uncategorized Tags:

Bye Bye High Tower Software – Part 1

Before coming to Emagined I worked for High Tower Software for nearly three and a half years. Although I have worked on several software projects in the past, I had never before worked for a software company. Lamentably, High Tower’s investors shut down High Tower on November 24 last year. Working in the software industry taught me some very valuable lessons, however. I would like to share some of the most important ones with those who work in this arena: Read more…

Categories: Uncategorized Tags:

Internet Troublemakers: Did They Get a Fair Shake?

Not too long ago several upstream Internet providers (e.g., Hurricane Electric) severed Internet service provider (ISP) McColo’s connectivity, leaving McColo’s customers isolated from the Internet. Why? Evidence indicated that McColo allowed numerous compromised and infected systems with botnet command and control functionality to send a huge volume of Internet spam that may according to estimates have amounted to between 65 and 75 percent of all Internet spam. Since McColo was taken offline, the volume of Internet spam traffic has diminished by approximately the same amount. Many Internet security researchers believe that McColo is the last of the major ISPs that cause widespread spam as well as widespread security problems. Intercage, another ISP, suffered the same fate for the same basic reason, although the Intercage takedown understandably received far less publicity because Intercage is a considerably smaller ISP. Read more…

Categories: Uncategorized Tags:

The New US Cyber Security Initiative: Will it Work?

With President Obama’s becoming the US president comes a widely supported mandate for change  His intense efforts to get an economic stimulus package passed have very understandably overshadowed important efforts in other areas, including in the cyber security area. Still, the Obama administration appears to have a strong commitment to improving cyber security, as evidenced by his announcing initiatives such as funding a safe computing research and development effort designed to identify ways to strengthen security in US computers, networks and applications, working with the commercial arena in safeguarding this country’s IT infrastructure, cracking down on computer crime, and strengthening the government’s leadership in the cyber security area. One of the key components of this last initiative is a government cyber security advisor who will coordinate national cyber security efforts. That fact that this person will report directly to the president indicates in many people’s thinking just how serious President Obama is in attempting to improve cyber security. Read more…

Categories: Uncategorized Tags:

Unified Threat Management Technology

The information security arena has seen a rapid proliferation in the number and types of commercial and open source tools that are available to help mitigate risk. With this trend has come a movement over the last few years to create and offer “unified threat management” (UTM) products, “all-in-one” style products designed to preclude the need to evaluate and buy one type of product for one particular purpose, then buy another for another purpose, and so on.

UTM products were originally the result of consolidating tools such as anti-virus tools, anti-spam tools, personal firewalls, and also other types intended to run on desktop systems as a single product. UTM has since been expanded to include appliances that offer network firewall functionality, intrusion detection, intrusion prevention, network access control, and more. Increasingly, whenever a new security technology emerges, UTM product vendors seem to scramble to find a way to integrate this technology into their products, and there appears to be no end in sight for this trend. Read more…

Categories: Uncategorized Tags: