IT Security


EPA contracts support aggressive move to cloud computing

The Environmental Protection signs contracts that will help meet its goal of having 80 percent of its computing in the cloud by 2015.

Government reach for secure electric grid exceeds its grasp

The government efforts to secure the nation’s electric grid from cyberattack are hampered by a cumbersome regulatory system and inadequate enforcement, a Senate panel is told.

Federal ID cards: Iris imaging in, fingerprint swiping out

NIST proposed new options for using iris recognition as an alternative to fingerprints in federal Personal Identity Verification.

Do you understand your mobile risk portfolio?

In order to manage your mobile risk portfolio, agencies should start an analysis of mobile demand across different employee segments.

Too tired to vote? Don't hit that touch pad.

As a N.C. state legislator found out the hard way, errors caused by workplace fatigue can have decisive and sometimes irreversible results.

Like it or not, password management is a must

As more of our life moves online we still are looking for an identity management scheme that is practical, secure and scalable. Don't hold your breath.

3 free tools to help manage your passwords

Effective security requires managing passwords, which can be a daunting job. Fortunately, help is available.

Yahoo hack: Strong passwords don't have to be hard

The theft of Yahoo passwords, including those of government users, highlights the problem with weak authentication. But it doesn’t have to be that way.

Analytics platform helps agencies fight cyber crime

SAS Security Intelligence platform uses a common infrastructure to detect and prevent threats across government agencies and industry.

PIV card specs to account for mobile, other new factors

Proposed changes in FIPS 201 reflect changes in the technology and environment in which the federal PIV cards for government workers and contractors are used.

Microsoft issues fix for XML flaw targeted in zero-day attacks

The patch for the XML Core Services flaw doesn't yet cover every version, but it does cover the version being attacked.

Mobile security guide catches up with smart phones, BYOD

NIST's revised guidance sharpens the focus of the original publication, released in 2008, excluding laptops and low-end cell phones, and covering both enterprise-issued devices and BYOD.

'Destructive' cyber attacks ahead, NSA's Alexander warns

The National Security Agency chief wants network-speed info sharing with the private sector to protect critical infrastructure, but insists NSA won't have time to read your e-mail.

When storms attack, Smart Grid could reduce outages, speed recovery

Bad weather in the past year has done what terrorists haven’t managed – disrupt power for a week or more at a time. Officials say Smart Grid technology could ease the pain.

Managing mobile security: There's no such thing as a free app

Trojan apps are the primary means of infecting mobile devices; the good news is that you can prevent installation of malicious apps on your device.