What We're Reading, Week of 4/25

Computerworld, iPads run amok: Does your company need a tablet policy? PCWorld, New password encrypts like no other USA Today, Visa exec: data thieves still hungry, active despite tighter security ITBusinessNet, 5 Security Tips for Your Smartphone or Tablet ITBusinessEdge, The Social Engineering Factor in Security...

What We’re Reading, Week of 4/25

Computerworld, iPads run amok: Does your company need a tablet policy? PCWorld, New password encrypts like no other USA Today, Visa exec: data thieves still hungry, active despite tighter security ITBusinessNet, 5 Security Tips for Your Smartphone or Tablet ITBusinessEdge, The Social Engineering Factor in Security...

What You Need to Know about Branch Networking: Central Management

Last week’s post on Branch Networking focused on High Availability, so this week we’ll take a dive into central management. As a quick overview, a central VPN management system is required for effective networking of branch offices. Even if there are only a few branch offices, the time and money that have to be spent on local network administration is out of proportion, especially with M2M networking. Central management automates the management of remote / branch office VPN gateways. So the more VPN relevant systems the central management contains, the simpler and more manageable the network becomes for administrators. Of course, management should include configuration and software updates – but it should also include managing of digital software or hardware certificate rollouts, an LDAP console for identity and rights management, and security monitoring of the end-devices (Network Access Control / Endpoint Security). Example Authentication We know a VPN system secures all data transfers in an encrypted tunnel. However, sealing this communication has to take place as early as Internet dial up, which is the most frequent point of vantage for hacker attacks. The core problem is how the branch offices authenticate towards the central gateway. One possibility for authentication are pre-shared keys, another is the use of certificates. For security reasons, certificates are the better option because they can be adapted. This means old certificates can be locked and new ones can be issued. Certificate handling has to be organized; i.e. if one certificate expires, the VPN management should offer automatisms that request and issue new certificates. Often, there’s another security requirement is simply overlooked. The firewall must only...

What We're Reading, Week of 4/18

Financial Times, Human Resources Goes Technical InfoSec Island, The Rise of Smartphones and Related Security Issues NetworkWorld, Verizon study: Data Breaches Quintupled in 2010 eWeek, Oak Ridge National Laboratory Breached by Phishing Email, IE...

What We’re Reading, Week of 4/18

Financial Times, Human Resources Goes Technical InfoSec Island, The Rise of Smartphones and Related Security Issues NetworkWorld, Verizon study: Data Breaches Quintupled in 2010 eWeek, Oak Ridge National Laboratory Breached by Phishing Email, IE...