Stories by Mathias Thurman

Security Manager's Journal: NAC deployment means better access control at last

The deployment has already revealed a whole lot of devices that don't meet the criteria for getting on the corporate network.

Security Manager's Journal: Plans and processes are made to be revised

The company's incident-response plan needs to be updated. That's normal -- no plan is carved in stone.

Security Manager's Journal: A little housecleaning

Our manager finds the time and opportunity to cross a few nagging items off of his to-do list.

Leaked BlackBerry roadmap reveals two phablets, widescreen tablet in coming year

BlackBerry plans to release a larger tablet and two phone-tablets, or phablets, over the next year, according to a leaked roadmap presentation slide.

Security Manager's Journal: R&D's new security lab is a promising step

It's a great thing when a security manager doesn't have to go into battle mode every time a new corporate initiative emerges. When other departments show signs that they aren't putting security last, I can relax a bit. But just a little bit. Even in those cases, I want to have input.

Security Manager's Journal: Spam makes a comeback

Out of the blue, phishing attacks previously caught in the spam filter are getting through to employee inboxes.

Security Manager's Journal: Did DLP tool prevent an assault?

Our manager's data loss prevention tool flags some incriminating keywords that lead to discovery of a possible criminal conspiracy.

Security Manager's Journal: When technologies collide

An encryption initiative runs into the law of unintended consequences, since the legal department can't search encrypted emails for e-discovery purposes.

Security Manager's Journal: Tracking down rogue IT

Some call it "shadow IT," but I am among those who call it "rogue IT." Both terms refer to information technology that has made its way into an organization without proper approval.

Security Manager's Journal: Not-so-innocent email distribution lists

Is everything a potential security vulnerability? Is there nothing that a security manager shouldn't look at with suspicion?

Security Manager's Journal: A reality check for the department's maturity

An assessment of the information security department shows that it has a lot of growing up to do yet.

Security Manager's Journal: Security has to extend to your customers

When a security manager's company sells software, he can't ignore the potential vulnerability of those products.

Security Manager's Journal: I hired a hacker

Our manager has some cleaning up to do after a third party's penetration testing uncovers some disturbing findings.

Security Manager's Journal: DLP tool is suddenly blind to email

Data leak prevention can't be effective if it can't see any Exchange mail on the network. What happened?

Security Manager's Journal: Closing off a hole in Outlook

With Outlook Anywhere, users can download their mail to untrusted PCs and leave sensitive documents behind.