Stories by: Roger A. Grimes

Windows 7 has been warmly received and swiftly adopted by businesses, with the result that many IT admins are now struggling with the platform's new security features. In addition to changes to User Account Control, BitLocker, and other features inherited from Windows Vista, Windows 7 introduces a slew of new security capabilities that businesses will want to take advantage of.

Considering how much valuable information is available in log files, you'd think more companies would pay attention to them. Workstations, servers, firewalls, appliances, and other computer devices generate reams of event logs every day, and despite mountains of evidence showing their practical, cost-saving uses, logs often go ignored. A good log management system can help significantly with security, application troubleshooting, compliance, and systems management. If that's the case -- and it is -- why do logs and log management sometimes still get a bad rap?

Windows 7 has been warmly received and swiftly adopted by businesses, with the result that many IT admins are now struggling with the platform's new security features. In addition to changes to User Account Control, BitLocker, and other features inherited from Windows Vista, Windows 7 introduces a slew of security capabilities that businesses will want to take advantage of.

McAfee's whitelisting protection for Windows, Linux, and Solaris is a software tool that allows network admins to restrict users' ability to mess up their own PCs - McAfee Application Control 5.0.

Apple's Safari, released for the Windows platform in June 2007, is the second newest browser on Windows, behind Google's Chrome. (Naturally, Apple's browser also runs on OS X, and on iPhone and iPod Touch devices in a mobile edition.) Safari leads the pack in anti-phishing filtering and pop-up blocking, but it also has many security weaknesses.

Many sandbox security vendors claim that their products stop all known and unknown attacks. Even assuming the ability to curtail all known attacks could be proven, it's simply impossible to believe that any piece of software could halt all unknown attacks. Of course, that doesn't prevent the vendors from making empty promises or the malware authors from proving them wrong.

The Internet is a scary place. Criminal malware lurks on legitimate and illegitimate Web sites alike, looking to steal your money one way or the other. Vendors have been scratching their collective heads attempting to make more consumers safer, more often. One of the results has been a class of anti-malware software that I call sandbox protection products. These items encapsulate Internet browsers (and e-mail programs and sometimes any other program you can run) within a virtual, emulated cocoon designed to keep malware from reaching and modifying the underlying host computer.

VeriSign is in many ways synonymous with managing the Web, thanks to its handling of key DNS root servers and of name resolution for .com, .net, and other domains. In recent years, it's had both strong ups and strong downs.

Version 3.0 of BackTrack has been released. BackTrack is a Linux-based distribution dedicated to penetration testing or hacking (depending on how you look at it). It contains more than 300 of the world's most popular open source or freely distributable hacking tools.

The news media is full of stories about e-mails and documents that were better off not sent. Last year an airline CEO accidentally sent an ultra harsh e-mail to complaining customers, the text of which was obviously not intended for the customers. Frustrated employees frequently send embarrassing internal memorandum to public news sources. And is there an e-mail user who hasn't regretted accidentally sending an e-mail to an unintended party? Whether e-mail or documents are sent intentionally or not, it is clear that content intended for a restricted audience is being shared with unauthorized parties on a regular basis.