General: August 2004 Archives
An article from searchwindowssecurity.techtarget.com reports on companies making the effert and taking the PR hits to become more secure. This includes banning user's personal equipment including home computers, and providing web portals for users to access mail rather than having a full vpn connection. The article also talks about endpoint complaince such as that provided by infoexpress.
I'm taking an online class in a Information Security Masters program. One of the classes this fall is using a program called Tegrity to broadcast recordings of course lectures. The problem is that the program requires the use of Microsoft Virtual Machine. The Microsoft VM is rather buggy and not a lot of development goes into it. The only reason it is supported at all right now is because MS paid Sun a billion dollars. The current version of the Tegrity program doesn't have this problem. It uses the Sun JVM which incidently makes it available with more Operating Systems and browsers.
I went ahead and bit the bullet and installed the MS VM. They didn't bother telling me they were installing a vulnerable version. It installed build 3805. I let SMS update me to build 3810 when I got to the office the next day.
You'd think a information security program of study wouldn't require me to install insecure software.
I recertified my GIAC certification in Securing Windows this week. According the the certification description, GIAC Certified Windows System Administrators (GCWNs) have the knowledge, skills and abilities to secure and audit Windows systems, including add-on services such as Internet Information Server and Certificate Services.
