Full RSS Feed
Receive
the Free CMSWire NewsletterSecurity is the big concern this week on the GRC front with Big Blue closing the BigFix deal that offers them better enterprise and database security, while Adobe also looks to the security of Adobe Reader with a new sandbox solution. Meanwhile, SAP and CA also get together this week for a combined GRC solution.
Adobe Reader Climbs Into New Sandbox
For those with probably justifiable concerns about using PDFs, Adobe (news, site) has just announced that it is to add an additional layer of protection against PDF attacks by using sandboxing technology that will isolate code from the rest of the computer.
As of the next release of Adobe Reader for Windows, Adobe will be adding a ‘Protected Mode’ which will be enabled by default and will also be included in Reader plug-ins for all major browsers.Adobe says that the new sandboxing feature will keep all PDF operations locked into a single area and prevent outside applications altering, installing or deleting files, accessing processes or making changes to the operating system.
While Reader will be able to communicate with the operating system applications running in the program, it will not be able to work outside of the sandbox so if malware gets into your computer through Reader, it will not be able to leave the sandbox. At the moment there are no plans to add this feature to the Macintosh version.
Adobe says the idea is taken from Microsoft's Practical Windows Sandboxing and follows protected views in Microsoft Office 2010 and Google Chrome.
IBM Adds BigFix Security
IBM has just announced that it has finally closed the BigFix deal, which sees Big Blue reportedly paying US$ 400 million to acquire BigFix‘s smart data center and security initiatives.
According to the announcement, BigFix will become part of the IBM (news, site) Software Group and will provide software that will intelligently secure enterprises by managing and automating security and compliance updates on thousands of computers around the globe.
BigFix software is also critical to IBM's automation portfolio that controls the ever-expanding data center, including PCs and laptops, in addition to servers, software, storage and physical assets. With BigFix software, IBM customers can manage
- Security by design
- IT Compliance
- Energy and resource consumption
BigFix is the 11th security-related company acquired by IBM since 2006.
Iron Mountain Analyzes SaaS Risk
From PDFs, we move to SaaS as Iron Mountain (news, site) publishes its latest survey on SaaS security and protection strategies in the Softletter SaaS Escrow Report — a study conducted by Softletter on behalf of Iron Mountain to investigate all aspects of software as it relates to SaaS.
The report covers everything from SaaS application usage, value and risk perceptions associated with SaaS application adoption to the forecasted use of SaaS applications, and the awareness and prevalence of SaaS escrow (intermediary) services. The report's key findings include:
Continue reading this article:
Email It
