Security News & Articles

Arizona-based ICM Document Solutions has announced an upgrade to its document management software that specifically addresses client-identified concerns of risk mitigation and quality management.

For most of us, a good day is being able to go about our business without any annoyances getting in our way. Unfortunately, when your business involves the Internet, mere annoyances rate much higher on the "good" scale than, say, discovering your Web CMS was hacked at least six months ago and you've been leaking critical user data like a sieve.

If that user data involves sensitive information such as medical data, credit card numbers, bank account information or anything else that is subject to either regulations or sleepless nights over losing your shirt, you should at least investigate security add-ons.

There are probably a lot of clients of the SaaS document management company NetDocuments (news, site) that will be glad that the company has decided to team-up with security giant RSA by entering the RSA Secured Partner Programme.

The long-running program established by RSA is a technology alliance that brings together over 300 companies with over 1000 complimentary solutions.

So what’s the big deal with NetDocuments, you ask? Well this partnership will add an extra layer of security to the already substantial security checks in place to protect documents that are being held by NetDocuments.

Fear of being having your site go down from too much traffic is a common fear for the smaller business. BrowserMob is here to prevent that.

Mashups may be all the rage, but can expose the enterprise to all manner of security risks. Enter the OpenAjax Alliance (news, site) and its new standard for more secure mashing.

Over the last few months, there has been a great deal of activity at the most senior levels of the US Government discussing the use of persistent cookies on federal agency web sites. If you are a Federal Web Manager or Web Analyst, you are painfully aware of the constraints on using cookies and the limitations it causes to a more accurate definition of unique visitor, and some of the more advanced segmentation features available in web analytics solutions.

As part of a greater effort to open up policy discussions, the White House, Office of Science and Technology Policy is taking public comment on the Federal Policy on Cookies as well as other issues impacting use of the Web.

Google (news, site) is taking another step towards real competition with Microsoft in the productivity solutions department. They have announced Google Apps Directory Sync -- the ability to provision users and groups from your own internal directory services be it Active Directory, Lotus Domino or another LDAP solution with your Googe Apps accounts.

Do you know what’s happening in your SharePoint environment? Do you know where you most sensitive data is stored. Do you know how secure it actually is?

The chances are that if you have deployed SharePoint, somewhere in your data repositories there is information that, if compromised, is going to cost you more than just a headache.

With this in mind, and with the growing threat to this data from unauthorized access, EMC Corporation's (news, site) security division RSA has unveiled three new solutions that could go a long way to putting your mind at ease.

Unveiled at the RSA Conference 2009 in San Francisco today, the combined solutions will secure critical information, identities and infrastructure, while at the same time ensuring full use and availability of your SharePoint platform.

Content may be king, but unless its secure, it will behave like more like the Joker in your Enterprise CMS rather than the King.

And with the number of security threats on the web growing, Enterprise Content Management (ECM) companies like Open Text (news, site) are working hard to see what solution they can develop to close the back-door on their systems.

This week, Open Text has announced the immediate availability of the latest version of their security solution -- Open Text SOCKS Client -- an enterprise-grade SOCKS V4 and V5 client.

With the amount of sensitive content floating around enterprise content management systems it is hardly surprising that ‘security’ is becoming an increasingly important issue, especially given the number of companies that are beefing up their web presence.

Only last week, US data and email security firm Websense introduced a new Web Gateway appliance that allows companies access Web 2.0 sites without security concerns.

This week, UK-based Sword Group, a provider of high value and hi-tech business applications, has unveiled a new gadget that will allow enterprise content management integration for Google Apps.

And the clincher -- using the gadget can access complex ECM repositories that are firewalled up to the hilt.

A new content filtering and threat protection Web gateway appliance - V10000 - from US data and email security firm Websense will allow companies access Web 2.0 sites safely without worries about data loss, inappropriate content concerns or productivity and liability threats.

The company says the new gateway will not only block malware on individual web pages, but that it will allow users to access and use Web 2.0 sites where sections of the site are infected and at the same time block the malicious content from accessing the user’s company network.

Earlier this month at Drupalcon, the Drupal Security Team held a Birds of a Feather (BOF) session on how to improve communication.

One of the outcomes was to make it clearer which security advisories relate to Drupal core, and which ones relate to contributed add-ons. The other to separate security announcements from security advisories. There are now three new forums, and three corresponding new RSS feeds, available for tracking both security advisories and announcements.

This separation makes it easier for people to tell what they absolutely must pay attention to -- anyone running Drupal should pay attention to Drupal core advisories -- and what they'll have to cherry pick based on the add-on modules they've installed.

This is an important improvement for Drupal Web CMS managers as it will reduce the likelihood that red flag updates will get lost in the noise. See the Drupal Security page for more information.

We know that SharePoint is most often used as a document management solution in organizations today. But out of the box, SharePoint doesn't have all the necessary features for securing and classifying documents. Titus Labs, a provider of email and classification software, has provided some enhanced features that will help you use SharePoint to keep your documents safe and easy to find.

Andrew Eddie, Development Coordinator and Joomla core team member posted a sneak peek at the advanced access control features implemented into the core of version 1.6. Joomla version 1.6 will be the next major update and there are currently no official estimates for the release date. Decent ACL controls have been a lodestone around the neck of the open source web cms since it’s inception. Developers looking to deploy a Content Management System for clients had to take a long look at the meager ACL controls in the Joomla core. But that's about to change.

In its biannual report released Feb. 2, 2009, IBM's X-Force research group pointed out significant security threat trends as we enter 2009, and paid particular attention to vulnerabilities found in PHP web content management systems such as Joomla!, Drupal, TYPO3 and WordPress.

The report is pretty. It has over a hundred pages. It has lots of nifty charts and graphs. But let's take a closer look at the what the net impact is.