http://informationsecurity.techtarget.com/magItem/0,291266,sid42_gci1175859,00.html
Get a Grip!
Information Security Magazine, April 2006

Organizations can regain control over mobile devices by adopting a systematic approach to device detection, assessment, protection and enforcement. In this article, Lisa Phifer explores strategies for discovering and fingerprinting mobile systems, and methods for finding and fixing the vulnerabilities associated with them.

http://searchsecurity.com/tip/1,289483,sid14_gci1184648,00.html
Policies for reducing mobile risk
SearchSecurity, April 25, 2006

Reducing business risk associated with PDAs and Smartphones starts with establishing an information security policy that deals with both employee-purchased and company-owned mobile devices. In this risk management strategy tip, Lisa Phifer discusses elements that should be included in a mobile security policy.

https://event.on24.com/eventRegistration/EventLobbyServlet?eventid=19228
How to protect a moving target: Locking down mobile devices
SearchSecurity Webcast, April 20, 2006

Last year, a new breed of worms, like Commwarrior, Lasco and Mabir, exploited Bluetooth and MMS to reach mobile wireless devices commonly carried by business executives. In this webcast, Lisa Phifer describes business options for securing Smartphones and PDAs, from features built into mobile operating systems to third-party countermeasures and enterprise mobile security suites.

WatchGuard LiveSecurity

http://www.corecom.com/external/livesecurity/cookies1.htm
http://www.corecom.com/external/livesecurity/cookies2.htm
Fireware vs. the Cookie Monster (Parts 1 and 2)
WatchGuard LiveSecurity, March 7-8, 2006

Used as originally intended, cookies are relatively benign. But over time, Web applications began storing private information about user identities, credentials, web activities, and preferences that can be exploited by fraudsters, thieves, and other troublemakers. In this two-part LiveSecurity column, Dave Piscitello explores the ad-serving cookies and how to block them at your Internet gateway using HTTP Proxies.

TechTarget Wireless Webcasts and Articles

http://searchsecurity.com/general/0,295582,sid14_gci1167653,00.html
Wireless Security Lunchtime Learning
TechTarget, March 28, 2006

This Wireless Security Lunchtime Learning program, developed by Lisa Phifer for SearchSecurity and SearchNetworking, lets you develop an in-depth understanding of WLAN security risks and countermeasures. Broken into four lessons, each lesson presents a security strategy in a short webcast, supported by four tactical tips which explain how to apply that strategy. Lesson quizzes and entrance/exit exams let you test what you have learned. To learn more, browse this course outline: Searchsecurity.com/general/0,295582,sid14_gci1167653,00.html

http://searchnetworking.com/tip/1,289483,sid7_gci1183057,00.html
Keep an eye on the sky: WLAN usage monitoring
SearchNetworking, April 20, 2006

As wireless LANs (WLANs) go mainstream, IT managers will be required to monitor 802.11 network usage for purposes of accounting, capacity planning, and compliance reporting. In this tip, Lisa Phifer discusses how to track what you cannot see by combining traditional monitoring techniques with wireless-specific methods and tools.

http://searchnetworking.com/originalContent/0,289142,sid7_gci945257,00.html
Helpful steps in troubleshooting your wireless connectivity problem
SearchNetworking, April 13, 2006

In this updated Ask-The-Expert response, Lisa Phifer recommends a concrete series of debugging steps to be used when you encounter trouble connecting a wireless host (desktop, laptop, PDA) to an office network.

Wireless Advisor Columns

http://searchnetworking.com/tip/1,289483,sid7_gci1174801,00.html
Purchasing the right Wi-Fi client
SearchMobileComputing, March 23, 2006

Companies devote considerable attention to purchasing Wi-Fi APs, giving far less thought to client selection. But it takes two to tango: client devices have a major impact on WLAN operation. In this column, Lisa Phifer discusses why a few well-chosen Wi-Fi clients can make a big difference.

http://searchmobilecomputing.com/tip/1,289483,sid40_gci1166941,00.html
Staying safe in Wi-Fi hot spots
SearchMobileComputing, February 16, 2006

Wi-Fi hot spots can make business travelers more productive but they also pose serious security risks. In this Wireless Advisor column, Lisa Phifer details simple steps that anyone can take immediately to harden their defenses when using public hotspots.

Secure Remote Access

https://www.gotomypc.com/corp/documentation.tmpl
https://www.gotomypc.com/downloads/pdf/m/Extend_Your_VPN_with_GoToMyPC_Corporate_White_Paper.pdf
Extend Your VPN with GoToMyPC Corporate White Paper
Citrix Online, March, 2006

This white paper, developed by Lisa Phifer for Citrix Online, examines the evolution of secure remote access technologies, comparing IPsec and SSL VPNs to Citrix Online GoToMyPC Corporate. By examining workforce needs and associated costs, this paper shows how many companies could use GoToMyPC Corporate to augment their remote access strategy by offloading VPN users who not only cause the greatest IT pain, but would benefit the most from secure remote desktop access.

http://searchNetworking.com/r/0,,52692,00.htm
http://www.cwnp.com/learning_center/search_details.php?doc_id=pag9
Webcast and Briefing: 10 Remote Access Tips in 10 Minutes
SearchNetworking, February 2006

According to IDC, two out of three workers are now mobile, demanding "anytime anywhere" corporate network access over increasingly diverse devices and communication links. In this on-demand Webcast (also available as a printable briefing), Lisa Phifer provides 10 quick tips for locking down remote endpoints and safeguarding the corporate data that they carry and send.

ISP-Planet Articles

http://www.isp-planet.com/technology/2006/secure_windows_3a.html
Thinking Outside The (Windows) Box Part 3: Free Mail Clients
ISP-Planet, March 2, 2006

Outlook Express is factory-installed on Windows PCs, but there can be better, safer, faster alternatives for SOHO users. In Part 3 of Lisa Phifer's series, we take a look at several free mail clients for Windows PCs: MemeCode i.Scribe, Mozilla Thunderbird, Opera Mail, Pegasus Mail, and Qualcomm Eudora.

http://www.isp-planet.com/technology/2006/secure_windows_4a.html
Thinking Outside The (Windows) Box Part 3: Free Windows Firewalls
ISP-Planet, March 3, 2006

While many businesses depend on host firewall features embedded in commercial products, alternatives exist, some of which are not well known. In part 4 of Lisa Phifer's series, we test-drive five Windows firewalls that won't cost individuals a dime: Check Point ZoneAlarm, Comodo Personal Firewall, NetVeda Safety.Net, Primedius Firewall Lite, and Sunbelt Kerio Personal Firewall.

Dave Piscitello's Blog

http://hhi.corecom.com/arc20060401.htm#BlogID516
Inventor of the firewall?
Dave's Blog, April 6, 2006

Most of us know Al Gore did not invent the Internet, but only a handful of folks have been involved in Internet Security long enough to recall the chronology of events leading to the invention of the firewall. In this blog post, Dave Piscitello questions the accuracy of a recent NWW article that covered this topic.

http://hhi.corecom.com/arc20060301.htm#BlogID512
Windows Firewall Log Viewers and Analyzers
Dave's Blog, March 16, 2006

Windows Firewall may not be the most fully-featured personal firewall, but this alone shouldn't prevent you from disregarding it entirely. In this post, Dave discusses WF logging and two freeware log analysis utilities that can be used to complement WF.

http://hhi.corecom.com/arc20060301.htm#BlogID511
Firewall Policy life cycle management
Dave's Blog, March 10, 2006

A recent posting to a firewall mail list asked the question, "How do large organizations manage firewall rule sets?" Dave mulls over how security admins of large organizations know when to remove an access rule from a firewall configuration.

http://hhi.corecom.com/arc20060301.htm#BlogID510
Blocking cookies at an http proxy
Dave's Blog, March 8, 2006

Legally, not every ad-serving or behavior tracking cookie is spyware. Cookies do not qualify as spyware *unless* they collect personally identifying information. In this post, Dave discusses why he believes this definition and associated legislation is flawed.

http://hhi.corecom.com/arc20060201.htm#BlogID499
My first IdM Appliance: IDSentrie
Dave's Blog, February 2, 2006

Dave has been complaining about the desperate state of user account and identity management for some time. Last December, Dave joined the advisory board of A10 Networks. In this post, Dave shares his initial experiences with the IDSentrie 1000 identity management appliance.

-----------------------------------------------------------------

Cornerstone is an electronic publication of Core Competence, Inc. If you do not wish to receive future issues, please reply to this message or send email to cornerstone@corecom.com with the word "remove" in the subject line or message body.

For additional information about Core Competence, visit our web site http://www.corecom.com
For past issues, visit our CornerStone page http://www.corecom.com/html/cornerstone.html
Send us a subscribe message to receive future issues of CornerStone.