Subscribe:
RSS feed
-
Follow
Following
Already have a WordPress.com account? Log in now.
The term varies a bit depending where you ask: “Web of Connected Objects” (France) ,”Industrie 4.0″ (Germany) and who you ask: “Industrial Internet” (General Electric), “Internet of Things and Services” (Bosch), “Internet of Everything” (Cisco) – but basically means the same: the transformation of life, business and production by not only connecting (traditional) computers and […]
May 6, 2013 by Heiko Herrmann
Whenever a discussion is on-going about a rather complex and multi-layer subject, it is preferable that the participants agree on terms and definitions, hence meaning the same thing when using professional terms. SCADA is such a term nowadays that is frequently used in public (security) discussions – but unfortunately, not everybody seems to mean the same […]
February 24, 2013 by Heiko Herrmann
Since quite a while I am following with interest David T.S. Fraser’s blog on legal aspects of cloud computing. Though called Canadian Cloud Law Blog – News and commentary on legal aspects of cloud computing from a Canadian perspective – his expert commentaries are definitely applicable beyond Canadian soil and jurisdiction. One of his recent posts titled ‘Note […]
January 4, 2012 by Heiko Herrmann
The idea is as simple as it is genius and effective: Let the DNS server decide to grant or not to grant access to a requested URL. After all, almost all requests outbound of the organization’s internal network have to be resolved by an external DNS server and many (if not most) malware bots are […]
October 22, 2011 by zentralsachse
NeuStar UltraDNS is apparently one of the leading global managed DNS providers – handling a quarter of the Internet’s authoritative DNS traffic. One of the additional services they offer is called SiteProtect – a “cloud based DDoS mitigation service” that offers “Defense against DDoS attacks before they reach your infrastructure” , ” Protection for all HTTP and HTTPS traffic, regardless […]
August 21, 2011 by Heiko Herrmann
Communication is the lifeblood to do business – and email is still the lifeblood for communication. Out of the box email of even the newest software and systems is not digitally signed. When looking at the advantages the use of digital email signatures theoretically has (sender authenticity, message integrity, communication transaction non-repudiation) one should think it should […]
June 21, 2011 by Heiko Herrmann
Is the arrival of the (Google) Chromebook the arrival of a business class Thin-Client-for Cloud-Computing? Now, the Thin-Client concept is anything but new, and thin clients are actually an endpoint-security dream for the InfoSec Manager. Application as well as OS vulnerability based attack vectors against thin clients are minimal compared to those of a “fat” […]
May 14, 2011 by Heiko Herrmann
Compliance The need to be compliant to this or that is one of the rare principles that are relatively easy to sell to the board. Confusion, however, usually kicks in as soon as the scope of the compliance has to be decided on. By that, I do not mean the scope of the compliance criteria […]
May 10, 2011 by Heiko Herrmann
An important lesson learned from dealing with an organization-wide Information Security Awareness program: train the supervisor, or more precisely: train the supervisors first ! Let’s face it: if you are not Google, Amazon or a financial player, chances are high that your senior management has a rather vague idea of information security areas and what […]
RealLifeISM 
March 10, 2014 by Heiko Herrmann
0