Guidelines for companies on creating policies around employees’ access to social networking sites, such as Facebook, during work hours

Losing sensitive data in transit is a burgeoning issue for individuals whose data has been lost, as well as businesses. Not only is data loss damaging to the reputations of companies involved, it can have other far-reaching implications, such as leaving businesses open to financial attacks from hackers, or causing intellectual property to land in the hands of competitors. Employees themselves also have reason to worry, with the proposal of legislation that could see individuals who negligently disclose personal information imprisoned for two years.

At Network Box, one of the most common questions we’re asked by IT directors and managers is how to protect wireless networks. Obviously, there are many security technologies on the market that are capable of securing wireless networks; but what businesses – and home users – don’t appear to understand is that they can greatly increase the security of their wireless networks simply by switching protocols from wired equivalent privacy (WEP) to wi-fi protected access (WPA).

The continual success of the network security industry is only as effective as the security professionals that run it. This means recruiting high-calibre security professionals is essential for any organisation wishing to be protected from the external and internal threats. Identifying, training and retaining security personnel is hard, often proving to be a time-consuming and expensive process.

In late 2006, an old technique became popular again with the blackhats. They resurrected parasitic malware, a technique whereby malware is added to existing files on a system. During 2007, this form of malware flourished with McAfee Avert Labs identifying 150 new variants of parasitic malware, Philis and Fujacks. New viruses using this technique were also discovered – such as Grum-A – and it seems that this technique has made a comeback.

As the world of ATMs evolves and they become connected to the Internet, IT security is fast becoming a pressing concern, which needs to be addressed before a major incident causes the public to lose confidence in this very useful tool.

As broadband connectivity spreads, companies are beginning to use it for voice telephony. This is known as Voice over Internet Protocol or VoIP. One of the most popular VoIP systems is Skype. But just how safe is it? While it’s great for end users, from the network administrator’s point of view, and from the security point of view, the doors may be wide open.

Phishing is fraudulently attempting to acquire sensitive information like passwords, credit card details etc. It’s tied into the growing crime of identity theft and, over the past two years, there has been a big increase in this form of crime. So what can a company do to protect itself from this form of attack?

Senior managers outside the IT department will most likely have a very hazy impression of what is meant by the terms blogging, iTunes, MySpace or MSN messenger. Yet the use of these new technologies at work is a major threat to their businesses.

The era when script kiddies were the primary online threat has long since passed. Today, hacking and malicious code are big business. Too big, it would seem, for some blackhats to manage single handed.

This brochure has been written for IT managers who aren’t security specialists, but who want to make good decisions about IT security.