[IS&T Security-FYI] SFYI Newsletter, May 17, 2010
Monique Yeaton
myeaton at MIT.EDU
Mon May 17 12:30:21 EDT 2010
In this issue:
1. Security FYI is Becoming a Blog
2. Event: National Information Security Group, May 20
3. Tip of the Week: Protecting USB Drives from Malware
--------------------------------------------
1. Security FYI is Becoming a Blog
--------------------------------------------
For several years the issues of the Security FYI Newsletter have
arrived in our email in-boxes through a Mailman list. To move with the
times of Web 2.0, the writers of the newsletter have now duplicated
the articles online into a blog. For the present time, WordPress is
hosting the content, but the plan by IS&T is to host the blog within
the IS&T website and have it be incorporated with other IS&T news,
hopefully by some time this summer.
I invite you to take a look and offer us feedback so that we can
determine which features the blog should include to enhance its
readership. Naturally, a blog will change the nature of the newsletter
a bit. The online version of Security FYI would allow us to post
videos and images, add articles more frequently, and build an archive
where articles are searchable by category. We envision readers posting
comments, sharing the articles with others, and possibly subscribing
via RSS so they can be notified when a new article is posted.
There is no plan to get rid of the Mailman list in the near future as
we understand some people still prefer to receive news via email.
However, a blog will not necessarily cause the email version of the
newsletter to become obsolete; the idea is just to offer more features
and versatility.
Please visit the blog in its current format and let us know what you
think: <http://securityfyi.wordpress.com/>
--------------------------------------------------------------------
2. Event: National Information Security Group, May 20
--------------------------------------------------------------------
"Over 80% of the vulnerabilities that exist today come from flaws that
reside in the application layer. The only effective way to stop these
threats is to build security into applications." The SANS Institute.
This presentation on the extremely important topic of application
security will focus on common mistakes that are systemic to
organizations as gleaned from over a decade of application and
development process assessments. It will address solutions that lead
to direct cost savings and improvements to quality and compliance
mandates.
Title: Charting the Course for Application Security: Five Costly
Mistakes to Avoid
Date/time: Thursday, May 20, 2010 at 6:30 PM
Location: Microsoft, 201 Jones Road, 6th Floor, Waltham, MA 02451
Cost: Free to the public
Reservations requested: Please send an e-mail to Meetings-Boston at naisg.org
indicating that you plan to attend so that the correct quantity of
pizza can be ordered.
Presentation will include: A) Why is software still insecure and what
are the underlying causes of application security problems? B) What
are the most common critical security mistakes, oversights, and tips
for avoidance? C) And what are the best practices to avoid pitfalls?
More information about the event can be found at National Information
Security Group (NAISG) - Boston, MA Chapter <http://boston.naisg.org/meetings.asp
>
-----------------------------------------------------------------------
3. Tip of the Week: Protecting USB Drives from Malware
-----------------------------------------------------------------------
USB flash drives, those little devices we put our files on when we
need to transport them easily, are prone to infection, especially if
we plug them into computers that are not in our control. We might do
this frequently without thinking about the risk: at our local print
shop, a hotel kiosk, a computer lab, or some other poorly managed
computer system. Many of us don't think about the possibility that a
virus on a computer could spread to one of those memory sticks and in
turn, infect the next computer it comes into contact with.
There is an easy and practical solution to this risk. Buy a USB flash
drive with a write-protect switch and flip in on to write-protect mode
before sticking it into a strange computer. Similar to write
protection on the old floppy disks and zip disks, this protects the
drive from being overwritten and will also protect it from accidental
erasure and deletion. Find these drives by doing a quick search on
Froogle with the term "usb drive with write protect mode" or by going
to your local office supply or computer supply store.
=
=
=
========================================================================
Find current and older issues of Security FYI Newsletter: <http://kb.mit.edu/confluence/x/ehBB
>
Monique Yeaton
IT Security Awareness Consultant
MIT Information Services & Technology (IS&T)
(617) 253-2715
http://ist.mit.edu/security
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.mit.edu/pipermail/ist-security-fyi/attachments/20100517/04d6dffc/attachment.htm
More information about the ist-security-fyi
mailing list