Websense is readying its first hardware appliance, which will run the vendor's Secure Web Gateway Software including anti-malware filtering, SSL traffic inspection, application controls, and threat protections for Web surfing.
View this product in a slideshow.
The V10000 Web Gateway Appliance "is the first appliance we've ever done," says Dave Meizlik, director of product marketing. For customers, a hardware-based platform can provide the opportunity to consolidate servers, since the Secure Web Gateway Software typically runs on more than one server, depending on components installed.
The V10000 appliance will include a Web-based management platform. Because the hardware appliance makes use of the Xen virtualization platform, it will be possible to add new functional security components in the future, Meizlik said.
The V10000 starts at US$16,000 and is expected to ship at the end of April.
Ellen Messmer, Network World
Tuesday, April 7, 2009
Kaiser hospital cans 15 for peeking at octuplet mom's medical records
In the latest example of employee data-snooping, a Kaiser Permanente hospital located in a Los Angeles suburb has fired 15 workers and reprimanded eight others for improperly accessing the medical records of Nadya Suleman, the California woman who gave birth to octuplets in January.
The unauthorized accessing of Suleman's electronic records at the facility in Bellflower, Calif., violated a California law designed to safeguard the privacy of health care data, according to Kaiser spokesman Jim Anderson. He said the improper activities were discovered through increased network-monitoring procedures put in place by the hospital in connection with the birth of the octuplets.
Kaiser also conducted extra training to remind hospital employees of the need to keep patient data confidential, Anderson said.
The snooping incidents highlight the lack of adequate data-security controls at hospitals and other health care organizations, said Deborah Peel, who heads the Patient Privacy Rights Foundation in Austin.
Peel claimed that such privacy breaches occur on a broad scale because of the health care industry's continued reliance on "primitive" user-access controls. At large enterprises like Kaiser, she noted, thousands of workers may be able to access patient data, even if they don't need to do so.
In a similar case, the medical center at the University of California, Los Angeles, disclosed last April that as many as 165 doctors and other workers had improperly accessed the medical records of numerous celebrities over a 13-year period.
But such incidents aren't restricted to the health care industry. In January 2008, federal officials disclosed that U.S. Department of State employees and contractors had snooped in the electronic passport records of various politicians and celebrities, including then-Sen. Barack Obama's.
Jay Cline, president of Minnesota Privacy Consultants, thinks the "Facebook effect" is partly to blame. Users of social networks "have become used to poking through other people's profiles," Cline said, "and they see no ethical difference doing the same thing with employee and customer databases."
He added that IT and security managers need to make three things clear to employees: "Our systems are not Facebook. We're watching system usage closely. Use them for authorized purposes only, or you may be fired."
By Jaikumar Vijayan
Computerworld
The unauthorized accessing of Suleman's electronic records at the facility in Bellflower, Calif., violated a California law designed to safeguard the privacy of health care data, according to Kaiser spokesman Jim Anderson. He said the improper activities were discovered through increased network-monitoring procedures put in place by the hospital in connection with the birth of the octuplets.
Kaiser also conducted extra training to remind hospital employees of the need to keep patient data confidential, Anderson said.
The snooping incidents highlight the lack of adequate data-security controls at hospitals and other health care organizations, said Deborah Peel, who heads the Patient Privacy Rights Foundation in Austin.
Peel claimed that such privacy breaches occur on a broad scale because of the health care industry's continued reliance on "primitive" user-access controls. At large enterprises like Kaiser, she noted, thousands of workers may be able to access patient data, even if they don't need to do so.
In a similar case, the medical center at the University of California, Los Angeles, disclosed last April that as many as 165 doctors and other workers had improperly accessed the medical records of numerous celebrities over a 13-year period.
But such incidents aren't restricted to the health care industry. In January 2008, federal officials disclosed that U.S. Department of State employees and contractors had snooped in the electronic passport records of various politicians and celebrities, including then-Sen. Barack Obama's.
Jay Cline, president of Minnesota Privacy Consultants, thinks the "Facebook effect" is partly to blame. Users of social networks "have become used to poking through other people's profiles," Cline said, "and they see no ethical difference doing the same thing with employee and customer databases."
He added that IT and security managers need to make three things clear to employees: "Our systems are not Facebook. We're watching system usage closely. Use them for authorized purposes only, or you may be fired."
By Jaikumar Vijayan
Computerworld
Bill Seeks to Give Feds New Security Powers
Two U.S. senators last week proposed legislation that would give federal officials new powers to create and enforce data security standards for key parts of the private sector -- and even shut down systems in some cases.
The Cybersecurity Act of 2009 would empower the National Institute of Standards and Technology to set "measurable and auditable" security standards for all networks and systems run by federal agencies, government contractors and businesses that support critical infrastructure services.
NIST would also be charged with developing a standard for testing and accrediting software built by or for those groups. In addition, the bill would enable the president to order that critical infrastructure networks be disconnected in the event of cybersecurity emergencies or for reasons of national security.
The bill, which was introduced by Sens. Jay Rockefeller (D-W.Va.) and Olympia Snowe (R-Maine), doesn't specifically define what would qualify as a critical network or system.
But in a statement, Rockefeller cited a broad set of examples. "We must protect our critical infrastructure at all costs," he said. "From our water to our electricity, to banking, traffic lights and electronic health records -- the list goes on."
Snowe added that the public and private sectors "must unite on all fronts," and she warned of a possible "cyber-Katrina" if action isn't taken quickly.
The bill "loosely parallels" a set of cybersecurity recommendations released in December by an outside commission that was set up by the Washington-based Center for Strategic and International Studies, Snowe noted.
Another provision would require the development of a licensing and certification program for government and private-sector security professionals. Meanwhile, a companion bill calls for the addition of a national cybersecurity adviser within the Executive Office of the President.
But Brian Chess, chief scientist at security vendor Fortify Software Inc., isn't convinced that new regulations aimed at the private sector will improve data safeguards. "Security is an attitude," he said, "and it's hard to legislate attitude."
Jaikumar Vijayan, Computerworld
The Cybersecurity Act of 2009 would empower the National Institute of Standards and Technology to set "measurable and auditable" security standards for all networks and systems run by federal agencies, government contractors and businesses that support critical infrastructure services.
NIST would also be charged with developing a standard for testing and accrediting software built by or for those groups. In addition, the bill would enable the president to order that critical infrastructure networks be disconnected in the event of cybersecurity emergencies or for reasons of national security.
The bill, which was introduced by Sens. Jay Rockefeller (D-W.Va.) and Olympia Snowe (R-Maine), doesn't specifically define what would qualify as a critical network or system.
But in a statement, Rockefeller cited a broad set of examples. "We must protect our critical infrastructure at all costs," he said. "From our water to our electricity, to banking, traffic lights and electronic health records -- the list goes on."
Snowe added that the public and private sectors "must unite on all fronts," and she warned of a possible "cyber-Katrina" if action isn't taken quickly.
The bill "loosely parallels" a set of cybersecurity recommendations released in December by an outside commission that was set up by the Washington-based Center for Strategic and International Studies, Snowe noted.
Another provision would require the development of a licensing and certification program for government and private-sector security professionals. Meanwhile, a companion bill calls for the addition of a national cybersecurity adviser within the Executive Office of the President.
But Brian Chess, chief scientist at security vendor Fortify Software Inc., isn't convinced that new regulations aimed at the private sector will improve data safeguards. "Security is an attitude," he said, "and it's hard to legislate attitude."
Jaikumar Vijayan, Computerworld
AP takes aim at Web sites over unlicensed news content
The Associated Press, one of the world's largest news providers, plans to take legal action against Web portals and other sites that use its content without paying for a license, the organization said Monday.
The announcement comes amid tough times for the news industry, which has been hurt by the loss of advertising revenue to the Internet. The AP also blamed the theft of news content for some of the news industry's misfortune, one reason it will go after Internet sites that fail to pay for licenses.
"We can no longer stand by and watch others walk off with our work under misguided legal theories," said Dean Singleton, chairman of the AP, in a speech on Monday.
"We are mad as hell, and we are not going to take it any more," he added.
Hundreds of newspapers face closure within the next few years, many in the U.S.
The Tribune Co., for example, owner of the newspapers, including the Chicago Tribune, the Los Angeles Times, The Baltimore Sun and dozens of TV stations, filed for bankruptcy in December. Last month, The McClatchy Co., the third largest media company in the U.S. and owner of The Miami Herald and The Kansas City Star, announced another restructuring plan that will further reduce staff by 1,600 people this year.
Journalists at the Minneapolis Star Tribune on Sunday launched a Web site to save their newspaper.
The AP plans to develop a system to track online content to make sure it's being used legally. It will also set up new search engine pages that point users to "the most authoritative sources of breaking news," it said in a statement.
"AP and its member newspapers and broadcast associate members are the source of most of the news content being created in the world today," said Singleton. "We must be paid fully and fairly."
To help member news organizations through the recession, the AP announced further price reductions for its photos, video and written news content.
AP subscribers will see $30 million in savings in 2009 and another $35 million in savings in 2010 from reductions in fees. The AP has set up new plans for members to choose from, that offer a variety of discounts and packages, including national and local news as well as international events.
In the U.S., the reductions will reduce its revenues from U.S. newspapers by around a third between 2008 and 2010, AP said in a statement.
The AP, a nonprofit news organization, was founded by a group of U.S. newspapers in 1846 to provide news coverage. Today, the AP serves news organizations around the world from 243 bureaus in 97 countries, offering stories, videos and photos of news events.
Changes in subscriber plans as well as revenue losses from U.S. newspapers, will reduce AP revenue from U.S. newspapers to about $135 million in 2010, about 20% of AP's total revenue, and down from $210 million last year.
By Dan Nystedt
IDG News Service
The announcement comes amid tough times for the news industry, which has been hurt by the loss of advertising revenue to the Internet. The AP also blamed the theft of news content for some of the news industry's misfortune, one reason it will go after Internet sites that fail to pay for licenses.
"We can no longer stand by and watch others walk off with our work under misguided legal theories," said Dean Singleton, chairman of the AP, in a speech on Monday.
"We are mad as hell, and we are not going to take it any more," he added.
Hundreds of newspapers face closure within the next few years, many in the U.S.
The Tribune Co., for example, owner of the newspapers, including the Chicago Tribune, the Los Angeles Times, The Baltimore Sun and dozens of TV stations, filed for bankruptcy in December. Last month, The McClatchy Co., the third largest media company in the U.S. and owner of The Miami Herald and The Kansas City Star, announced another restructuring plan that will further reduce staff by 1,600 people this year.
Journalists at the Minneapolis Star Tribune on Sunday launched a Web site to save their newspaper.
The AP plans to develop a system to track online content to make sure it's being used legally. It will also set up new search engine pages that point users to "the most authoritative sources of breaking news," it said in a statement.
"AP and its member newspapers and broadcast associate members are the source of most of the news content being created in the world today," said Singleton. "We must be paid fully and fairly."
To help member news organizations through the recession, the AP announced further price reductions for its photos, video and written news content.
AP subscribers will see $30 million in savings in 2009 and another $35 million in savings in 2010 from reductions in fees. The AP has set up new plans for members to choose from, that offer a variety of discounts and packages, including national and local news as well as international events.
In the U.S., the reductions will reduce its revenues from U.S. newspapers by around a third between 2008 and 2010, AP said in a statement.
The AP, a nonprofit news organization, was founded by a group of U.S. newspapers in 1846 to provide news coverage. Today, the AP serves news organizations around the world from 243 bureaus in 97 countries, offering stories, videos and photos of news events.
Changes in subscriber plans as well as revenue losses from U.S. newspapers, will reduce AP revenue from U.S. newspapers to about $135 million in 2010, about 20% of AP's total revenue, and down from $210 million last year.
By Dan Nystedt
IDG News Service
Are You Infected? A Smart and Simple Test.
A common tactic used by malware is to block the infected computer from connecting to the Web sites of antivirus and security companies. Such blocks are meant to prevent you and your antivirus program from getting help in removing the infection.
The Conficker worm and many other types of malware take this step, and one good thing that came out of all the hype and drama surrounding last week's April 1 doomsday for Conficker was this little gem from the Conficker Working Group, an industry coalition formed to fight the worm.
The group's "Conficker Eye Chart" pulls images from three sites that Conficker is known to block and displays them in a box. Below the box is a guide to interpreting how you see the images -- if they all show up you're in good shape, but if one or more doesn't display it could indicate a Conficker (or other malware) infection.
It's a smart and near-instantaneous test that couldn't be any easier, but keep in mind that if your computer uses a proxy server for Web traffic, which can be the case in some companies, you might be infected and still be able to see the images.
pcworld
Erik Larkin
The Conficker worm and many other types of malware take this step, and one good thing that came out of all the hype and drama surrounding last week's April 1 doomsday for Conficker was this little gem from the Conficker Working Group, an industry coalition formed to fight the worm.
The group's "Conficker Eye Chart" pulls images from three sites that Conficker is known to block and displays them in a box. Below the box is a guide to interpreting how you see the images -- if they all show up you're in good shape, but if one or more doesn't display it could indicate a Conficker (or other malware) infection.
It's a smart and near-instantaneous test that couldn't be any easier, but keep in mind that if your computer uses a proxy server for Web traffic, which can be the case in some companies, you might be infected and still be able to see the images.
pcworld
Erik Larkin
Subscribe to:
Posts (Atom)
