Articles by Sonny Discini 

Smartphones Mean Enterprise Data Security Risks

Enterprises need tools now to deal with mobile devices along with enforceable means to prevent truly sensitive data from flowing to handhelds, says Sonny Discini.

Four Network Security Strategies That No Longer Work

Columnist Sonny Discini takes a stand against outmoded security policies and points out flaws in the conventional wisdom.

Will Windows 7 Security Stack Up?

Fortunately, much of the improved security functionality has already made its way into the beta build. Here's a look at some of the changes for Windows 7.

Windows 7 Security: Good, Bad or Ugly?

Unlike Vista, the IT community seems to be rolling out the red carpet for Windows 7. A look at whether the new security enhancements provide a solid footing or trip up adoption.

Your Firewall is Blind to Web Application Security

Learn how modern infrastructures demand better insight into web applications and their inherent risks in the form of web application firewalls.

Firewall Guide: First Steps to Securing the Enterprise

A given even corporate IT environments -- even the lowly desktop nowadays -- firewalls are a critical network security component. But new threats and changes in the way people work are forcing a re-examination of how to configure firewalls.

Microsoft MMC How To: Hardening Desktops for Improved Security

A free-for-all user desktop environment is a recipe for malware infections, data leaks, or worse. Learn how to take control of your end-user systems with Microsoft MMC and Active Directory.

Does NAC Finally Deliver?

Big on potential but short on adoption, NAC has faced a skeptical reception in corporate IT circles. Now Sophos, Microsoft and others are taking steps to make the security enhancing technology smoother to deploy and manage.

Surviving an IT Budget Squeeze

Doing more with less? Some tips for surviving, and thriving, budget cuts in the face of stringent corporate responsibilities and new breeds of devious threats.

Security Myopia and Brushes with C-Level Insanity

Network security as you know it is undergoing fundamental changes. Distressingly, after spending some time with security "practitioners," our writer discovers a sad case of C-Level shortsightedness.

Does Zero Day Mean Zero Profit?

Don't give into zero-day panic. Most profit-driven malware relies on tried and true exploits and it's up organizations to make sure that their security technologies and processes are up to the task.

Two-Factor Authentication, Get Used to It

Banks, e-commerce concerns and the federal government are clamoring for stronger authentication to combat theft and fraud. One company is all too happy to oblige.

Security Crossroads: E-Discovery and Your CIRT

Haunted by the specter of e-discovery? You'll find that a well-staffed and implemented CIRT is uniquely positioned to help in your legal data gathering.

The "IT" in Security Guard

IT staffers are donning the uniform (albeit virtually) and it's about time that businesses took notice.

Rise of the Weaponized Rootkit

And you thought stealth was the only trick up a rootkit’s sleeve.

Cybersecurity: Laws Only Go So Far

The U.S. government is finally taking cybersecurity seriously in the form of new legislation but businesses shouldn't expect it to become a cure-all.

What's Walking out Your Doors?

The biggest threat to your data may not be hackers, but disgruntled, duplicitous, or just plain clueless insiders. Fortunately, there are tools at your disposal.

Exploits For Sale

Security pros are keeping a wary eye on an auction site that tempts bug catchers with cash for their exploits.

Antiforensics: When Tools Enable the Masses

Once the province of the computer elite, tools that thwart attempts at uncovering computer crimes are now in the hands of the rank and file.

NAC: The Hard Part

A harbinger of impenetrable networks? Perhaps, but presently the technology may cause more problems for your organization than it solves.

Document Your Way out of PCI Compliance?

Re-architecting a network to meet the Payment Card Industry's tough security standards may fail a basic cost-benefit analysis. But expecting on a piece of paper to serve as a free pass could put a serious crimp in your firm's e-commerce ambitions.

A Shift in the Front Line of Attack, Again

Feeling watched? Teleworking professionals are the newest targets and attackers are getting unexpected help in zeroing in.

A Shift in the Front Line of Attack, Again

Feeling watched? Teleworking professionals are the newest targets and attackers are getting unexpected help in zeroing in.

'Tis the Season (To Get Scammed)

A look at some of the popular and convincing scams hitting ecommerce sites and inboxes this holiday season.

Developing Security Policies: Rules vs. Risk

When dealing with security risk, does your policy leave you holding the bag?