More article analytics
Application integration has always been a thorny problem. Add in the inherent design restrictions of software as a service--think islands, not exactly designed to exchange data--and things get even trickier.
Guidelines for evaluating SaaS and the public cloud, including a total cost of ownership calculator, to help you choose the best services for your organization.
Our 2011 cloud computing survey shows healthy growth in use of these services. But are IT teams neglecting their bread-and-butter fundamentals? In many cases, yes, and as services move from add-ons to part of the fabric of IT, that will cost us.
Information stored in SaaS apps is subject to e-discovery requirements. We help you prepare now—before a lawsuit hits—to ensure you can meet your legal obligations for data that lives off-premises.
Our 2011 respondents report a big jump in the number of agencies tapping into the cloud or planning to within 12 months. And their expanding options are no longer limited to public and private clouds.
Look for tension between customization and mass appeal as SaaS providers try to keep large customers happy while staying true to the multitenant model.
Infrastructure changes, customer satisfaction, process improvement, service-level achievement, performance management, cost reduction, security… Historically, these topics have dominated IT support managers’ day-to-day routines. Traditional IT service and technical support responsibilities and methodologies are on the edge of obsolescence.
We see security as a major stumbling block in enterprise migrations from IPv4 to IPv6. For starters, the code is mostly untested, and too few of our current network security products support IPv6, something the black hat community is banking on.
Data breaches cost U.S. companies $214 per compromised customer record last year, according to the Ponemon Institute. The average total per-incident cost in 2010 was $7.2 million. Beyond the tangible costs, brand damage can be significant as well, though it is hard to quantify.
Free Research and Reports
- Forrester Study: The Total Economic Impact of VMware View
- Securing Executives and Highly Sensitive Documents of Corporations Globally
- Industrialization of Business Operations in the Insurance Industry
- The CIO's New Role: Core Strategy Enabler CIO Barometer 2013
- Five reasons why the right BI is like the right partner
Dark Reading Digital Magazine
Quick Wins For Strengthening SMB Security
Time To Set Up That Honeypot
Securing Cisco IP Telephony
Attribution Is Much More Than A Source IP
New CA Group Has Big Names, Small Impact
How To Build An IT Security Budget
5 Approaches To Decaffeinating Java Exploits
Enterprise Vulnerabilities From DHS/US-CERT's National Vulnerability Database
The winbind_name_list_to_sid_string_list function in nsswitch/pam_winbind.c in Samba through 4.1.2 handles invalid require_membership_of group names by accepting authentication by any user, which allows remote authenticated users to bypass intended access restrictions in opportunistic circumstances by leveraging an administrator's pam_winbind configuration-file mistake.
DjVuLibre before 188.8.131.52, as used in Evince, Sumatra PDF Reader, VuDroid, and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted DjVu (aka .djv) file.
The SUSE horde5 package before 5.0.2-2.4.1 sets incorrect ownership for certain configuration files and directories including /etc/apache2/vhosts.d, which allows local wwwrun users to gain privileges via unspecified vectors.
The EJB invocation handler implementation in Red Hat JBossWS, as used in JBoss Enterprise Application Platform (EAP) before 6.2.0, does not properly enforce the method level restrictions for JAX-WS Service endpoints, which allows remote authenticated users to access otherwise restricted JAX-WS handlers by leveraging permissions to the EJB class.
The DNP3 service in the Outstation component on Elecsys Director Gateway devices with kernel 184.108.40.206ael1 and earlier allows remote attackers to cause a denial of service (CPU consumption and communication outage) via crafted input.