Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

10/31/2007
08:55 AM
Keith Ferrell
Keith Ferrell
Commentary
50%
50%

Security Threats Meet Business Treats

Having written so much about the horrors small and midsized businesses face for our two-part Halloween business terrors feature, I couldn't resist the temptation to give some thought to technology treats.

Having written so much about the horrors small and midsized businesses face for our two-part Halloween business terrors feature, I couldn't resist the temptation to give some thought to technology treats.In fact, the more thought I gave the matter, the clearer it became that the "dark sides of business technology" are more than matched by the bright side of business benefits.

Here, then, my pick of half a dozen gifts tech gives our businesses -- every one of which has, to be sure, its trick-side, but any one of which just as surely is a treat:

1. Technology lets you live your life as well as run your business  those (protected and secure!) mobile devices keep you on top of things all the time on vacation as well as in the office. And you can take longer vacations  as long as youre connected, why not join that conference-call from the beach rather than the boardroom?(The trick side of this one is that your customer know how connected you are: be careful lest youre on call 24/7/365.)

2. On the Web nobody need know youre a small business  as long as you dont misrepresent yourself or overpromise what you can deliver, the right combination of Web site and Web marketing lets you soar above the competition up where the customers surf!

3. You can get your face and your personal insights and ideas out there  blogging and other networking tools let you tell it like you see it (within business reason) and do so with as much reach as any mega-corporation, and without having to slice and dice your way through bigbizs big bureaucracy.

4. Collaboration and teamwork take on whole new levels of meaning  and business benefit. One key to any small or midsized businesss success is teamwork. And team-building has never been easier or richer than with the right array of software and communications tools on your network.

5. IT hasnt brought about the death of office drudgery, but it has vastly diminished the burdens of routine chores  filing, copying and sharing information among departments, records- and bookkeeping. Enter it once  then do with it what you will, and whatever you need to.

6. Sophisticated and powerful technologies cost less than ever  letting you do more, accomplish more, reach for more business while holding onto to more of your IT budget which youll need to apply to security measures against the monsters that are likewise benefitting (if thats the word) from the drop in tech costs and the climb in tech power.

And one more -- being your own boss, or at least being free from the corporate chain gang, lets you take the occasional moment for yourself, Just a bit of time to, say, take another glance at our Halloween business fears feature, Part One and then -- go ahead! -- Part Two.

Comment  | 
Print  | 
More Insights
Comments
Threaded  |  Newest First  |  Oldest First
Navigating Security in the Cloud
Diya Jolly, Chief Product Officer, Okta,  12/4/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: "The security team seem to be taking SiegeWare seriously" 
Current Issue
Navigating the Deluge of Security Data
In this Tech Digest, Dark Reading shares the experiences of some top security practitioners as they navigate volumes of security data. We examine some examples of how enterprises can cull this data to find the clues they need.
Flash Poll
Rethinking Enterprise Data Defense
Rethinking Enterprise Data Defense
Frustrated with recurring intrusions and breaches, cybersecurity professionals are questioning some of the industrys conventional wisdom. Heres a look at what theyre thinking about.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-16770
PUBLISHED: 2019-12-05
A poorly-behaved client could use keepalive requests to monopolize Puma's reactor and create a denial of service attack. If more keepalive connections to Puma are opened than there are threads available, additional connections will wait permanently if the attacker sends requests frequently enough.
CVE-2019-19609
PUBLISHED: 2019-12-05
The Strapi framework before 3.0.0-beta.17.8 is vulnerable to Remote Code Execution in the Install and Uninstall Plugin components of the Admin panel, because it does not sanitize the plugin name, and attackers can inject arbitrary shell commands to be executed by the execa function.
CVE-2019-16768
PUBLISHED: 2019-12-05
Exception messages from internal exceptions (like database exception) are wrapped by \Symfony\Component\Security\Core\Exception\AuthenticationServiceException and propagated through the system to UI. Therefore, some internal system information may leak and be visible to the customer. A validation m...
CVE-2012-1105
PUBLISHED: 2019-12-05
An Information Disclosure vulnerability exists in the Jasig Project php-pear-CAS 1.2.2 package in the /tmp directory. The Central Authentication Service client library archives the debug logging file in an insecure manner.
CVE-2019-16769
PUBLISHED: 2019-12-05
Affected versions of this package are vulnerable to Cross-site Scripting (XSS). It does not properly mitigate against unsafe characters in serialized regular expressions. This vulnerability is not affected on Node.js environment since Node.js's implementation of RegExp.prototype.toString() backslash...