|
|
|
 Related Articles
|
|
|
|
| |
Dame Jo Williams, chief executive of Mencap, said "The performance ratings show that there is still a long way to go to improve the services for people with a learning disability. We are disappointed at the lost opportunity to tackle the inequalities that exist for people with a learning disability accessing healthcare. [click link for full article] |
| |
|
| |
| |
SOUTH Essex's mental health and learning disability trust has come out top in the whole country in an annual audit. |
| |
|
| |
| |
A new body is providing mental health and learning disability services in South Staffordshire and Shropshire. |
| |
|
| |
| |
There are no funded specialised support services for rape victims anywhere in NI, an Amnesty report says. |
| |
|
| |
| |
A quarter of promotional websites for financial services firms are not fair or clear enough, the FSA says. |
| |
|
| |
| |
Critical vulnerabilities in common PC software, including both applications and operating systems, continue to grow in number and stand as the leading cause for concern in the IT security landscape today, according to training experts at the SANS Institute.Holes in so-called client-side applications, including Web browsers, e-mail clients, productivity suites, and media players, have become particularly worrisome over the last year, according to SANS, which highlighted the issue as part of its annual report on the top 20 Internet security risks for 2007.As hackers have shifted their attention further away from operating system flaws and drilled down to applications-layer vulnerabilities they have found a seemingly endless wealth of possibilities for infecting PCs with everything from spyware to botnet programs, SANS researchers contend.Unless something can be done to improve software developers' coding habits or better test popular applications for such issues before they land on end-users' machines, attackers will be able to continue their successful assaults against enterprise networks and devices for the foreseeable future, said Rohit Dhamankar, project manager for the Top 20 report at SANS and a senior manager of security research for TippingPoint.?"There's just been such a dramatic rise in the numbers of vulnerabilities found in applications like Internet Explorer and Microsoft Office and a number of media players that attackers are having their way," said Dhamankar. "Enterprises are bolstering security, but desktop users still pose a massive risk if they can download anything they want from the Web; the attacks are also growing in sophistication to the extent that many can defeat antivirus and other security systems primarily by obfuscating their code."Some of the most powerful tools that hackers have adopted in hunting for potential targets are the same industrial-strength applications fuzzing tools that software vendors themselves are using to search for holes in their products, said the expert.Enterprises could do themselves a favor by enforcing stricter policies that dictate the types of applications that end-users are allowed to put on their work machines and using technical means to ensure that those rules are being followed, Dhamankar said.Other SANS researchers noted that while companies may not want to tell end-users that they cannot utilize media players, messaging clients, and other applications that have moved into the business world from the consumer sector, they could help themselves out by limiting the variety of client-side applications that people may choose from."IT departments can't focus on all the applications of the world, but they can choose several and keep their eye on those while allowing end-users some freedom," said Amol Sarwate, research manager at Qualys who studies vulnerability patterns for SANS. "What companies need to do is enforce standards for applications usage and utilize technical means to block unwanted software, devices, and even wireless access points."While many businesses have already realized that they need to shift more of their efforts toward defending client-side vulnerabilities, most have failed to embrace a proactive approach versus simply keeping track of publicly-reported flaws and patching those issues said Sarwate.Enterprises need to think about future security issues
It will be particularly important for firms to examine the additional security issues that will be introduced in the coming years with broader adoption of technologies including VoIP (Voice over IP), according to the expert."The key is for people to start thinking ahead of these client-side vulnerabilities to understand what the next big thing may be. Things like VoIP need to be examined for their security implications," said Sarwate. "Many companies are already adopting these tools because of all the advantages they offer, but there will be many attacks carried out against these systems as well."Among the advice that SANS is offering organizations hoping to improve their client-side security coverage is to mandate secure configurations at installation time for all applications, to constantly verify patching and upgrading of both applications and system software, to scan for new vulnerabilities frequently, and to keep their security systems up to date.Other leading areas of concern highlighted by SANS in its report included critical vulnerabilities in Web applications that allow for cross-site scripting attacks or for computers to be otherwise compromised simply by pointing their browsers at poisoned URLs."Gullible, busy, accommodating computer users," including executives, IT staff, and others with privileged access also remain a major weak point for enterprise security, according to SANS, as these seemingly more seasoned users of computers and software are still falling for increasingly targeted spear-phishing campaigns in large numbers.One of the best ways to educate users about the problem is for organizations to create fake spear-phishing threats and send them out to internal users to determine which individuals might be most likely to fall for the schemes and follow up with additional training, the group said.Critical vulnerabilities in the software and systems that provide the operating environment and primary services to computer users, or server-side software, remain another area of leading concern, according to SANS.Problems in Microsoft Windows services, Unix and Mac OS services, back-up and AV programs, management servers, database software, and VoIP technologies in particular are proving troublesome, according to the report.Many of those issues can be addressed by following the same advice offered for solving client-side vulnerabilities, SANS said in the research. |
| |
|
| |
| |
Verizon Wireless' decision to open its network to outside mobile devices and applications has won praise from several groups, including past critics.Verizon Wireless officials announced Tuesday they would open up their network to any devices and software customers want to use by the second half of 2008. Any device that passes a minimal connectivity test will be allowed on the Verizon Wireless network, officials said.That announcement drew applause from a wide variety of groups. Public Knowledge, a consumer rights group that has pushed for open network regulations from the U.S. Congress or the Federal Communications Commission, said it was "cautiously optimistic" about Verizon's decision.Verizon's decision could lead to "a more open network in the wireless industry at large," said Gigi Sohn, Public Knowledge's president. Wireless carriers have fought an FCC decision to require open access on a portion of spectrum in the 700MHz band to be auctioned starting in January, she noted."The Verizon announcement, however, is very limited," Sohn added. "If other carriers don't follow the same model, then consumers will still find their phones tied to a specific technology or wireless company. In order for an open network to become a reality, all carriers will have to participate."Verizon will still decide what phones can operate on its network, she said. Public Knowledge would prefer to have a third party decide what phones can operate on the Verizon network, she said.She also has continuing questions about prices. If Verizon continues to offer its preferred mobile phones at a discount, "then the adoption of the open model will be minimal, absent a rapid decline in cell phone prices," Sohn said. "We need to know whether the rates for Verizon service plans will vary for those with subsidized phones and for those customers with a phone bought elsewhere."Others were less guarded with their praise.Verizon's announcement, combined with the Google-led Open Handset Alliance, is a "significant" step toward the goal of more open wireless networks, FCC Chairman Kevin Martin, said in a statement."As I noted when we adopted open network rules for our upcoming spectrum auction, wireless customers should be able to use the wireless device of their choice and download whatever software they want onto it," Martin added. "I continue to believe that more openness -- at the network, device, and application level -- helps foster innovation and enhances consumers' freedom and choice in purchasing wireless service. I am optimistic that Verizon Wireless's commitment along with the upcoming spectrum auction will ensure an exciting new era in wireless technology for the benefit of all consumers."Solveig Singleton, an adjunct senior fellow with Maryland think tank the Free State Foundation, said Verizon's voluntary decision makes more sense than open network regulations, such as net-neutrality rules pushed by Public Knowledge and other groups."Requiring openness or neutrality beyond the basics now supported by demand would needlessly make development far more costly and slow," she said. "A company that wants to invent a new type of phone with cutting-edge features already has a good bit to think about without having to worry about new phones and networks being simultaneously built by everyone else."Many proposed net-neutrality rules would require wireless and broadband providers to treat all network traffic equally, she said."Mandate 'open' and 'neutral' everywhere all the time for everything, and innovation will slow to a snail's pace and network traffic will jam," she added. "Competition between operators to offer innovative combinations of services at special prices would become almost impossible. In this fast-changing context, a regulatory command to treat all traffic all the same is just a bad idea."Also praising Verizon's decision were Funambol, a developer of open-source calendar and messaging tools for mobile phones, and the New America Foundation, a think tank that has pushed for open access rules on the 700MHz spectrumThe FCC and Google deserve credit for pushing the issue forward, said Michael Calabrese, director of New America's Wireless Future Program."This appears to be a move to head off market entry and new wireless competition from Google and other Internet companies that would result if the incumbent carriers were unwilling to meet minimal FCC consumer choice requirements," he said in an e-mail. |
| |
|
| |
| |
Long time coming
Iron Mountain announced today that it has begun providing long-awaited data escrow services to ICANN and its panoply of approved registrars. Ever since the RegisterFly debacle exposed ICANN’s failure to account properly for the data escrow requirements of its Registrar Accreditation Agreement (RAA), data escrow has been at or near the top of the ICANN agenda.… |
| |
|
| |
| |
The disabled children of the Musoma Engineering Project are rehearsing for celebrations on World Disability Day. |
| |
|
| |
| |
The Insurance Partnership’s expansion continues with the appointment of Chartered Insurance Institute associate, Mike Ratcliffe. He will take on the role of new commercial account executive and be responsible for some of the company’s most valuable client accounts.
Mr Ratcliffe has over 25 years of experience within the financial services industry and said he is [...] |
| |
|
| |
|
|
Related Companies |
| |
|
|
|