DLP shelfware piles up; Don't toss Facebook security in IT group's lap

	Facebook risks? Don't look to your IT security group | Security group stretching payment-card standards cycle to three years
	Network World Compliance				Forward this to a Friend >>>
	Too many data-loss prevention tools become shelfware, says analyst The good, the bad and the ugly of data-loss prevention tools and technologies got a solid once over from Gartner analyst Eric Ouellet, who spared no punches during his presentation on the topic during the first day of Gartner's Security & Risk Management Summit. Read More RESOURCE COMPLIMENTS OF: IBM Smart Grid Security Blog The smart grid is a growing digital information network and modernized power generation, transmission, distribution and consumption system. Drawing upon lessons from security best practices from the Internet and telecom networks, this blog tracks the thinking on how to best secure the emerging Smart Grid and micro grids. Subscribe now! In this Issue Facebook risks? Don't look to your IT security group Security group stretching payment-card standards cycle to three years iPhones, iPads in the enterprise: 5 security views Biggest tech industry apologies of 2010 – so far iPhone management tools step it up with iOS 4 20 percent of Android apps can threaten privacy, says vendor Dot-org domains can now be protected by DNSSEC Most firms face security 'red alert' as XP SP2's retirement looms Why security needs to catch up to Web 2.0 Microsoft patching tamed by Qualys tool Network access control authentication: Are you ready for 802.1X? Trustwave acquires Breach Security Juniper NAC: Powerful, complex McAfee NAC focuses on endpoint protection Network access control vendors pass endpoint security testing Cisco NAC: Strong in-line enforcement Network access control management: Pick your poison RESOURCE COMPLIMENTS OF: AT&T AT&T Designing Tomorrow's Ethernet-Based Metropolitan Area Networks Click to continue Facebook risks? Don't look to your IT security group Risks associated with employee use of Facebook, Twitter and other social media websites social media shouldn't really be considered the primary responsibility of the IT security department, a Gartner analyst said Tuesday. Read More Security group stretching payment-card standards cycle to three years The Payment Card Industry Security Standards Council Tuesday announced it will begin moving to a three-year cycle related to the main technical standards it issues for protection of sensitive payment-card information, allowing merchants and others more time to adopt them. Read More iPhones, iPads in the enterprise: 5 security views More people use their Apple devices in the workplace, and more IT shops allow it. Naturally, security concerns abound. Here are a few. Read More Biggest tech industry apologies of 2010 – so far AT&T, Facebook, Google, McAfee, Adobe and others say "We're sorry" for assorted security, privacy and performance problems in 2010. Read More iPhone management tools step it up with iOS 4 The new iPhone and iPad OS adds BlackBerry-like corporate security, which upgraded IT admin tools will tap Read More WHITE PAPER: Qualys Inc. 12-point checklist outlines key considerations Discover a 12-point checklist for choosing the best vulnerability management solution for your organization. Read now! 20 percent of Android apps can threaten privacy, says vendor Twenty percent of applications on Android Market let third parties access private or sensitive information, according to a report from security vendor SMobile Systems. Read More Dot-org domains can now be protected by DNSSEC On Wednesday, .org became the first generic top-level domain to offer its customers improved security using DNSSEC (Domain Name System Security Extensions). Read More Most firms face security 'red alert' as XP SP2's retirement looms Three out of four companies will soon face more security risks because they continue to run the soon-to-be-retired Windows XP Service Pack 2 (SP2). Read More Why security needs to catch up to Web 2.0 Security managers can keep blocking Facebook, refusing to support mobile devices and vetoing cloud-based services, but they aren't going away. And ignoring ways to make room for them in your security program is like burying your head in the sand, according to Tom Gillis, vice president and general manager of Cisco's security technology business unit, and author of the new book Securing the Borderless Network: Security for the Web 2.0 World. Read More Microsoft patching tamed by Qualys tool Qualys has added a new reporting feature to its vulnerability management service that helps IT staff work out which Microsoft patches to apply and in what order. Read More WHITE PAPER: Eaton Corporation UPS Service Plans: How to Maximize Your Returns This white paper explores key issues to consider and questions to ask when selecting a UPS service offering and service provider. It also examines some of the top features to look for when evaluating UPS service plans, and discusses the importance of supplementing emergency assistance with preventive maintenance Read More Network access control authentication: Are you ready for 802.1X? In the NAC products we tested, authentication varies from very strong to very weak, and every point in-between. When starting down your path of evaluating NAC products, decide very early what kind of authentication mechanism you want, if any. Read More Trustwave acquires Breach Security Trustwave has acquired Breach Security for an undisclosed sum, an acquisition that the company said would bring Breach Security's Web application firewall together with Trustwave's own enterprise security tools. Read More Juniper NAC: Powerful, complex Trying to describe Juniper's UAC is difficult, because Juniper's NAC strategy has its tendrils in virtually every security product the company makes, from firewalls to switches to SSL VPNs. Read More McAfee NAC focuses on endpoint protection McAfee NAC is clearly slanted towards endpoint security and compliance requirements more than fine-grained network access controls. Because McAfee NAC depends heavily on ePolicy Orchestrator, existing McAfee end-point security customers will find that adding McAfee's NAC to their networks is a very natural and easy extension. Read More Network access control vendors pass endpoint security testing One of the main promises of NAC is that you can ensure that endpoint security tools are up to date and that non-compliant machines can be identified or blocked. As regulatory compliance has grown in importance, NAC vendors have reacted by building strong feature sets aimed at endpoint security and compliance. In our NAC testing, we had good, and sometimes great, results across the board when it came to endpoint security. Read More Cisco NAC: Strong in-line enforcement While Cisco's overall NAC strategy is in flux, a NAC Appliance investment is likely to come with substantial purchase protection — just be sure to keep your SMARTnet contract up to date. Read More Network access control management: Pick your poison In testing 12 NAC products, we discovered an incredible variety of management styles. To organize our results, we broke things up into three main categories: overall management, separation of control, and high availability. Read More
	Join us on LinkedIn Discuss the networking issues of the day with your colleagues, via Network World's LinkedIn group. Join today! - Jeff Caruso, Executive Online Editor Books for you from Microsoft Subnet and Cisco Subnet Throw your name in the hat for a complete CompTIA Security+ study guide and the SharePoint bible, Essential SharePoint 2010. Deadline July 31. Enter today! Computerworld and Network World: Best of Green IT Computerworld and Network World: Best of Green IT Computerworld and Network World are teaming up to identify the top organizations leading the way with green-IT efforts and the coolest green-IT products. Computerworld will feature two ranked lists in its Oct. 25 issue: Top green-IT end-user organizations and a Top green-IT data center suppliers/vendors. Network World will feature the most effective green-IT products, as cited by survey respondents, in its Oct. 25 issue and online. Please fill out our short survey or forward this link to the person in your company best able to answer questions about IT energy issues. Surveys should be submitted by Thursday, July 1 at 12 noon EST. SLIDESHOWS The view from the Googleplex We recently visited the "Googleplex," Google's expansive headquarters in Mountain View, Calif., for an interview, and took the chance to snap a few pictures of life inside what must be one of the most entertaining workplaces in America. Network access control in a nutshell Twelve leading NAC products were put to the test. Here's what we found. MOST-READ STORIES Google Voice no longer an invitation-only affair Meet the father of Google Apps (who used to work at Microsoft) Apple leaves iPad vulnerable after monster iPhone patch job Cisco announces the CCIE Emeritus Program More than a quarter of iPhones break within two years 40/100G Ethernet standard ratified VeriSign SSL hackable - Comodo exposes, VeriSign denies Open-sourced textbooks could ease college costs Visiting the Googleplex Ultimate guide to network access control products
	Do You Tweet? Follow everything from NetworkWorld.com on Twitter @NetworkWorld. You are currently subscribed to networkworld_compliance_alert as networking.world@gmail.com. Unsubscribe from this newsletter | Manage your subscriptions | Privacy Policy If you are interested in advertising in this newsletter, please contact: bglynn@cxo.com To contact Network World, please send an e-mail to customer_service@nww.com. Copyright (C) 2010 Network World, 492 Old Connecticut Path, Framingham MA 01701 ** Please do not reply to this message. If you want to contact someone directly, send an e-mail to customer_service@nww.com. **