Are you a member of the TUC? IN THIS ISSUE Global Group Updates Member Interview TUC Webcasts Webcast Replays User Group Meetings Sponsors MEMBER INTERVIEW TUC Member Interview Todd Loveday , Maximo Project Manager, URS Corporation   Click here   to view other TUC Member Interviews WEBCAST REPLAYS Check out the replays of July's TUC webcasts!   Webcast Replay   ​ Monitoring of Your DataPower Multi-Tenant Environment   Webcast Replay   ​ Demonstrate the Value of Your Maintenance Department by... [More]

IBM wants to increase the value of your existing products by bringing you more content through the  Integrated Service Management Library . Please take a moment to help us understand what kind of content would be most useful to you by answering this very brief survey.

  How a pair of missing pants taught me about audit, surveillance, and customer service and the implications for technology controls. [Read this post.]

Tags:  security surveillance audit privacy

Don’t miss the next Tivoli User Community webcast: IBM’s Next Generation of IAM solutions – What You Need to Know Now on December 12, 2012 at 11:00 am ET, USA.   Reserve Your Webcast Seat Now   Overview: In Q4 2012, IBM Security completely revamped the Identity and Access Management portfolio to address today’s advanced security threats. Familiar products such as Tivoli Identity Manager and Tivoli Access Manager for e-business have new IBM Security names and exciting new capabilities. Plus we’ve announced brand new solutions... [More]

Tags:  user security ibm tivoli iam solutions tuc webcast storage community

I've posted  my thoughts on the 2012 IBM Tech Trends Report  at the IT Security Zone blog. Interesting how pervasive security is in the report. 

Tags:  security

There was a time, when logging in to your bank account was a simple matter of entering a user ID, entering a password, and accessing your account. Similarly, getting cash from an ATM, just entailed inserting your card, entering your PIN code, and grabbing the cash. Not any more. When you access your bank’s web page, something horrible, called ‘malware’, sits on your PC, remembering every character you type, and sending them all to its sociopathic owner, so that he can later rob you. When you visit your ATM, a hidden camera records the... [More]

Tags:  authentication security online atm banking identity

What kinds of security controls could have prevented the Skype account hijack attack? Can we do anything except rely on white hat penetration testing? [Read this post.]

Tags:  security skype pentesting

There are times when “security through obscurity” is a perfectly legitimate security control tactic, especially against opportunistic attackers. [Read this post.]

Tags:  security obfuscation

Could the IT DMZ be used as a model for controlling payment card fraud and help protect against skimming attacks like those at Barnes and Noble? [Read this post.]

Tags:  pci fraud payment-card security

Our common stereotypes of social engineering attacks don’t match up to the latest data in the Verizon 2012 Data Breach Investigations Report. [Read this post.]

Tags:  social-engineering security

RSA announces a new offering to protect password credentials. But is protecting the password file really that difficult? [Read this post.]

Tags:  passwd security password

The 2012 Global Reputational Risk and IT Study calls into question the assumption that IT security incidents have only temporary impact on reputation. [Read this post.]

Tags:  erm security reputation risk

News about the IBM Security zSecure suite  is regularly posted to SMC - System Z .   Recent news of particular interest from a compliance perspective: IBM Security zSecure Audit integration with QRadar SIEM

Tags:  z/os mainframe security servicemanagementconnect q1labs racf qradar siem acf2 db2 systemz ism cics zsecure topsecret

IBM Tivoli Access Manager for e-business is a single sign-on (SSO) solution that authorizes and authenticates user access to Web and other hosted applications. Tivoli Access Manager’s software is a highly scalable user authentication, authorization and Web SSO solution for enforcing security policies over a wide range of Web and application resources. It centralizes user access management for online portal and business initiatives. See the support and services Tivoli Access Manager V6.0 has for you and your business needs in the... [More]

Tags:  tivoli access iea manager

About an hour ago we launched the new developerWorks security site . I'm excited to have this corner of developerWorks to pull together all of the existing security articles on dW in one place. But more importantly we're looking forward to producing a steady stream of how-to articles and videos on producing secure code and securing your IT operations at the new developerWorks security site. The developerWorks security site has two key parts to its "Practices" area. The first section is devoted to secure software... [More]

Tags:  developerworks security dw

    “All or nothing” authentication for low end privilege escalation hampers end-user adoption due to the inconvenience associated with authentication. [Read this post.]

Tags:  authentication security mobile

The recent Amazon / Apple account hack shows three examples of the same type of fundamental security flaw: using personal information as a credential. [Read this post.]

Tags:  strong-authentication amazon pwdreset apple security authentication

The Internet is changing the face of product support. It is an undeniable fact that the manner in which we attempt to resolve problems, be they complex software applications or finding the closest Italian restaurant, is entirely different than 10, 5, or even 2 years ago. In all facets of our daily lives, how we search for answers to even the simplest of problems have been forever changed through online technology and capabilities. The Internet permeates all aspects of our lives; how many readers of this blog post do not understand... [More]

Tags:  social support business

The European Commission’s Article 29 Data Protection Working Party has issued a lengthy paper codifying the principle of “buyer beware” in its approach to cloud service providers in member states. [Read this post.]

Tags:  privacy european-union security