NIST draft security guides out
The National Institute of Standards and Technology released new draft guidance April 3 for dealing with two of the most common sources of security breaches: poorly configured e-mail servers and the failure to apply software patches.
The two draft guides are part of a series developed by NIST's Computer Security Division and are available through its Computer Security Resource Center Web site (csrc.nist.gov).
NIST's e-mail guide is intended for systems administrators who are responsible for installing, configuring and maintaining e-mail servers and clients. It includes general information on securing e-mail applications and also provides specifics for securing the most popular ones — Microsoft Corp.'s Exchange and Unix sendmail.
NIST's draft guide on patches is intended for both managers and systems administrators. The guide addresses the low implementation rate of commercial software patches, to which experts attribute the success of most security attacks.
Poll: Surveillance still OK
The Harris Poll of Harris Interactive Inc. taken from March 13 to March 19 shows that 81 percent of those surveyed favor the use of facial-recognition technology to scan for suspected terrorists at various locations and at public events. This is down slightly from 86 percent who responded favorably six months ago.
In other findings, 59 percent of those surveyed said they favor adoption of a national identification system for all U.S citizens, down from 63 percent six months ago, and 44 percent said they favored expanded government monitoring of wireless phones and e-mail to intercept communications, while 51 percent opposed it. That compares with 54 percent who favored it six months ago, and 41 percent who did not.