Bytware's use of QR Codes on its promotional literature at COMMON challenges the widespread U.S. use of a more primitive barcode technology.

By Chris Smith

Have you ever stood in front of the self-serve checkout scanner in the supermarket trying to get your cookies to be read by the barcode scanner? Personally, I admire the brave souls who take anything more than a small number of items to the self-serve counter. Sometimes you can scan in everything you are buying, and sometimes you can't. Of course, that's why there is an attendant standing in the middle between the rows of scanners: to help. At least, I hope that's why she's there and not because store management thinks people will cheat and skip scanning an item or two.

In this article, Carol Woodbury discusses how moving to i5/OS V6R1 will provide more security for your organization.

By Carol Woodbury

When asked to write this article, my immediate reaction to the question posed in the title was, "Only if people use the function provided in V6R1." There is a plethora of security functions and features in the current releases of i5/OS. The problem is, many shops don't take advantage of them. So why is V6R1 any different? To answer that question, we have to take a trip back a few releases.

In this article, Carol Woodbury discusses the issues surrounding compliance as well as items to address to remain in compliance.

By Carol Woodbury

I wish I had a magic formula for ensuring that your organization's security configuration was in compliance. Unfortunately, it's just not that easy. It seems that there's at least a slight twist to every organization's compliance implementation. This article endeavors to provide guidelines for you to use to determine how best to attain and remain in compliance.

By Chris Smith

Worried about viruses, worms, hackers, spam, and unwanted Web content? IBM released a new security appliance this week that promises to simplify and fortify small business networks.

The proper management of security starts way before and goes way beyond technical decisions. Technical decisions are extremely important for proper information security management, but they are neither the starting point nor the most important decisions related to effective information security management.

Yet most organizations treat information security as a purely technical issue. This, in my opinion, is why we keep seeing major incidents at large and familiar organizations (e.g., TJX). Not until high-level management understands that security is primarily a business issue and begins to assert its proper role in the security process will the state of affairs in information security begin to change. Only when this happens will it be possible to ensure the appropriate execution of the other roles. The objective of this article is to support this assertion and to describe the security business process needed to make meaningful improvements in the management of information security in the entire industry.

With frequent reports of lost backup tapes, stolen laptops, and database breaches, it's time to look at the new laws and regulations that protect the privacy of data.

The reason we're hearing about all of the breaches and loss of data is because of a law first passed in California and then enacted by most other states that requires organizations to notify individuals when their private data (e.g., social security number, bank account number, credit card number, or driver's license number) has been lost, breached, or thought to have been breached. As of this writing, 38 states have passed some version of a breach notification law. Most states provide some form of exemption from notification if the lost or stolen data was encrypted. This has driven many organizations to consider encrypting their backup media.