Security - We will get there

CBC reported the security incident from Alberta health network which an aged virus took control several computers and stole thousands of health records.

I've been involved into the identity management a while ago and heard OpenID as a "a free and easy way to use a single digital identity across the Internet." 

Basically it's a free, open and distributed framework for user authentication. There is extension to add more value into this framework such as creating user profile automatically by  having additional user information.

Here is what I can use from my web site:

Messaging security and data loss prevention for email,IM etc

Here are the risks presented by IM: 1. Viruses and worms over IM.     It provide new spreading path and faster than traditional path. 2. Identity theft/authentication spoofing     Identify of public IM users is not controlled by corporate security measures. 3. Firewall tunnelling:     IM software are designed to bypass firewall/proxy controls. But if you are not limiting employee's Internet usage by firewall control, this won't apply.

Risk matrix

1. Some fine tune examples:

This is from http://www.linuxquestions.org/questions/showthread.php?t=45261 and this local copy is for my convenience. Security references

IDS and IPS application tips Links:

• Snortcenter original homepage
• Snortcenter v2 at sf.net
• http://www.securityfocus.com/ids
• http://midas-nms.sourceforge.net/