Published By: Aventail
Published Date: Aug 21, 2009
NAC is a multifaceted framework to thoroughly control who and what gets access to network resources, and help keep malware from entering the enterprise. Today, there are huge challenges to implementing as-yet immature NAC solutions on an enterprise-wide basis, including convoluted integration requirements, inadequate inspection capabilities, and weak policy management.
Published By: Imprivata
Published Date: Aug 21, 2009
When the U.S. Congress passed the Health Insurance Portability and Accountability Act (HIPAA) of 1996, among the law's many provisions was the establishment of formal regulations designed to protect the confidentiality and security of patient information. In addition to mandating new policies and procedures, the HIPAA security regulations require mechanisms for controlling access to patient data on healthcare providers' information technology (IT) systems.
Global Trust is a comprehensive Permission Management Infrastructure that centrally controls and manages user access Permissions to Web-based resources, servlets, Beans or any external application. Download this white paper and learn how the Global Trust solution enforces your policy consistently across your e-business and associates according to the planned security model (delegation, user's type, roles, policies, etc).
The law in the United Kingdom has various influences on organizational information security policy. As well as protecting the rights of individuals and organizations, it also imposes many duties and responsibilities. For organizations to meet their legal obligations a number of technical controls can be put in place.
This white paper reviews the five most common current approaches to messaging security. While the five approaches discussed here are not the comprehensive list of available solutions, they are the basis for most variations of messaging security solutions available today.
This white paper describes how Sigaba's secure email solutions minimize the burden on IT organizations through a combination of easy integration with existing enterprise systems and simple maintenance.
Download this information-packed white paper by Nancy Flynn, Executive Director of the ePolicy Institute, for a no-nonsense look at the business risks and legal liabilities associated with employee misuse of the Internet, email, instant messaging (IM), and peer-to-peer (P2P) file-sharing technology.
The greatest threat to enterprise data security comes from inside threats. Securing the enterprise requires an understanding of the data leak points, environment, people, and processes for managing sensitive information. This white paper explains how network-based and endpoint-based solutions can work together to provide the broadest protection available while ensuring scalability and manageability, and that employee productivity is not impacted.
Information security policy development should not be a one-time event. In order to effectively reduce risk and maintain a proper governance structure, organizations must periodically update written security policies as part of an ongoing management process.
How mature is your information security policy program? Do you have a set of outdated documents stored in a binder or intranet site? Or do you have a documented management program that keeps your policies up to date, your users informed and your internal auditors sleeping at night?
If your company stores or processes credit card information, you must be able to demonstrate compliance with the Payment Card Industry (PCI) Data Security Standards (DSS). These standards include requirements for security management, policies, procedures, network architecture, design, and other critical protective measures. They also include one very prescriptive requirement: Section 6.6 mandates that organizations secure all Web applications by conducting a code review or installing an application layer firewall. Companies have had a very difficult time passing the other parts of Section 6 and they have experienced a rising number of data breaches. Unless companies take 6.6 seriously, PCI compliance failure rates, and data breaches, will continue to grow. Read this whitepaper to gain an overview of best practices to pass Section 6.6 and an understanding of the technology available to you.
This document describes how Likewise and Microsoft Active Directory can foster compliance with the Payment Card Industry Data Security Standard, a set of requirements for businesses that process payment card information. Developed by Visa, American Express, Discover Financial Services, and other members of the PCI Security Standards Council, the standard sets forth policies, procedures, and practices to protect customer account data. The standard includes specific requirements for strictly controlling access to customer data, authenticating business users, monitoring access, maintaining a secure network, and auditing system resources. Likewise integrates Linux, Unix, and Mac OS X workstations and servers into Active Directory, providing the basis to assign each user a unique ID for authentication, authorization, monitoring, and tracking. Likewise also provides group policies for non-Windows computers so that their security settings and other configurations can be centrally managed in the same way as Windows computers.
Increased regulatory scrutiny on the protection levels afforded sensitive information by those that transact and process it is causing enterprises to improve mainframe security strategies. This entails proactively investigating exposures and implementing appropriate policies, processes and technologies, including those for data z/OS tape encryption. Read this Technology Brief created by CA to learn how to identify exposure points and through the use of Tape Encryption.
Published By: BlackBerry
Published Date: Aug 26, 2008
It's important that corporate mobile policies cover everything from what types of devices will be available to users, how and when they can use them, what corporate resources they are able to access and what security measures will be instituted. Furthermore, Mobile managers must not ignore the impact of government regulations and compliance when laying out their corporate mobile policies.
Published By: Tripwire
Published Date: Apr 28, 2008
Learn more about the security risks and vulnerabilities faced by organizations, and the elements of a proactive security approach. Then find out how Tripwire helps organizations attain and maintain a good security posture using industry-leading configuration assessment and change auditing to harden systems against security breaches, automate compliance with security standards and policies, identify configuration changes, and resolve vulnerabilities.
Published By: Blue Lane
Published Date: Jan 07, 2008
Quantros’ business—an ASP for the health care industry—requires a secure network and maximal uptime—all with a small IT department and a small budget. Quantros was challenged to implement and enforce sound security policies and to keep up with the continuous stream of vendor patches.
The ability to monitor, track and report usage based on actual user identity and applications provides for quicker reaction time, easier reporting for compliance, as well as more visibility into the network. Learn about a complete line of solutions for effective identity-based policy enforcement.
Published By: Motorola
Published Date: Aug 09, 2007
Mobile devices represent a tremendous productivity advantage for today’s mobile worker. However, IT organizations must give consideration to the deployment of device security policies in order to provide the level of security that enterprises require.
Published By: Perimeter
Published Date: Jul 17, 2007
Click here and get a head start on these Hackers by learning how they are turning their attention to new ways to deliver viruses, crash unsuspecting users’ computers, and steal social security numbers, passwords, bank account numbers, etc.
Published By: AirDefense
Published Date: Apr 24, 2007
This paper outlines the specific elements of wireless LAN security (perimeter control, access control, date protection, and monitoring) and WLAN management (configuration, fault diagnostics, network usage, and policy enforcement). Reader will gain a keen understanding of how to effectively lockdown a wireless LAN and manage it for peak performance.
Published By: AirDefense
Published Date: Apr 24, 2007
This white paper is designed to guide network administrators and security managers to design, implement, and enforce wireless LAN security policies that enable every organization to fully reap the benefits of wireless LANs without experiencing undue management pains and security holes.
Compliance, capacity management and e-policy enforcement. Which factors are driving email archiving at your organization? And how do you pick a solution that solves your specific problems without breaking the bank? There are many internal and external forces driving the need to archive.