Encryption Methods for Protecting Data
[ Source: Bosanova Q3 Storage Security Encryption ]
January 2008-
Encryption is a tool that may be used in a centralized data pool in a tape environment. It is not a panacea; improper implementation and use of data encryption may only provide an illusion of security. Inadequate understanding of encryption applications and data encryption could deter the utilization of other required protection techniques. However, with proper management controls, adequate implementations specifications and applicable usage guidelines, data encryption will not only aid in protection data communications ....
Advances in Endpoint Data Security
[ Source: Credant Technologies ]
February 2008-
Data security has evolved beyond simply securing "bits on disks". To ensure data protection in today's dynamic IT environment, leading analysts recommend that security protects what matters most — the data. This requires a solution with a single, integrated security architecture and a data-centric, policy-based encryption approach that can be consistently enforced wherever the data resides — across heterogeneous endpoint device types, operating system platforms, and end users. The paradigm must shift from Full ....
EMC Documentum Information Rights Management Extends Security and Control
[ Source: EMC ]
October 2008-
The EMC Documentum architecture for information rights management (IRM) helps global companies and government agencies actively control, secure, and track sensitive information, wherever it resides, beyond delivery to and access by authorized users. The system uses strong industry-standard cryptography combined with a unique client-server architecture. Documentum IRM Services’family of client applications or plug-ins works with a common policy server to secure and control electronic information. This white paper provides an overview of the technical architecture ....
Authentication and Fraud Detection Buyer’s Guide from Entrust
[ Source: Entrust, Inc. ]
November 2008-
The Entrust Authentication and Fraud Detection Buyer’s Guide guide has been developed to assist financial services organizations in identifying their requirements for an authentication and fraud-detection solution, and in selecting a solution that meets their security needs. It outlines key questions that should be considered during the selection process to ensure that the chosen solution will address the organization’s requirements both from a business and operational perspective.
Man-in-the-Middle Attacks: Helping to eliminate the threat without impacting the business
[ Source: Entrust, Inc. ]
September 2008-
Man-in-the-middle (MITM) attacks have become increasing recognized as a serious and sophisticated threat that can defeat a single layer of security. This white paper explains this new trend and how a cost-effective collection of solutions, including EV SSL certificates, multifactor authentication and fraud detection, can help banks defeat MITM attacks.
Knowledge-based Authentication Is Not Enough
[ Source: Global Crypto ]
February 2009-
Everyday millions of consumers login to financial institutions, brokerage accounts, trading platforms and other web sites using Knowledge Based Authentication (KBA) solutions. Typically these solutions ask users to respond to questions selected by the user during the web site’s initial enrollment process.
The assumption is only that particular user knows the correct answer to these common questions. But the reality is these solutions tend to create user confusion and do little to protect ....
Enterprise Bank & Trust has Password Security Locked Up with Imprivata OneSign
[ Source: Imprivata ]
January 2006-
As a leading commercial banking and wealth management services provider in St. Louis and Kansas City, Enterprise Bank & Trust is committed to providing its customers with the highest standards of service and security. A few years ago the bank’s IT team implemented unique and complex passwords that bank staff had to remember to gain access to their many applications. Users struggled to remember many unique and difficult passwords, even resorting to writing passwords down. ....
Tunneling Process Data Securely Through Firewalls
[ Source: Integration Objects ]
February 2009-
To not securely transmit process data exposes process control networks to potential cyber attacks which can disrupt production, compromise safety and cause significant financial losses for companies. This paper expands on the issues and challenges of using DCOM when deploying OPC technology and presents an alternative solution that addresses the industrial end-user requirements.
IronPort 2008 Internet Malware Trends Report
[ Source: IronPort Systems ]
November 2008-
In 2007, Storm burst onto the scene and rapidly spread. A new form of malware that propagated using a combination of email and websites, it proved extraordinarily sophisticated. Storm and newer malware botnets that build on Storm’s strengths continue to affect and threaten Internet communication. To help explain the spread of Storm and current and future threats posed by similar malware, this report offers an examination of Storm and its history.
2008 Internet Security Trends: A report on Emerging Attack Platforms for Spam, Viruses and Malware
[ Source: IronPort Systems ]
November 2008-
The overall trends in spam and malware can be characterized by a larger number of more targeted, stealthy and sophisticated attacks. This report is designed to help highlight the key security trends of today and suggest ways to defend against the sophisticated new generation of Internet threats certain to arise in the future.