Encryption
(45)
Risk Management: Bridging Policies and Procedures - Fundamental Security Concepts
[ Source: Global Knowledge ]
October 2008-One thing that security professionals know is that security is about processes, not about the technology. The key to security is to match the technology to the process, but you have to know the process first. Policies and procedures are the requirements, and risk management is the bridge between the two. Collectively, they are the road maps that lead to effective and efficient security designs. This white paper covers the basics of risk management in ....
Protecting Against the New Wave of Malware
[ Source: Sunbelt Software ]
September 2008-Managing threats to the endpoint infrastructure is becoming increasingly difficult for most organizations regardless of their size. Viruses, worms, spyware and other forms of malware are becoming more virulent, their authors are becoming more adept at getting around existing defenses, and the profits generated by malware are funding new and more dangerous threats.
At the same time, many anti-virus, anti-spyware and other anti-malware defenses are not keeping up with the growing threats ....
Trends in Information Security: A CompTIA Analysis of IT Security and the Workforce
[ Source: CompTIA ]
September 2008-As global trends of workforce mobility and decentralization put a greater strain on IT security infrastructure, it is becoming increasingly more complex for corporate IT departments to safeguard information. More than ever before, firms are using diverse devices to exchange information faster and over longer distances, and the growing use of technologies supporting this trend - such as handheld devices or voice over IP – gives rise to new risks. As a result, corporate IT ....
Fast-Start Failover Best Practices: Oracle Data Guard 10g Release 2
[ Source: Oracle ]
January 2008-Fast-Start Failover is an Oracle Data Guard 10g Release 2 feature that mechanically and reliably fails over to an elected, synchronized standby database in the event of loss of the manufacture database, without requiring manual intervention to execute the failover. In addition, following a fast-start failover, the original production database is automatically reconfigured as a new standby database upon reconnection to the configuration. This white paper explains Fast-Start Failover and describes Maximum Availability Architecture (MAA) ....
Vulnerability Management for Dummies
[ Source: Qualys ]
May 2008-As a business owner, or someone responsible for network security within your organization, you need to understand how to prevent attacks and eliminate network weaknesses that leave your business exposed and at risk.
"Vulnerability Management for Dummies" arms you with the facts and shows you how to implement a successful Vulnerability Management program. Whether your network consists of just a handful of computers or thousands of servers distributed around the world, this book ....
ThinkVantage Security Strategy and Client Security Solution 6.0
[ Source: IBM ]
January 2008-This paper published by IBM describes ThinkVantage security strategy and the roll that Client Security Solution 6.0 plays in that strategy. The ThinkVantage security strategy is to provide a complementary set of security features as value add to ThinkPad notebooks and ThinkCentre desktops. The purpose of this set of security features is to enable customers to implement a layered defense security model on PCs.
The Effectiveness of Security Policies
[ Source: IronPort Systems ]
November 2008-This set of findings from a security study on data leakage revealed that many companies do not have security policies and that security policies that are in place are often ineffective. This analysis provides additional justification for the initial survey findings, which reported that employees around the world are putting corporate and personal data at risk.
The survey included more than 2000 employees and information technology professionals in 10 countries that Cisco selected because ....
Data Backup and Compliance: Three Reasons to Get It Right
[ Source: Remote Backup Systems ]
January 2008-Fortune 500 companies have been vilified for reckless data stewardship and fabrication of financial reports. Corporate America, already under varying degrees of competitive and performance pressure, is now faced with compliance legislation and disclosure requirements that seek to right some of wrongs done to consumers, investors, and employees alike. Access and process controls, internal and third party audits, reporting requirements and penalties for non-compliance are just a few of the areas that will be addressed ....
NAC 2.0: A New Model For a More Secure Future
[ Source: Sophos ]
September 2008-As organizations turn to network access control (NAC) technologies to protect their networks and data, the flaws of earlier versions of NAC are becoming apparent. New pressures from a constantly changing threat environment and an increasingly mobile workforce require a new NAC model that will offer more finely controlled network access, an increased agility of response, and a better focus on network, desktop, and security operations. This paper looks at where NAC 1.0 went wrong ....
The Case for Security Information and Event Management (SIEM) in Proactive Network Defense
[ Source: TriGeo Network Security ]
January 2008-It’s widely accepted that Security Information and Event Management (SIEM) systems are excellent tools for regulatory compliance, log management and analysis, trouble-shooting and forensic analysis. What’s surprising to many is that this technology can play a significant role in actively defending networks. This whitepaper explains precisely how real-time analysis, combined with in-memory correlation, and automated notification and remediation capabilities can provide unprecedented network visibility, security and control.
The Importance of Mobile Security
[ Source: Sprint ]
August 2008-
Sprint's head of mobile security, Mark Hasse, talks to Insurance and Technology about the role of security for mobile workers. Especially as Insurance agents and field workers take new mobile platforms and laptops out of the enterprise, there are concerns about losing or compromising sensitive financial and customer information. Hasse talks about the need for awareness, the important topic of securing data at rest, and the encryption solution.
Introduction to Digital Rights Management - DRM
[ Source: LockLizard ]
August 2007-
This paper covers the technology called Digital Rights Management or DRM, what it achieves and how this benefits your business. It covers the demand for DRM in the protection of intellectual property and the use of encryption and cryptography in protecting and controlling digital content. It compares DRM controls against IT controls, charging mechanisms, and the use of DRM in various industries. Most importantly it covers how DRM can be made to work for your ....
Advances in Endpoint Data Security
[ Source: Credant Technologies ]
February 2008-
Data security has evolved beyond simply securing "bits on disks". To ensure data protection in today's dynamic IT environment, leading analysts recommend that security protects what matters most — the data. This requires a solution with a single, integrated security architecture and a data-centric, policy-based encryption approach that can be consistently enforced wherever the data resides — across heterogeneous endpoint device types, operating system platforms, and end users. The paradigm must shift from Full ....
Security Implications of Web 2.0 Services: Undocumented Code and Content is Leaving a Gap in Your Application Security Strategy
[ Source: Palamida ]
July 2008-
Organizations worldwide are embracing and leveraging Web 2.0 for improved products, services, and overall business strategies. The same Web 2.0 characteristics that enable creativity, productivity and collaboration also make the Web 2.0 ecosystem prone to successful attacks and theft. The Web 2.0 global ecosystem increases the vulnerability of distributed software and exposes it to piracy and abuse, especially in places known for intellectual property neglect. User-friendly open source development technologies ....
Encryption Methods for Protecting Data
[ Source: Bosanova Q3 Storage Security Encryption ]
January 2008-
Encryption is a tool that may be used in a centralized data pool in a tape environment. It is not a panacea; improper implementation and use of data encryption may only provide an illusion of security. Inadequate understanding of encryption applications and data encryption could deter the utilization of other required protection techniques. However, with proper management controls, adequate implementations specifications and applicable usage guidelines, data encryption will not only aid in protection data communications ....
Gabriel Connection Technology
[ Source: VirnetX ]
July 2008-
Gabriel Connection Technology empowers individuals, organizations of all sizes and government agencies to establish and administer their own private network enclaves or Safe Neighborhoods across the Internet. These enclaves provide cryptographic privacy for all data within the enclave and cryptographic authentication of all of its participants. VirnetX Security Platform (VSP)-enabled Safe Neighborhoods have changed the way people think about network enclaves. Instead of networks being secured by physical barriers, they’re defined cryptographically, thereby allowing secure ....
Balancing Risk and Productivity for Mobile Insurance Workers
[ Source: Sprint ]
August 2008-
Mobile services, like 3G, have made it possible for Insurance workers to remotely access vital information while they are out in the field, but this also introduces a great deal of risk. Mark Hasse, who heads up mobile security for Sprint, demonstrates the SprintSecure Guardian connection card at ACORD.
The Latest Advancements in SSL Technology
[ Source: VeriSign ]
March 2008-
Get the latest information about SSL in the free white paper from VeriSign: “The Latest Advancements in SSL Technology”.
Information Leakage: What it is, and how Digital Rights Management (DRM) can Prevent it
[ Source: LockLizard ]
August 2008-
This paper covers what information leakage is and why it has become so prevelant. It discusses why DRM (Digital Rights Management) is required to prevent information leakage from within and outside of the enterprise and why encryption and access control are only effective inside the enterprise.
Enterprise Bank & Trust has Password Security Locked Up with Imprivata OneSign
[ Source: Imprivata ]
January 2006-
As a leading commercial banking and wealth management services provider in St. Louis and Kansas City, Enterprise Bank & Trust is committed to providing its customers with the highest standards of service and security. A few years ago the bank’s IT team implemented unique and complex passwords that bank staff had to remember to gain access to their many applications. Users struggled to remember many unique and difficult passwords, even resorting to writing passwords down. ....
IronPort 2008 Internet Malware Trends Report
[ Source: IronPort Systems ]
November 2008-
In 2007, Storm burst onto the scene and rapidly spread. A new form of malware that propagated using a combination of email and websites, it proved extraordinarily sophisticated. Storm and newer malware botnets that build on Storm’s strengths continue to affect and threaten Internet communication. To help explain the spread of Storm and current and future threats posed by similar malware, this report offers an examination of Storm and its history.
2008 Internet Security Trends: A report on Emerging Attack Platforms for Spam, Viruses and Malware
[ Source: IronPort Systems ]
November 2008-
The overall trends in spam and malware can be characterized by a larger number of more targeted, stealthy and sophisticated attacks. This report is designed to help highlight the key security trends of today and suggest ways to defend against the sophisticated new generation of Internet threats certain to arise in the future.
Iron Port Encryption Technology: Safeguarding Business Email
[ Source: IronPort Systems ]
November 2008-
Email has become a prevalent medium for business communications, and its popularity continues to grow. Every day, sensitive information is shared with business partners and customers via email. Although email is critical to the rapid pace of business today, the general lack of message security is a source of concern, both for regulators and business executives.
The more that businesses rely on email, the more critical it becomes to protect confidential email ....
EMC Documentum Information Rights Management Extends Security and Control
[ Source: EMC ]
October 2008-
The EMC Documentum architecture for information rights management (IRM) helps global companies and government agencies actively control, secure, and track sensitive information, wherever it resides, beyond delivery to and access by authorized users. The system uses strong industry-standard cryptography combined with a unique client-server architecture. Documentum IRM Services’family of client applications or plug-ins works with a common policy server to secure and control electronic information. This white paper provides an overview of the technical architecture ....
Encryption Methods for Protecting Data
[ Source: Bosanova Q3 Storage Security Encryption ]
January 2008-
Encryption is a tool that may be used in a centralized data pool in a tape environment. It is not a panacea; improper implementation and use of data encryption may only provide an illusion of security. Inadequate understanding of encryption applications and data encryption could deter the utilization of other required protection techniques. However, with proper management controls, adequate implementations specifications and applicable usage guidelines, data encryption will not only aid in protection data communications ....
The Virtual Safe: A User-Focused Approach to Data Encryption
[ Source: Steganos ]
March 2008-
The personal computer has never been more personal. We routinely trust it with private correspondence, diary entries, emails, all sorts of addresses, the household budget and holiday photographs. We use it to shop, seek health advice, and manage our savings, while the more creative among us use it to write poetry, compose music or paint pictures. It could be said that our hard drive provides a unique portrait of our most private personal lives. And ....
PDF Security: Passwords, Access Control, and DRM
[ Source: LockLizard ]
March 2008-
This paper covers the development of PDF security from simple password mechanisms to access controls and DRM. It discusses lifecycle management, PKI, third party systems and standards. The background of the PDF format is covered and how backwards compatibility has hindered the development of security going forwards.
Document Security - A Guide to Securing Your Documents
[ Source: LockLizard ]
August 2007-
When we talk about document security we can have many different ideas as to what security is actually wanted or needed, and what it is there to achieve. In this article we will look at the three principal approaches used today, how they rely upon each other and where they differ. The principal approaches are encryption, DRM and collaboration. This paper explains what components make up a document security solution and which one is right ....
Information Leakage: What it is, and how Digital Rights Management (DRM) can Prevent it
[ Source: LockLizard ]
August 2008-
This paper covers what information leakage is and why it has become so prevelant. It discusses why DRM (Digital Rights Management) is required to prevent information leakage from within and outside of the enterprise and why encryption and access control are only effective inside the enterprise.
Introduction to Digital Rights Management - DRM
[ Source: LockLizard ]
August 2007-
This paper covers the technology called Digital Rights Management or DRM, what it achieves and how this benefits your business. It covers the demand for DRM in the protection of intellectual property and the use of encryption and cryptography in protecting and controlling digital content. It compares DRM controls against IT controls, charging mechanisms, and the use of DRM in various industries. Most importantly it covers how DRM can be made to work for your ....
