End User/Client Security
(44)
Risk Management: Bridging Policies and Procedures - Fundamental Security Concepts
[ Source: Global Knowledge ]
October 2008-One thing that security professionals know is that security is about processes, not about the technology. The key to security is to match the technology to the process, but you have to know the process first. Policies and procedures are the requirements, and risk management is the bridge between the two. Collectively, they are the road maps that lead to effective and efficient security designs. This white paper covers the basics of risk management in ....
Protecting Against the New Wave of Malware
[ Source: Sunbelt Software ]
September 2008-Managing threats to the endpoint infrastructure is becoming increasingly difficult for most organizations regardless of their size. Viruses, worms, spyware and other forms of malware are becoming more virulent, their authors are becoming more adept at getting around existing defenses, and the profits generated by malware are funding new and more dangerous threats.
At the same time, many anti-virus, anti-spyware and other anti-malware defenses are not keeping up with the growing threats ....
Trends in Information Security: A CompTIA Analysis of IT Security and the Workforce
[ Source: CompTIA ]
September 2008-As global trends of workforce mobility and decentralization put a greater strain on IT security infrastructure, it is becoming increasingly more complex for corporate IT departments to safeguard information. More than ever before, firms are using diverse devices to exchange information faster and over longer distances, and the growing use of technologies supporting this trend - such as handheld devices or voice over IP – gives rise to new risks. As a result, corporate IT ....
Fast-Start Failover Best Practices: Oracle Data Guard 10g Release 2
[ Source: Oracle ]
January 2008-Fast-Start Failover is an Oracle Data Guard 10g Release 2 feature that mechanically and reliably fails over to an elected, synchronized standby database in the event of loss of the manufacture database, without requiring manual intervention to execute the failover. In addition, following a fast-start failover, the original production database is automatically reconfigured as a new standby database upon reconnection to the configuration. This white paper explains Fast-Start Failover and describes Maximum Availability Architecture (MAA) ....
Vulnerability Management for Dummies
[ Source: Qualys ]
May 2008-As a business owner, or someone responsible for network security within your organization, you need to understand how to prevent attacks and eliminate network weaknesses that leave your business exposed and at risk.
"Vulnerability Management for Dummies" arms you with the facts and shows you how to implement a successful Vulnerability Management program. Whether your network consists of just a handful of computers or thousands of servers distributed around the world, this book ....
ThinkVantage Security Strategy and Client Security Solution 6.0
[ Source: IBM ]
January 2008-This paper published by IBM describes ThinkVantage security strategy and the roll that Client Security Solution 6.0 plays in that strategy. The ThinkVantage security strategy is to provide a complementary set of security features as value add to ThinkPad notebooks and ThinkCentre desktops. The purpose of this set of security features is to enable customers to implement a layered defense security model on PCs.
The Effectiveness of Security Policies
[ Source: IronPort Systems ]
November 2008-This set of findings from a security study on data leakage revealed that many companies do not have security policies and that security policies that are in place are often ineffective. This analysis provides additional justification for the initial survey findings, which reported that employees around the world are putting corporate and personal data at risk.
The survey included more than 2000 employees and information technology professionals in 10 countries that Cisco selected because ....
Data Backup and Compliance: Three Reasons to Get It Right
[ Source: Remote Backup Systems ]
January 2008-Fortune 500 companies have been vilified for reckless data stewardship and fabrication of financial reports. Corporate America, already under varying degrees of competitive and performance pressure, is now faced with compliance legislation and disclosure requirements that seek to right some of wrongs done to consumers, investors, and employees alike. Access and process controls, internal and third party audits, reporting requirements and penalties for non-compliance are just a few of the areas that will be addressed ....
NAC 2.0: A New Model For a More Secure Future
[ Source: Sophos ]
September 2008-As organizations turn to network access control (NAC) technologies to protect their networks and data, the flaws of earlier versions of NAC are becoming apparent. New pressures from a constantly changing threat environment and an increasingly mobile workforce require a new NAC model that will offer more finely controlled network access, an increased agility of response, and a better focus on network, desktop, and security operations. This paper looks at where NAC 1.0 went wrong ....
The Case for Security Information and Event Management (SIEM) in Proactive Network Defense
[ Source: TriGeo Network Security ]
January 2008-It’s widely accepted that Security Information and Event Management (SIEM) systems are excellent tools for regulatory compliance, log management and analysis, trouble-shooting and forensic analysis. What’s surprising to many is that this technology can play a significant role in actively defending networks. This whitepaper explains precisely how real-time analysis, combined with in-memory correlation, and automated notification and remediation capabilities can provide unprecedented network visibility, security and control.
Spector 360 for Call Centers
[ Source: SpectorSoft Corporation ]
June 2006-
Just like your Call Recorder does for phone activity, Spector 360 enables you to improve Call Center performance and security by centrally monitoring EVERYTHING your agents do on the computer.
Spector 360 lets you automatically RECORD all agent activity. REVIEW using high-level charts and graphs. Quickly ANALYZE trends and patterns. Drill down to INVESTIGATE unproductive behavior. SEARCH for specific details. And REPORT your findings from the convenience of your desktop.
Spector 360 ....
Secure Desktop Solution: A Modern-Day Marriage of Business Benefit and Risk Reduction
[ Source: Novell ]
May 2008-
Traditional security is no longer good enough because complexity is increasing significantly. Traditional IT security was formerly provided by firewalls, antivirus solutions, and other security products. Such measures worked fine when security was defined around known threats and well-defined perimeter defenses. Now, a comprehensive security strategy must deal with the increased vulnerability of mobile assets and a threat environment that is smarter and more aggressive, organized, focused, and profit oriented. Download this white paper to ....
PowerBroker Demo
[ Source: Symark ]
August 2008-
Symark PowerBroker is a policy-driven, root account access control application that provides granular privileged access delegation, detailed logging and reporting, and centralized administration across heterogeneous UNIX and Linux environments. It provides UNIX and Linux security and accountability by enabling system administrators to delegate administrative privileges and authorization without disclosing the root password and to grant selective access to UNIX and Linux-based corporate resources. Administrators can create powerful and granular security policies in PowerBroker to restrict ....
How to Resolve the Challenges of Biometric Technology Integration, Deployment, and Support
[ Source: M2SYS Technology ]
March 2008-
Biometric authentication components are emerging as an essential part of comprehensive business software applications and will play a central role in existing and future applications, networks, and information storage facilities. These biometric components utilize physical traits or behavioral characteristics for reliable identity authentication. Application developers, integrators and software solution providers are challenged with growing demand for biometric security features and functions. With a wide variety of biometric ....
Protecting Against the New Wave of Malware
[ Source: Sunbelt Software ]
September 2008-
Managing threats to the endpoint infrastructure is becoming increasingly difficult for most organizations regardless of their size. Viruses, worms, spyware and other forms of malware are becoming more virulent, their authors are becoming more adept at getting around existing defenses, and the profits generated by malware are funding new and more dangerous threats.
At the same time, many anti-virus, anti-spyware and other anti-malware defenses are not keeping up with the growing threats ....
Network Access Control, Part II
[ Source: InformationWeek ]
June 2007-
Compliance initiatives are driving deployments of network access control, but which system is best? Many vendors, both new and established, are offering NAC solutions. Finding a product that meets an organization's needs may be daunting given the number of options, but a fit is out there. This report analyzes enterprise use of NAC, based on the authors' expertise and market knowledge, as well as NWC polls of members of the IT community.
This ....
Spector 360
[ Source: SpectorSoft Corporation ]
June 2006-
Spector 360™ Company-Wide Monitoring and Surveillance Software enables you to monitor employee PC and Internet use, analyze trends and patterns, investigate suspicious behavior, search for specific details and report your findings all from the convenience of your desktop.
Spector 360 is a scalable, centrally-managed, employee monitoring solution that is easy to deploy and manage over your network.
Spector 360 records your employees’ web sites visited, files transferred, documents printed, ....
Website Security Tests Protect Against Application Vulnerabilities
[ Source: GamaSec GamaScan Website Security Scan ]
May 2008-
Small and medium-sized enterprises (SMBs) can protect websites against application vulnerabilities with simple, easy-to-use, and affordable service. Firewall, Intrusion prevention and Detection System (IDS/IPS) are not enough to protect your Website against today's application vulnerabilities.
Achieving PCI Compliance with Log Management
[ Source: SenSage ]
May 2008-
PCI DSS states that logging mechanisms to track user activities are critical. The regulation demands companies collect, retain and analyze terabytes of audit trail history for at least one year, with a minimum of three months of on-line availability. Ensure your organization can retain a minimum of one year’s worth of data online, without archiving. Learn how log management can help companies track, monitor and transform log data into actionable information. Identify security threats, monitor ....
Enterprise Bank & Trust has Password Security Locked Up with Imprivata OneSign
[ Source: Imprivata ]
January 2006-
As a leading commercial banking and wealth management services provider in St. Louis and Kansas City, Enterprise Bank & Trust is committed to providing its customers with the highest standards of service and security. A few years ago the bank’s IT team implemented unique and complex passwords that bank staff had to remember to gain access to their many applications. Users struggled to remember many unique and difficult passwords, even resorting to writing passwords down. ....
EMC Documentum Information Rights Management Extends Security and Control
[ Source: EMC ]
October 2008-
The EMC Documentum architecture for information rights management (IRM) helps global companies and government agencies actively control, secure, and track sensitive information, wherever it resides, beyond delivery to and access by authorized users. The system uses strong industry-standard cryptography combined with a unique client-server architecture. Documentum IRM Services’family of client applications or plug-ins works with a common policy server to secure and control electronic information. This white paper provides an overview of the technical architecture ....
The Virtual Safe: A User-Focused Approach to Data Encryption
[ Source: Steganos ]
March 2008-
The personal computer has never been more personal. We routinely trust it with private correspondence, diary entries, emails, all sorts of addresses, the household budget and holiday photographs. We use it to shop, seek health advice, and manage our savings, while the more creative among us use it to write poetry, compose music or paint pictures. It could be said that our hard drive provides a unique portrait of our most private personal lives. And ....
Protecting Against the New Wave of Malware
[ Source: Sunbelt Software ]
September 2008-
Managing threats to the endpoint infrastructure is becoming increasingly difficult for most organizations regardless of their size. Viruses, worms, spyware and other forms of malware are becoming more virulent, their authors are becoming more adept at getting around existing defenses, and the profits generated by malware are funding new and more dangerous threats.
At the same time, many anti-virus, anti-spyware and other anti-malware defenses are not keeping up with the growing threats ....
Achieving PCI Compliance with Log Management
[ Source: SenSage ]
May 2008-
PCI DSS states that logging mechanisms to track user activities are critical. The regulation demands companies collect, retain and analyze terabytes of audit trail history for at least one year, with a minimum of three months of on-line availability. Ensure your organization can retain a minimum of one year’s worth of data online, without archiving. Learn how log management can help companies track, monitor and transform log data into actionable information. Identify security threats, monitor ....
Enterprise Bank & Trust has Password Security Locked Up with Imprivata OneSign
[ Source: Imprivata ]
January 2006-
As a leading commercial banking and wealth management services provider in St. Louis and Kansas City, Enterprise Bank & Trust is committed to providing its customers with the highest standards of service and security. A few years ago the bank’s IT team implemented unique and complex passwords that bank staff had to remember to gain access to their many applications. Users struggled to remember many unique and difficult passwords, even resorting to writing passwords down. ....
PowerAdvantage Demo
[ Source: Symark ]
August 2008-
Symark PowerAdvantage is a Microsoft Active Directory-centric identity management application that provides integrated authentication and configuration to extend Active Directory functionality to UNIX and Linux systems. PowerADvantage also leverages Microsoft Group Policy Objects (GPO) to deliver targeted configurations to computers and users. PowerADvantage delivers a single, centralized management solution that reduces administrative overhead, while helping your organization strengthen security policies, increase productivity, and support compliance requirements. PowerADvantage is available for a Free 30 day trial. ....
PowerBroker Demo
[ Source: Symark ]
August 2008-
Symark PowerBroker is a policy-driven, root account access control application that provides granular privileged access delegation, detailed logging and reporting, and centralized administration across heterogeneous UNIX and Linux environments. It provides UNIX and Linux security and accountability by enabling system administrators to delegate administrative privileges and authorization without disclosing the root password and to grant selective access to UNIX and Linux-based corporate resources. Administrators can create powerful and granular security policies in PowerBroker to restrict ....
Solving the Password Management Paradox: Defining the Problem and Reviewing the Four Best-Known Solutions
[ Source: Siber Systems ]
July 2008-
Organizations need to protect their data and restrict access to enterprise resources to authorized users. In an attempt to address these security concerns, many companies simply implement stronger password policies. Most employees, however, can not remember more than one or two strong passwords, so they won't follow the policy, resulting in less network security and more requests to the help desk to reset lost passwords. This is what we refer to as the Password Management ....
How to Resolve the Challenges of Biometric Technology Integration, Deployment, and Support
[ Source: M2SYS Technology ]
March 2008-
Biometric authentication components are emerging as an essential part of comprehensive business software applications and will play a central role in existing and future applications, networks, and information storage facilities. These biometric components utilize physical traits or behavioral characteristics for reliable identity authentication. Application developers, integrators and software solution providers are challenged with growing demand for biometric security features and functions. With a wide variety of biometric ....
Security vs. Flexibility: Must IT Management Choose?
[ Source: Faronics ]
June 2008-
IT Managers are tasked with making the desktop environment more secure and locked down to a uniform corporate standard, yet flexible enough to handle the myriad of exceptions that arise across the enterprise. Centralized Configuration Management (CCM) tools are great, especially in environments with branch offices. But CCM tools can’t do the big job of making your environment inherently more secure or more flexible. This paper focuses on how IT Managers ....