Mission critical defense
Attackers don't work in silos. To defend against them, your defenses can't be siloed either. The teams, tools, and solutions you use in the response ......
April 2013- Each year, leading research firm Gartner, Inc. conducts in-depth market research on the top email security providers. The resulting Magic Quadrant for Secure Email Gateways report is designed to help companies like yours understand which solutions have the best technology, strategic approach and vision to serve your security needs today and far into the future.
This paper discusses three common approaches to email encryption:
Organization-to-organization encryption, also known as "gateway-to-gateway"
Secure portal-based encryption, commonly referred to as organization-to-user "pull-based" encryption
Secure attachment, referred to as organization-to-user "push-based" encryption
All of these options are easy to implement and available using on-premises solutions or through Software-as-a-Service (SaaS). This paper provides an overview of these methods and explains their distinct advantages to help you determine which approach best ...
Big Data repositories enable enterprises to use large volumes of varied data to make more rapid decisions, but repositories frequently include sensitive data that must be secured. Most Hadoop and NoSQL environments that manipulate Big Data have little to no integrated security.
This technical paper provides an overview of NoSQL Big Data security issues and includes security recommendations that enterprises should consider when securing Big Data environments.
March 2013- The Securing and Controlling Data in the Cloud white paper describes the various cloud formations (Private Cloud, Public Cloud, SaaS, PaaS, IaaS), the new security challenges posed by the cloud and solutions that enterprises can bring to bear for securing and controlling sensitive data in cloud environments.
March 2013- The Protecting Sensitive Data In and Around an IBM DB2 Database technical white paper provides an overview of the sensitive files in and around the IBM DB2 database that enterprises need to secure to achieve optimal database security.
March 2013- The Protecting Sensitive Data In and Around an Oracle Database technical white paper provides an overview of the sensitive files in and around the Oracle database that enterprises need to secure in order to achieve optimal database security.
March 2013- The Protecting Sensitive Data In and Around a SQL Server Database technical white paper provides an overview of the sensitive files in and around the Microsoft SQL Server database that enterprises need to secure in order to achieve optimal database security.
Smartphones and tablets are everywhere. Most companies allow employees to use personal mobile devices to access corporate data, but they typically have very little visibility into which employees are accessing corporate data and what kinds of devices they're using. As a result, they are blind to the risks these devices present to their corporate data.
This white paper highlights key mobile security risks and describes how pervasive they are based on data from ...
October 2012- This White Paper discusses how you can generate tokens that replace credit card numbers with surrogates, removing systems from PCI DSS "Scope" -- which include any network components that are the primary focus of PCI DSS regulation, compliance and assessment.
October 2012- PCI DSS expert and QSA Walter Conway takes you on a deep dive tour of tokenization techniques and their merits. He also demystifies tokenization by discussing use cases, comparing tokenization vs. encryption and providing various alternatives for implementing tokenization. Finally, Walter provides guidance on how to prepare for implementing tokenization and select a solution appropriate for your needs.
As compliance demands comprehensive protection of cardholder data, enterprises require comprehensive solutions that support heterogeneous environments with a multitude of servers, operating systems, devices and applications. But getting to that point can be difficult without a good roadmap.
This whitepaper outlines a clear path to full PCI DSS compliance with a cost-effective solution.
June 2012- Despite growing protective security measures, data breaches continue to plague organizations. This paper discusses the importance of file integrity monitoring (FIM), which facilitates the detection of attacks by cybercriminals, as well as insider threats that may result in costly data breaches. It also discusses file integrity monitoring as a critical component of Payment Card Industry Data Security Standard (PCI DSS) compliance, and shows how NetIQ addresses both security and compliance challenges through the NetIQ Identity ...
April 2012- IBM SmartCloud Notes helps to protect our customers' information through governance, tools, technology, techniques, and personnel. SmartCloud Notes is a full-featured email, calendar, contact management and instant messaging service in the IBM cloud. At IBM, we strive to implement security and privacy best practices. The SmartCloud Notes security controls provide a range of protection of e-mail while enabling business operations.
January 2012- When it comes to acquiring the right security solution today, midsize retailers face a number of obstacles?including costs, complexity and business disruption. This paper analyzes the various challenges and also reviews a number of integrated solutions from IBM that can meet your needs. Read it to learn more.
November 2011- Today's attacks on IT infrastructure are becoming more frequent, targeted and sophisticated. They range from well-funded, state-sponsored attacks to attacks from trusted employees and consultants. And the targets of the attacks are equally wide-ranging, including national governments, utilities or other power-generating infrastructure, and private business. Yet most organizations seem stuck in the traditional castle-and-moat approach to security. This approach assumes there's a clear boundary between what's inside and outside the organization and that attacks come ...
Learn more about Proofpoint Encryption, Proofpoint's easy-to-deploy and easy-to-use policy-based email encryption solution and why email encryption is a critical component of today's email security solutions.
Read this whitepaper to learn about:
How email encryption plays a critical role in data loss prevention.
Challenges associated with deploying traditional email encryption solutions.
How Proofpoint Encryption eliminates key management, administration and end-user adoption issues associated with traditional email encryption ...
Learn the reasons why sensitive or confidential content must be encrypted both in transit and at rest... And why this advice applies to organizations of all sizes, regardless of industry.
Download this Osterman Research report on email encryption and other encryption technologies to learn:
The serious regulatory and financial consequences of not encrypting content.
The growing number of data protection regulations that require or imply the use of encryption. <...
July 2011- Email security threats do not discriminate. Whether you're an organization with 50 employees or a global corporation with 50,000, the reality is that spam and viruses can wreak havoc on your business, drain users' productivity and take a major toll on IT resources. SMBs need to make sure they are armed with the best security solutions available - demanding enterprise-class protection paired with fast deployment, ease of management and flexible configuration options. And, all at a price ...
Email is an essential business tool that helps organizations to efficiently communicate -both internally with colleagues and externally with customers, clients, and partners. Yet with this vital tool comes the specter of sensitive data exposure caused by sending unprotected email.
The risk goes wherever unprotected email is transmitted or is stored -including the Internet, cloud-based services, servers, desktop PCs, laptops, and mobile smartphones. The exposure of customer data, intellectual property, or legally protected ...
May 2011- In this case study, a Multi-Program National Laboratory needs to continually enhance effectiveness of protection against escalating global cyber threats such as advanced malware, zero-day and targeted APT attacks that target sensitive data. The solution is the deployment of FireEye Web Malware Protection System 7000 Series appliance. As a result, rapid appliance deployment facilitated dramatic increase in speed of threat detection, notification and resolution. Appliance accuracy and low false positive rates have elevated usability and productivity, ...
May 2011- This paper offers a better and more current framework to understand both the next-generation threat landscape of advanced malware and the five key design principles needed to eliminate the devil's bargain implicit in today's dated and highly ineffective rule-, signature- and list-based defenses.
May 2011- This handbook shines a light on the dark corners of advanced malware, both to educate as well as to spark renewed efforts against these stealthy and persistent threats. By understanding the tools being used by criminals, we can better defend our nations, our critical infrastructures and our citizens. The "Operation Aurora" incident represents an example of how the threats have escalated, revealing how advanced malware is being used in a systematic, coordinated fashion to achieve ...
Over 95% of businesses unknowingly host compromised endpoints, despite their use of firewalls, intrusion prevention systems (IPS), antivirus and web gateways. This situation-the new status quo-results from criminals leveraging multiple zero-day vulnerabilities, commercial-quality toolkits and social media to perpetrate next-generation threats. These threats move "low and slow" and use several stages and channels to duck traditional defenses and find vulnerable systems and sensitive data.
Read this paper and learn how to regain the upper ...
April 2011- This white paper discusses the threats that organizations face from spam, malware and other threats directed at their messaging and Web capabilities. It uses research from recent Osterman Research surveys, as well as information from a variety of other data sources to illustrate how to address and overcome security gaps.
Organizations who handle payment card data are obligated to comply with the Payment Card Industry Data Security Standard (PCI DSS). The PCI DSS is a multifaceted security standard that includes requirements for security management, policies, procedures, network architecture, software design and other critical protective measures. This comprehensive standard is intended to help organizations proactively protect customer account data.
PCI DSS requirements apply to all system components that are included in or connected to ...
February 2011- Tokenization is more than a security measure and more than a cost savings technique. Tokenized payment data opens up numerous possibilities, especially for businesses that have not previously kept transaction data after the authorization and settlement processes. What kind of possibilities? Non-sensitive tokenized data can be used in back-end business operations to develop innovative marketing campaigns, create customer loyalty programs, conduct business data analysis, and even assist with loss prevention. By substituting tokens for Primary ...
View All Categories
Business Intelligence : Analytics, Business Process Management, Content management, Dashboards, Data Mining, Performance Management, Databases, Datamarts/Data Warehouses, Information Management, Knowledge Management, Data Quality
Hardware : Virtualization Hardware, Windows Servers, Utility/On-demand Computing, Unix/Linux servers, Supercomputers, Peripherals, Macintosh, Handhelds/PDAs, Grid/Cluster Computing, Desktops/PCs, Data centers, Blades, Processors
Infrastructure : ATM, Ethernet/Gigabit Ethernet, Frame relay, IPv6, Traffic Management, Network/Systems Management, PBXs, Printers, Remote Access, Routers, Switches, UPS, VPNs, WAN Optimization/Acceleration, Wide Area File Services
Internet : B2B, B2C, Browsers, E-Business/E-Commerce, E-retail, Google, Social Business, Internet Security, Search, Social Networks, Traffic Reporting/Monitoring, Web 2.0, Web Development, Internet Policy
Management : Career Development, Training, Small-Medium Business, Salary/Compensation, ROI/TCO, Regulation/Compliance, Recruiting, Personnel Management, Outsourcing, Legal, H-1B, Executive Insights/Interviews, Workplace Trends
Personal Tech : Blackberry, Bluetooth, Bluray, Digital Cameras, Digital Music, Digital Rights Management, Virtual worlds, iPhone, iPod, Peripherals, Smartphones, TVs/Home Theater, Global Positioning Systems
Security : Security Administration, End user/Client Security, Encryption, Cyberterror, Attacks/Breaches, Application Security, Antivirus, NAC, Perimeter Security, Privacy, Vulnerabilities and Threats, Storage Security, Intrusion Prevention
Services : Telecom/Voice Services, Business Process Outsourcing, Business Services, Disaster Recovery, Systems Integration, Hosted Storage, Internet/Data Services, Outsourcing, Software as a Service, Hosted Applications
Software : Web Services, Service Oriented Architecture, Server Virtualization, Productivity Applications, Operating Systems, Open Source, Linux, Hosted Software/Applications, ERP, Development Tools, Databases, Database Applications, CRM, Business Systems Management, Integration, Application Optimization
More Security Resources
Mission critical defense