May 2011- This whitepaper by Spire Security explains the advantages, disadvantages and limitations of 802.1x as it relates to network access control (NAC). In practice, 802.1x has proven to be costly and cumbersome to roll-out, particularly for large organizations. Furthermore, 802.1x does not include or address many important features of a full-blown NAC system. This whitepaper includes a case study of a large U.S. defense agency that tried rolling out 802.1x and then, after discovering significant ...
Many U.S. government agencies regard their ability to use data analysis to combat fraud, abuse and improper payments as good or excellent, but TechWeb's research of 327 federal, state and local government decision-makers shows there is room for growth in the use of analytics to monitor behavior and to reduce fraud.
Many agencies are still focused primarily on identifying the right data sources and enabling access to them, rather than engaging in more ...
December 2010- Organizations today are under increased pressure to secure their computers, protect their users' and customers' data, and comply with new regulations. Download this paper to learn how Dell computers running Microsoft Windows 7 can help you make your operations more secure and meet compliance requirements.
November 2010- This white paper is designed for forensic analysts, corporations, and consumers who want to understand what personal information is stored on the iPhone and how to recover it. The research reveals the vast amount of personal information stored on Apple's iPhone and reviews techniques and software for retrieving this information. Mobile forensics has matured significantly over the past few years. In the past, a very limited amount of data existed on mobile phones so the ...
November 2010- This white paper on PCI compliance explains why compliance for compliance's sake is not a best practice in protecting cardholder data. The Payment Card Industry Data Security Standard (PCI DSS) has been evolving for many years and will continue to be enhanced to address new security threats and protection measures. With maturity of the DSS, many security auditors are beginning to press companies that accept payment cards to demonstrate more than just 'forward progress' toward ...
October 2010- This white paper is authored by Michael Rasmussen of Corporate Integrity and examines how the distributed nature of working with confidential documents in any kind of collaborative setting, whether inside or outside the organization between employees, auditors, or vendor suppliers, poses a serious security risk. Traditional IT security tools cannot protect documents outside the firewall. Intellectual property, trade secrets, financial, and legal papers, customer lists and other highly sensitive data must be managed under a ...
October 2010- Learn how IBM WebSphere ILOG software enables homeland security and law enforcement agencies to achieve their objectives for detailed and consistent screening, implementing policy and risk updates in real time, all while being able to respond immediately to imminent threats
October 2010- Beyond the need to shield sensitive data desk-to-desk, many state and local government workers require on-demand access to information while working in the public view. See how you can prevent a gap in visual privacy security from hitting home.
October 2010- In the public services sector, the protection of private information is seen as a basic right. But while much focus has been put on storage and transmission security, displayed data remains exposed to risk. We cover the challenges and potential solutions here.
This IDC Government Insights White Paper discusses government's new efforts to achieve its goals regarding service delivery to citizens, businesses, and other government agencies.
Today, more than ever, citizens are looking for their government leaders to keep them informed and support their needs. And citizens increasingly expect to interact with government on their terms, 24 x 7, and not only receive information but also conduct their government business through self-service when possible.
Corporate and regulatory compliance policies have forced companies to ensure that information flows are documented, auditable, and highly secure. Yet in order to conduct their business, companies must share sensitive information outside the firewall, introducing serious potential information risk. How can companies enforce security policy and cost-effectively meet compliance objectives when documents must be shared with partners, investors, board members, and others outside the enterprise?
This white paper by Cheryl Klein, CPA, CISA, ...
August 2010- Learn how to develop a multi-phased information security and risk management (ISRM) strategy from John P. Pironti, CISA,CISM, CGEIT, CISSP, ISSAP, ISSMP, president of IP Architects LLC and security conference track chair at Interop. an ISRM provides a road map for information and information infrastructure protection with goals and objectives that ensure capabilities provided are aligned to business goals and the organization’s risk profile. Traditionally, ISRM has been treated as an IT function ...
August 2010- Authentication mechanisms must not get in the way of end-users or become a pain in the neck, otherwise they run the risk of people trying to find short-cuts and workarounds that end up compromising the integrity of security processes. The most sustainable security solutions must be natural to use in the course of day-to-day activities, yet provide an appropriate level of authenticity and integrity for the value of the assets they are intended to protect.
January 2009- This report focuses on cloud computing and provides an overview of what cloud computing is and how it can change a business model. This paper talks to security and endpoint as a service, as well as the value that cloud computing can bring to a business.
May 2010- The No. 1 vulnerability source in embedded processors is the initial boot phase of the device. Solutions to the problem of insecure boot processes vary enormously depending on the protection requirements of the system. Rather than relying on solutions based on product name, engineers will learn to make more informed decisions on how much end-system security they need, and match that to the various secure boot capabilities on the market, according to CPU Technology.
May 2010- A toughening regulatory climate has made the process of exporting defense articles more challenging. Earlier this year, Secretary of Defense Robert Gates announced initiatives to overhaul export control laws to more effectively manage technology export, but the initiatives will take time to implement. The simplest approach to enabling your system for foreign military sales is a primary design with an Acalis Secure Processor, and a disciplined approach to isolating CPI algorithms and operations to the ...
July 2010- The traditional security approach addresses each individual attack as it crops up through a detect and blocking schema. However in today’s evolving threat landscape you need to lay the proper IT security foundation that proactively addresses the root cause of attacks. By managing your critical risks, you can prevent threats such as Conficker from wreaking havoc on your business.
July 2010- For the past eight years, government agencies have struggled to comply with the requirements of the Federal Information Security Management Act of 2002 (FISMA). The goal of FISMA is to control information security as it impacts national security and the economic interests of the United States. Compliance obligates each U.S. federal government agency to “develop, document, and implement an agency-wide program to provide information security for the information and information systems that support the operations ...
July 2010- USB flash drives and other portable devices are valuable tools in the typical government staffer’s virtual toolkit. These handy devices allow workers to efficiently accomplish their duties and carry out their tasks for the public good. But left unchecked, the use of portable devices can also potentially infect public systems with malware, inadvertently expose classified information and/or citizens’ personally identifiable information (PII), and otherwise breach the public’s trust.
July 2010- In the first ten months after a new Massachusetts identity theft law took effect in late-2007, the Office of Consumer Affairs and Business Regulation reported that over 625,000 residents of the Commonwealth had been directly impacted by a data breach of their personally identifiable information (PII). Of these, about 60% were the result of criminal / unauthorized acts and the remainder due to employee error or “sloppy internal handling” of PII. To help mitigate the negative impacts of ...
July 2010- Government systems are getting hit on a daily basis by new and ingenious external attacks. Federal, state and municipal agencies, plus government contractors, must find a way to adjust to this evolving threat landscape to prevent these threats from wreaking havoc. It is imperative that government organizations get back to the basics of security and lay a strong security foundation to weather these attacks by proactively addressing their root causes.
May 2010- eDiscovery refers to any process in which electronic data is sought, located, secured, and searched with the intent of using it as evidence in a civil or criminal legal case. eDiscovery can be carried out offline on a particular computer or it can be done on the network. Recent amendments to the Federal Rules of Civil Procedure (FRCP) highlighted that electronically stored information (ESI) is a discoverable record type and should be treated as any ...
IT disaster recovery usually addresses three fundamental matters: protect the data first, the applications second, and then cover the sites that hold the data and applications. But there is a fourth dimension to data recovery: how it can help further strategic IT objectives. Do you see only the first three levels of DR in your organization?
Factors driving the urgency for disaster recovery include regulatory mandates, the growth of paperless record keeping, the ...
Oracle® products, including its popular database technology and E-Business Suite, are widely deployed in many companies.
Because Oracle does not automatically lock out unlicensed use of its products – and because those products have such broad business applicability – Oracle deployments can readily sprawl far beyond their original scope. By the same token, for a variety of reasons, IT organizations also often wind up buying more Oracle licenses than they need.
Either way, ...
The Center for Strategic and International Studies (CICS) report recommends broad adoption of penetration testing across the federal space, and greater use of vulnerability and exploit testing to improve the nation’s cybersecurity standing within several different contexts.
This white paper outlines the key CICS recommendations and identifies a commercial software solution and services that address each of these key issues.
View All Categories
Business Intelligence : Analytics, Business Process Management, Content management, Dashboards, Data Mining, Data Quality, Databases, Datamarts/Data Warehouses, Information Management, Knowledge Management, Performance Management
Hardware : Blades, Data centers, Desktops/PCs, Grid/Cluster Computing, Handhelds/PDAs, Macintosh, Peripherals, Processors, Supercomputers, Unix/Linux servers, Utility/On-demand Computing, Virtualization Hardware, Windows Servers
Infrastructure : ATM, Ethernet/Gigabit Ethernet, Frame relay, IPv6, Traffic Management, Network/Systems Management, PBXs, Printers, Remote Access, Routers, Switches, UPS, VPNs, WAN Optimization/Acceleration, Wide Area File Services
Internet : B2B, B2C, Browsers, E-Business/E-Commerce, E-retail, Google, Internet Policy, Internet Security, Search, Social Networks, Traffic Reporting/Monitoring, Web 2.0, Web Development, Social Business
Management : Career Development, Executive Insights/Interviews, H-1B, Legal, Outsourcing, Personnel Management, Recruiting, Regulation/Compliance, ROI/TCO, Salary/Compensation, Small-Medium Business, Training, Workplace Trends
Personal Tech : Blackberry, Bluetooth, Bluray, Digital Cameras, Digital Music, Digital Rights Management, Global Positioning Systems, iPhone, iPod, Peripherals, Smartphones, TVs/Home Theater, Virtual worlds
Security : Antivirus, Application Security, Attacks/Breaches, Cyberterror, Encryption, End user/Client Security, Intrusion Prevention, NAC, Perimeter Security, Privacy, Security Administration, Storage Security, Vulnerabilities and Threats
Services : Business Process Outsourcing, Business Services, Disaster Recovery, Hosted Applications, Hosted Storage, Internet/Data Services, Outsourcing, Software as a Service, Systems Integration, Telecom/Voice Services
Software : Integration, Application Optimization, Business Systems Management, CRM, Database Applications, Databases, Development Tools, ERP, Hosted Software/Applications, Linux, Open Source, Operating Systems, Productivity Applications, Server Virtualization, Service Oriented Architecture, Web Services