October 2010- In the public services sector, the protection of private information is seen as a basic right. But while much focus has been put on storage and transmission security, displayed data remains exposed to risk. We cover the challenges and potential solutions here.
This IDC Government Insights White Paper discusses government's new efforts to achieve its goals regarding service delivery to citizens, businesses, and other government agencies.
Today, more than ever, citizens are looking for their government leaders to keep them informed and support their needs. And citizens increasingly expect to interact with government on their terms, 24 x 7, and not only receive information but also conduct their government business through self-service when possible.
Corporate and regulatory compliance policies have forced companies to ensure that information flows are documented, auditable, and highly secure. Yet in order to conduct their business, companies must share sensitive information outside the firewall, introducing serious potential information risk. How can companies enforce security policy and cost-effectively meet compliance objectives when documents must be shared with partners, investors, board members, and others outside the enterprise?
This white paper by Cheryl Klein, CPA, CISA, ...
August 2010- Learn how to develop a multi-phased information security and risk management (ISRM) strategy from John P. Pironti, CISA,CISM, CGEIT, CISSP, ISSAP, ISSMP, president of IP Architects LLC and security conference track chair at Interop. an ISRM provides a road map for information and information infrastructure protection with goals and objectives that ensure capabilities provided are aligned to business goals and the organization’s risk profile. Traditionally, ISRM has been treated as an IT function ...
August 2010- Authentication mechanisms must not get in the way of end-users or become a pain in the neck, otherwise they run the risk of people trying to find short-cuts and workarounds that end up compromising the integrity of security processes. The most sustainable security solutions must be natural to use in the course of day-to-day activities, yet provide an appropriate level of authenticity and integrity for the value of the assets they are intended to protect.
January 2009- This report focuses on cloud computing and provides an overview of what cloud computing is and how it can change a business model. This paper talks to security and endpoint as a service, as well as the value that cloud computing can bring to a business.
May 2010- The No. 1 vulnerability source in embedded processors is the initial boot phase of the device. Solutions to the problem of insecure boot processes vary enormously depending on the protection requirements of the system. Rather than relying on solutions based on product name, engineers will learn to make more informed decisions on how much end-system security they need, and match that to the various secure boot capabilities on the market, according to CPU Technology.
May 2010- A toughening regulatory climate has made the process of exporting defense articles more challenging. Earlier this year, Secretary of Defense Robert Gates announced initiatives to overhaul export control laws to more effectively manage technology export, but the initiatives will take time to implement. The simplest approach to enabling your system for foreign military sales is a primary design with an Acalis Secure Processor, and a disciplined approach to isolating CPI algorithms and operations to the ...
July 2010- The traditional security approach addresses each individual attack as it crops up through a detect and blocking schema. However in today’s evolving threat landscape you need to lay the proper IT security foundation that proactively addresses the root cause of attacks. By managing your critical risks, you can prevent threats such as Conficker from wreaking havoc on your business.
July 2010- For the past eight years, government agencies have struggled to comply with the requirements of the Federal Information Security Management Act of 2002 (FISMA). The goal of FISMA is to control information security as it impacts national security and the economic interests of the United States. Compliance obligates each U.S. federal government agency to “develop, document, and implement an agency-wide program to provide information security for the information and information systems that support the operations ...
July 2010- USB flash drives and other portable devices are valuable tools in the typical government staffer’s virtual toolkit. These handy devices allow workers to efficiently accomplish their duties and carry out their tasks for the public good. But left unchecked, the use of portable devices can also potentially infect public systems with malware, inadvertently expose classified information and/or citizens’ personally identifiable information (PII), and otherwise breach the public’s trust.
July 2010- In the first ten months after a new Massachusetts identity theft law took effect in late-2007, the Office of Consumer Affairs and Business Regulation reported that over 625,000 residents of the Commonwealth had been directly impacted by a data breach of their personally identifiable information (PII). Of these, about 60% were the result of criminal / unauthorized acts and the remainder due to employee error or “sloppy internal handling” of PII. To help mitigate the negative impacts of ...
July 2010- Government systems are getting hit on a daily basis by new and ingenious external attacks. Federal, state and municipal agencies, plus government contractors, must find a way to adjust to this evolving threat landscape to prevent these threats from wreaking havoc. It is imperative that government organizations get back to the basics of security and lay a strong security foundation to weather these attacks by proactively addressing their root causes.
May 2010- eDiscovery refers to any process in which electronic data is sought, located, secured, and searched with the intent of using it as evidence in a civil or criminal legal case. eDiscovery can be carried out offline on a particular computer or it can be done on the network. Recent amendments to the Federal Rules of Civil Procedure (FRCP) highlighted that electronically stored information (ESI) is a discoverable record type and should be treated as any ...
IT disaster recovery usually addresses three fundamental matters: protect the data first, the applications second, and then cover the sites that hold the data and applications. But there is a fourth dimension to data recovery: how it can help further strategic IT objectives. Do you see only the first three levels of DR in your organization?
Factors driving the urgency for disaster recovery include regulatory mandates, the growth of paperless record keeping, the ...
Oracle® products, including its popular database technology and E-Business Suite, are widely deployed in many companies.
Because Oracle does not automatically lock out unlicensed use of its products – and because those products have such broad business applicability – Oracle deployments can readily sprawl far beyond their original scope. By the same token, for a variety of reasons, IT organizations also often wind up buying more Oracle licenses than they need.
Either way, ...
The Center for Strategic and International Studies (CICS) report recommends broad adoption of penetration testing across the federal space, and greater use of vulnerability and exploit testing to improve the nation’s cybersecurity standing within several different contexts.
This white paper outlines the key CICS recommendations and identifies a commercial software solution and services that address each of these key issues.
The release of the 2009 Consensus Audit Guidelines (CAG) outlines the need for federal cyber-security controls that are tacitly proactive and can “inform defense” of actual attacks that have compromised systems, or those that could transpire to do so.
This white paper explores specific directives of the CAG, and highlights a commercial software application that arms government agencies and their private-sector partners with the tools to perform ongoing penetration testing of web applications, network ...
April 2010- In this white paper, government agencies learn about new provisions added to the Guide for Assessing Controls in Federal Information Systems (NIST SP 800-53A), and how a new commercial software tool addresses these provisions with penetration testing that identifies and assesses critical vulnerabilities existing across networks, endpoints and web applications.
December 2007- This white paper describes Video Synopsis technology, a proprietary, innovative image-processing technology being commercialized by BriefCam. Video synopsis is an approach to create a short video summary of a long video. It tracks and analyzes moving objects (also called events), and converts video streams into a database of objects and activities. The technology has specific applications in the field of video surveillance where, despite technological advancements and increased growth in the deployment of CCTV (closed ...
February 2010- This article explains how compliance, security, and cost efficiency are intertwined, and shows how enterprise content management software enables compliance and security while lowering costs of each, and more. Tips are also provided for evaluating potential software vendors and helping employees to adapt to a digital environment.
November 2009- Human Resources (HR) data is one of the most sensitive forms of information any organization maintains. Ensuring the security of this data is therefore critical not only to preserve the sanctity of employees’ highly personal information, but also to minimize legal risk to the organization as a whole. This issue takes on even more importance as organizations choose to deploy their talent management systems via a software-as-a-service (SaaS) delivery model. With the costs of a ...
December 2005- The degraded service and lost business from a Denial of Service (DoS) attack can lead to staggering costs both during and after an attack. Beyond the immediate costs, the lasting effects of a successful DoS attack include lost customers, loss of faith in the service’s dependability, and damage to the corporate brand. This white paper focuses on how Intrusion Prevention Systems (IPS) can address these challenges.
January 2009- There is some confusion in the marketplace about intrusion-security systems. Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS) have similar names. Download this white paper provided by TippingPoint to learn the difference between the two solutions and the eight questions to ask about Intrusion Prevention Systems (IPS).
December 2009- One of the primary objectives of a recent White House review of Internet security is to promote the user awareness of the information threats to the United States and to individual citizens. This awareness thrust is also important in demonstrating that information security is a top national priority. This, in turn, is intended to influence information systems providers to focus more on security as they develop systems. This white paper responds to that call with ...
View All Categories
Business Intelligence : Analytics, Business Process Management, Content management, Dashboards, Data Mining, Data Quality, Databases, Datamarts/Data Warehouses, Information Management, Knowledge Management, Performance Management
Hardware : Blades, Data centers, Desktops/PCs, Grid/Cluster Computing, Handhelds/PDAs, Macintosh, Peripherals, Processors, Supercomputers, Unix/Linux servers, Utility/On-demand Computing, Virtualization Hardware, Windows Servers
Infrastructure : ATM, Ethernet/Gigabit Ethernet, Frame relay, IPv6, Traffic Management, Network/Systems Management, PBXs, Printers, Remote Access, Routers, Switches, UPS, VPNs, WAN Optimization/Acceleration, Wide Area File Services
Internet : B2B, B2C, Browsers, E-Business/E-Commerce, E-retail, Google, Internet Policy, Internet Security, Search, Social Networks, Traffic Reporting/Monitoring, Web 2.0, Web Development, Social Business
Management : Career Development, Executive Insights/Interviews, H-1B, Legal, Outsourcing, Personnel Management, Recruiting, Regulation/Compliance, ROI/TCO, Salary/Compensation, Small-Medium Business, Training, Workplace Trends
Personal Tech : Blackberry, Bluetooth, Bluray, Digital Cameras, Digital Music, Digital Rights Management, Global Positioning Systems, iPhone, iPod, Peripherals, Smartphones, TVs/Home Theater, Virtual worlds
Security : Antivirus, Application Security, Attacks/Breaches, Cyberterror, Encryption, End user/Client Security, Intrusion Prevention, NAC, Perimeter Security, Privacy, Security Administration, Storage Security, Vulnerabilities and Threats
Services : Business Process Outsourcing, Business Services, Disaster Recovery, Hosted Applications, Hosted Storage, Internet/Data Services, Outsourcing, Software as a Service, Systems Integration, Telecom/Voice Services
Software : Integration, Application Optimization, Business Systems Management, CRM, Database Applications, Databases, Development Tools, ERP, Hosted Software/Applications, Linux, Open Source, Operating Systems, Productivity Applications, Server Virtualization, Service Oriented Architecture, Web Services