Building Enterprise File Transfer Processes that Improve Security, Compliance [ Source: Accellion ]
April 2008 -
This whitepaper covers how IT departments can provide workers with file transfer technology that addresses security and compliance needs without putting an unreasonable burden on normal work processes and the ways people prefer to work. Information can be at risk of loss or exposure when it is being sent from one person to another, depending on the file transfer process that is used.
Email is the easiest and most common method used, but unfortunately, it ....
Wireless Security: Key Trends And Issues [ Source: AirTight Networks ]
April 2008 - In this presentation by AirTight Networks, various forms of wireless security issues are addressed. Topics include WiFi threats, wireless breaches, 802.11n and others.
Wireless Security and Management: New Challenges, New Opportunities [ Source: AirWave Wireless ]
April 2008 - From improper administrative access to stolen and lost devices, common wireless security vulnerabilities must be addressed to ensure proper management.
Demonstrating the ROI for SIEM: Tales from the Trenches [ Source: ArcSight ]
November 2009 -
This whitepaper presents examples of organizations demonstrating the ROI of SIEM and Log Management technology within weeks of deployment. In addition to the “hard benefits” presented, “soft benefits” such as situational awareness and reduced risk should also be considered when evaluating both technologies.
Armed with ROI calculations, a security team can demonstrate the value and business alignment of both technologies by building a business case inclusive of all benefits.
Defeat Cyber Threats & Risks [ Source: ArcSight ]
November 2009 - There are multiple useful technologies to monitor specific information risks, however tying these together through a single, comprehensive view will improve your security posture. The ArcSight SIEM platform provides this single “pane of glass” by aggregating, analyzing, and visualizing activity data across the organization.
ArcSight Logger 4: Combat Cybercrime, Demonstrate Compliance and Streamline IT Operations [ Source: ArcSight ]
November 2009 - Governments and businesses are increasingly vulnerable to cyber crime by hackers, malware, and insiders. Log files can be used for forensic analysis of all types of security incidents. The key requirement is collection, centralized storage and fast analysis of events from various devices and applications. These requirements are highlighted in a case study incident on Boeing Corporation.
Handling Modern Security Issues [ Source: ArcSight ]
November 2009 - A new class of organizational threats and risks are emerging, that include the trusted insider. This threat is magnified by complex applications and a dynamic workforce with privileged access. This whitepaper shows you that connecting the dots can be done through six simple best practices.
Mitigating Fraud with the ArcSight SIEM Platform [ Source: ArcSight ]
November 2009 - Online fraud is fueled by data theft and increasingly sophisticated cyber criminals, relying on misdirection and gaps in detection systems. Although fraud may never be eliminated entirely, The ArcSight SIEM Platform offers solutions that can accurately detect fraudulent activity and thus mitigate overall business risk.
Increasing Security, Compliance with a 360-Degree View of User Activity [ Source: ArcSight ]
September 2008 -
To address the most pressing security and compliance requirements, companies need to know who is on the network, what data they are seeing, and which actions they are taking with that data. While this sounds straightforward, it actually requires several key pieces of functionality.
This white paper highlights the technology necessary to address user monitoring, and how to increase security and compliance with a 360-degree view of user activity.
PCI DSS Compliance in the UNIX/Linux Datacenter Environment [ Source: BeyondTrust ]
November 2009 - This document explains how BeyondTrust PowerBroker supports the Payment Card Industry Data Security Standard (PCI DSS) by limiting and tracking authorization to execute commands and programs that access servers and applications storing and using proprietary cardholder. BeyondTrust PowerBroker provides an auditable process that controls, monitors and records that access.
Preventing Data Breaches in Privileged Accounts Using Access Control [ Source: BeyondTrust ]
November 2009 - It is critical that organizations are proactive in their approach to mitigating insider threats. Week-after week there are disturbing, déjà vu-like stories of significant data breaches, arrests connected to insider attacks, or investigation reports emphasizing the necessity to control privileged accounts that hold highly sensitive data. This white paper explores insider attacks, threats and risks involved across every enterprise. Lastly, we will recommend a sound, cost-saving solution to prevent a disaster from happening to a ....
Desktop Software Lockdown: Prevent Zero-Day Attacks [ Source: Bit9 ]
April 2010 -
Aurora, Hydra, Zeus, Advanced Persistent Threat – the names are new, but the approach is not. 2010 launched with an explosion in media coverage of the IE zero-day attacks that targeted dozens of technology companies. Still, zero-day attacks have been around for years. The question is: how does your company protect against these evolving, well-funded threats that continue to outsmart existing defenses?
According to Gartner, Application Whitelisting should be considered “foundational in our strategy ....
Tape Drive Backup Warning [ Source: BizDomainStore.com ]
July 2009 - Tape drives are expensive, time-consuming and unreliable. This BizDomainStore.com white paper discusses the disadvantages and unreliabilty of tape backups.
The CIO's Guide to Mobile Security [ Source: BlackBerry ]
March 2010 -
Companies that are interested in securing their mobile workers and preventing unauthorized access to important company resources need to implement an enterprise wireless security strategy.
Learn about the challenges associated with increased worker mobility and how to create an effective enterprise wireless security strategy with some suggestions for an enterprise wireless security policy.
The Web Hacking Incidents Database 2008: Annual Report [ Source: Breach Security ]
March 2009 - The much anticipated Breach Security Lab’s Web Hacking Incidents Database (WHID) 2008 Annual Report is ready for download. The WHID project is dedicated to maintaining a record of web application-related security incidents. The WHID’s purpose is to serve as a tool for raising awareness of web application security problems and provide information for statistical analysis of web application security incidents. This year the report findings prove that no company or market sector is immune from ....
Understanding the Importance of a Disaster Recovery Strategy [ Source: CDW ]
June 2009 -
Read this Tech Specialist interview with CDW's Moosa Matariyeh to understand the importance of having a disaster recovery strategy, and answers to questions like these:
> What can companies do to prepare for disaster recovery effectively, and what are some best-practice examples from medium-sized enterprises?
> How have companies successfully made the case for adequate funding?
> What role does data deduplication technology play in disaster planning and recovery? ....
The Business Relevance of Security [ Source: Cisco Systems ]
April 2008 - Business disruption, reputation, damage, and loss of control from compromised systems remain issues for most businesses. Global requirements to achieve compliance and, in particular, PCI compliance, is a major horizontal business issue. Data loss prevention is a top issue affecting many organizations, complicated by disclosure laws and uncertainty over actual data use. In this presentation, Cisco explores these and other business issues related to security.
Features of a Comprehensive Application Security Solution [ Source: Citrix Systems ]
March 2010 - Continuous application availability begins with a comprehensive application protection solution. Understand how the comprehensive security features of Citrix NetScaler protect against DoS/DDoS, deliver intrusion filtering capabilities for application-level protection, and provide complete, hardware-based encryption to offload CPU-intensive cryptographic functions from the servers.
The Cost of Phishing: Understanding the True Cost Dynamics Behind Phishing Attacks [ Source: Cyveillance ]
December 2008 - In this white paper, Cyveillance’s phishing experts demonstrate the financial savings resulting from speedy detection and take down of phishing attacks, as well as significant financial repercussions of slow phishing detection and take downs. According to a Gartner study released in December 2007, phishing attacks represent a staggering amount of fraud, costing organizations more than $3 billion annually. Even more shocking than this cost is the fact that phishing is a steadily growing problem with ....
Infrastructure And Security Planning For WLANs [ Source: dBrn Associates, Inc. ]
November 2008 - Michael F. Finneran, Principal, dBrn Associates, discusses802.11, WLANs, WiFi, WLAN switching options, security, WEP, and more in this recent presentation.
The Fusion Of Context And Content Awareness –- Making Endpoint DLP Effective [ Source: DeviceLock ]
January 2010 - The risk-based approach to information security that has dominated the corporate market in recent years has resulted in the IT security industry moving from a network-centric to a data-centric information security model. It was around 2002-2004 that the first network-resident data leak prevention (DLP) appliances for analyzing the content of network communications appeared on the market. These filtered network content such as Web access, e-mail and instant messages to prevent corporate data leakage as ....
Mammoth Hospital’s Prescription For Preventing Insider Data Leaks [ Source: DeviceLock ]
January 2010 - To prevent patient healthcare records from walking away on flash drives and other personal devices, this hospital has implemented a phased deployment of device/port access control. In the first phase, IT audits/shadows all download and upload activity at endpoint ports and drives. Observations about how employees are using their devices are key to setting effective device-related security policies. Next steps include allowing only sanctioned encrypted devices to access endpoint ports and drives. This case study ....
Making the Case for IP Surveillance as the Smarter – and Less Costly – Choice [ Source: D-Link ]
September 2008 - Whether it’s for home surveillance or monitoring a business, deciding between an IP and analog closed-circuit television (CCTV) system is rarely a black-and-white choice. But IP surveillance has overcome many cost obstacles and, because of its digital nature, lends itself to more applications and new features.
Security Challenges and Solutions for the Transportation and Freight Industry [ Source: D-Link ]
December 2008 - The transportation and freight industry is a critical part of any country’s economy, but the movement and storage of supplies and merchandise also poses huge security challenges. IP surveillance systems play an ever-increasing role in the security of distribution centers, truck stops, container parks and warehouses. Transporting goods from one location to the other provides many opportunities for theft, fraud, injury, and ineffifi cient business practices. Today’s improved IP video surveillance systems ....
Evolution of Government Surveillance [ Source: D-Link ]
October 2008 - The use of video surveillance by local, state, and federal governments has increased proportionally with the greater need for public security and a responsibility to protect citizens. This white paper looks at various government applications for IP surveillance systems and introduces the latest solutions from D-Link.