Identity Management

How do organizations pass their PCI DSS audits yet still suffer security breaches? Paying attention to PCI DSS checklists only partially secures the cardholder environment. Learn the next steps for fully securing your data.

This document will outline the requirements for an effective fraud mitigation solution. It will detail a solution that considers the entirety of an organization’s fraud mitigation strategy.

This whitepaper presents ArcSight EnterpriseView, a solution designed to help customers understand who is on the network, what data they are seeing, and which actions they are taking with that data. While doing so, EnterpriseView provides the context to understand whether the business faces additional risk of data loss, compliance breach, or fraud.

This white paper highlights a surprising new approach to fraud prevention: remotely recognizing a fraudster’s PC (or other device). Even with identity (password/credit card) theft, the device stays the same!

In this new white paper, learn how it’s possible to block fraud without damaging the customer experience and causing dropoff.

In 2007 alone, $3.6 billion was lost to online fraud. This white paper shows how to block scam artists, reliably and affordably-while ensuring that real customers always have access.

A wireless network can help your employees stay productive as they move around your company. But to take advantage of the benefits of wireless networking, you need to be sure that your network is safe from hackers and unauthorized users. Every device in a wireless network is important to security. Because a wireless LAN (WLAN) is a mobile network, you need a thorough, multilayered approach to safeguard traffic.

Many small and medium-sized businesses do not have adequate network security. Here's how to make sure you do. Now more than ever, you depend on your network for your most important business operations, such as communication, inventory, billing, sales, and trading with partners. Yet up to now, you might have held off on protecting your network, for several reasons.

How mature is your information security policy program? Do you have a set of outdated documents stored in a binder or intranet site? Or do you have a documented management program that keeps your policies up to date, your users informed and your internal auditors sleeping at night?

In any enterprise there is information that has to be kept secret, but must be distributed, and therefore has to be identified with any recipient in the event that it is ‘leaked.’  This white paper addresses two examples of this requirement (boardroom secrets and mergers and acquisitions), and shows how to identify solutions that meet business needs for document protection and secure file sharing.

Extended Validation SSL delivers the acknowledged industry standard for the highest level of online identity assurance processes for SSL certificate issuance. Find out how the EV standard increases the visibility of authentication status through the use of a green address bar in the latest high security web browsers.

This white paper outlines issues with managing online identities across a diverse customer base when faced with increasing threats. It proposes a common sense approach that matches security to the assessed risk for users, actions and applications.

Experts agree that username/password authentication does not provide enough protection against unauthorized access. CIOs are challenged to increase authentication security while preserving operational and budget efficiency.

The identity federation market enjoys an exceptional supply of products. With well over a dozen products available to enterprise customers, most architects have more choices than time will allow for evaluation. This abundance of products is partly the result of the inherent difficulty of developing a truly multipurpose federation server. Although federation products are similar in name, each has its own personality and idiosyncrasies that make it suitable for certain environments but insufficient in others.

Rootkits, Trojans, ransomware, Denial-of-Service and much more – this newly released white paper from MX Logic covers the everchanging security threat landscape. Learn what malicious intrusions are out there, how to identify them and how to keep your network safe.

Along with its many benefits in creating and connecting new services and reducing complexities, the openness of an SOA also creates security and compliance challenges.

There is a new automated technology available now that is helping businesses combat identity theft and prevent fraud. It is called identity proofing and it is specifically designed to verify consumer identities online. With all the fraud prevention solutions available in the market today you are probably wondering, does my company really need to use an identity proofing solution?

This paper discusses the value of two-factor authentication systems that provide vital access security for today's mobile workforces, who can now be productive from numerous remote locations: the home office, the airport, hotels, and customer sites. Moreover, the ubiquitous nature of mobile phones has now given rise to a new, convenient form factor for the software-based authenticator that resides right on the mobile phone/device.

Enterprises are increasingly opening up their networks to a greater constituency of remote users, but they often do not take into consideration the protection of user identity as a critical component of their strategy. The mobile workforce can now work productively from a remote location such as a home office, the airport, a hotel, or a customer site.

In an environment where business and government databases store ever-increasing amounts of sensitive and confidential data; and where a growing number of employees need to access that data remotely, password security alone is insufficient to ensure user authentication. Two-factor authentication requires two measures for users to verify their identities and access data.

Every large enterprise has employees who need some level of access to its critical information resources, and many also provide a wide variety of types and levels of access to contractors, partners, vendors, and customers. Each of these points of access represents a source of potential business and compliance risk.

Although roles-based access control (RBAC) has been the subject of much interest in the past, experience with it has been mostly disappointing. The challenge of discovering established roles, defining new roles according to business need, connecting roles properly to the IT infrastructure, ensuring that they meet all compliance requirements, and managing roles through their natural lifecycles has, until now, proved to be too complicated and cumbersome to be practical.

Miercom conducted an independent third-party validation of the Websense TRITON Web Security Gateway Anywhere (WSGA) version 7.7.3, with comparisons to several major competitive products evaluated in this review.

Educating Everyone To Guard the Cloud

IBM has written this paper to enable discussion around the new security challenges that the cloud introduces.