Security Management

Viruses have been on the attack for more than 20 years, and the cost of dealing with them is escalating. Too many malcode (malicious code) attacks by viruses, worms, Trojans and the like are breaking through today's most prevalent system defenses: Antivirus (AV) programs. This whitepaper will discuss the full impact of virus disasters and what historically has been done to combat the problem.

Use of instant messaging applications-like AOL Instant Messenger, Yahoo! Messenger, MSN Messenger and ICQ-and peer-to-peer applications has grown significantly. Although the benefits of real-time communication offer a productivity benefit to corporate environments, instant messaging and peer-to-peer applications add significant vulnerabilities and risks to an enterprise's security posture.

As wireless LAN deployments and usage has increased, coupled with the near ubiquity of embedded Wi-Fi in laptops and smart phones, many enterprises are experiencing complaints from their users of slow or even dropped connections.

This industry report gives you the information you need to make decisions about how to secure your network by controlling access and by preventing endpoint infections and policy violations.

This white paper explains the evolving needs for vulnerability assessment, the special requirements inherent within large enterprises, and how SecureScout SP from netVigilance meets those needs.

NitroSecurity's Security Event Aggregation and Correlation Engine (N-SEAC) is a patented, key differentiator of the NitroSecurity IPS solution. It allows enterprise customers the ability to collect and analyze threat information more efficiently and in an accurate and timely manner.

NitroSecurity's Active Network Response is a new security model that delivers network protection closer to the users at the network edge - stopping attacks before they can propagate throughout the network. 

To successfully deploy Single Sign-On today, most organizations have a set of key requirements that must be met. Here are some tips on how focal Point can help organizations seeking Single Sign-On meet those requirements.

Historically, before computers and the Internet, business transactions were conducted face to face; establishing your partner's identity in such situations presented few problems. As human beings, we are well equipped to discern the extraorginarily subtle variations of the human face and voice to enable positive recognition and identification of our partner.

A security breach on a workhorse platform like a mainframe could be disastrous. Find out why PKWARE's SecureZIP is ideal for providing file security for data stored and transferred on mainframes.

Regulatory and business requirements are driving the need for protecting information stored and transferred electronically. PKWARE provides an introduction to protecting your most valuable asset - your data.

This paper will help security officers and staff of large organizations seeking to protect sensitive data on mobile computing devices.

This paper is a synopsis of the presentations given at the Preventsys "CISO Breakfast Series," a succession of seminars given across North America in January and February 2005. The speakers for each breakfast consisted of security professionals and executives who provided their views on how to more effectively align information security with business initiatives.

Security professionals are constantly being asked to justify every security project. Security risks can often be difficult to measure and even more difficult to understand by people outside the department. The key to demonstrating improvement is to translate security information into business terms.

This paper outlines the types of threats that leverage the Internet as a means of delivery and the risks that they pose to your organization. Learn the key drivers of a corporate security policy and how you can protect against HTTP-based threats using Web filtering as part of a multi-layered content security strategy.

Spyware presents a daily threat to organizations. It can even lead to networks being exposed to malicious attacks. Find out about the specific types of spyware threats that are out there and how you can combat these threats today.

Unknown attacks are quickly becoming the next great information security challenge for today's organizations. Get up to speed on what these threats really are and learn what security measures are available to keep your network safe from these attacks.

This white paper discusses how HTTPS filtering (SSL scanning) from Secure Computing provides companies with the means to counter these threats by fully extending their Internet usage policies to HTTPS traffic, and thereby proactively closing that last known major network security hole.

This paper provides guidance on how companies should rethink their existing management and security strategy to effectively secure mobile solutions in the workforce, over a wide array of devices, connections and applications. It details why mobile security must be included as a mission critical component of any enterprise strategy and implemented on a pro-active basis before any major security breach has the opportunity to negatively affect the enterprise.

Healthcare organizations are being targeted by financially motivated attackers that steal and sell valuable data, including identities and computing resources. This white paper defines the new threat, and outlines three important steps that providers can take to protect their critical systems.

Organizations that need to protect business critical applications, and sensitive data and hosts recognize that traditional network defenses can be readily bypassed by attackers. This white paper defines four key qualities of an effective host-based IPS.

This white paper is intended for Information Security and Information Technology professionals interested in understanding Zero-day Attacks, the various protection schemes available today and how Top Layer Network's Intrusion Prevention System (IPS) solutions provide the best mechanisms for protection from these types of attacks.

Authentication technologies such as tokens and smart cards help meet the challenges of protecting sensitive data and securing application access. This white paper presents four cases in which an identity-based solution provides a compelling, low-cost alternative or complement to strong authentication technologies.

Web Services are emerging as the preeminent method for program-to-program communication across corporate networks as well as the Internet. Securing web Services has been a challenge until recently, as typical Web authentication and authorization techniques employed browser-to-server architectures (not program-to-program). This resulted in user identity ending at the Web Application Server, forcing the Web Services Provider to trust blindly that the Web Services Requester had established identity and trust with the end user.

Hopefully your business will never have to experience a major disaster. But having an effective disaster recovery plan with sufficient documentation, adequate testing, and well trained staff will increase your chances of survival when faced with a minor or major catastrophe.