|
The growing range of software and application threats and the need to adhere to regulatory controls has caused the volume of patches and software updates to increase. Organizations need to have software protection controls as part of their risk-management strategy. Facilities should include automated vulnerability detection and patch-management deployment to ensure that service delivery is addressed securely and efficiently. Secunia Corporate Software Inspector (CSI) incorporates these security-managemen…
Technology Audits - published 16/08/2010 - Andy Kellett, Karthik Balakrishnan
|
|
The use that is made of identity and access management (IAM) technology within the public and private sector is growing in line with the threat environment. Most organizations understand the need to maintain control over who is allowed to access their information assets. They recognize the negative impact that not having the proper identity management controls in place can have on the organization and its reputation. They also appreciate that industry regulators have the power to extract fines and impose…
White Papers - published 23/07/2010 - Andy Kellett
|
|
Provisioning the correct access rights for privileged users across growing and often complex operating environments is a time-consuming effort in its own right. Growth in the use of virtual servers and ever-changing business and compliance requirements, have made it even tougher for organizations to maintain effective control over privileged accounts and to manage user-access permissions. These issues are driving the requirement for privileged access-management solutions such as FoxT’s ServerControl prod…
Technology Audits - published 08/07/2010 - Andy Kellett, Karthik Balakrishnan
|
|
Losing data from unsecured laptops and other mobile devices is not acceptable. In the public sector, the impact of losing citizen or operationally secret data can be disastrous; for the private sector, it can lead to brand damage and financial loss. The use of software disk encryption helps to address many of the required protection issues, but even here the facilities need to be first class. Stonewood, and Eclypt range of hard-disk encryption devices, provides strong data protection that has little or n…
Technology Audits - published 23/06/2010 - Andy Kellett, Somak Roy
|
|
Fiserv is a leading player in the fraud-detection and AML sector. The company’s anti-fraud and compliance solutions are used by over three-quarters of the top banks in the US and Canada, by many of the leading banks in the UK and Ireland, and by all the leading Australian banks. The strength of its Financial Crime Risk Management platform is, in Ovum’s opinion, upheld by the breadth of the overall solution, and further product integration work is ongoing.
Technology Audits - published 23/06/2010 - Andy Kellett
|
|
The use of mobile devices to interact with financial, government, and commercial systems is still limited, but is about to see significant large-scale growth. The demand is coming from the business and user communities and is being driven by the functional capabilities of the mobile devices, ease of use for users, and cost benefits to business. There is tough competition among service providers in the banking sector to provide better authentication and customer management solutions for their online, phon…
Technology Audits - published 11/06/2010 - Andy Kellett, Karthik Balakrishnan, Nishant Singh
|
|
The identity and access management market is highly competitive, as one would expect from a sector that includes large IAM and infrastructure providers such as Oracle, Sun, IBM, and CA. In response, Entrust provides an impressive portfolio of identity-based authentication, access control, and user protection products.
The latest releases of the Entrust IdentityGuard, GetAccess, and TransactionGuard platforms provide an extensive and integrated range of identity management, risk-based authentication, acc…
Technology Audits - published 08/06/2010 - Andy Kellett, Karthik Balakrishnan, Nishant Singh
|
|
Evidian IAM Suite (version 8) is a fully featured identity and access management offering. Its core components cover the key user and systems control areas of role management, identity management, and access management. Within the solution, Evidian adopts a workflow-driven, policy-based approach to address how its identity-centric access control facilities are delivered. It then continues to retain all elements of user and usage control as the requirement extends to managing federated relationships with …
Technology Audits - published 27/05/2010 - Andy Kellett
|
|
McAfee DLP 9 is the latest release of the company’s unified data loss prevention (DLP) solution. The product covers the key data control and management areas of discovery, monitoring, and protection, and is deployed to protect confidential data wherever it is located or stored. The strength of the solution is in its ability to work with data on corporate networks, in transit, and on central storage systems and endpoint devices. This is a fully featured DLP product suitable for both public and private-sec…
Technology Audits - published 20/05/2010 - Andy Kellett
|
|
ZL Unified Archive from ZL Technologies is an integrated archive facility that is capable of managing both structured and unstructured data. The product is designed to operate as a fully-functional content management platform. It is a highly-scalable, platform agnostic, data collection and management repository that has the capacity to address the data storage, records management, electronic discovery and regulatory compliance needs of very large organizations. At the core of the solution is ZL Technolog…
Technology Audits - published 22/04/2010 - Andy Kellett
|
|
Mail-SeCure is an email-protection and management product that is suitable for organizations of all sizes. Its perimeter security engines focus on the identification and removal of email-related threats. As well as the expected anti-spam and anti-virus filters, Mail-SeCure uses a credibility-of-source approach to the front-end removal of spam and associated malware threats and also addresses the need for outbound data protection.
Technology Audits - published 15/04/2010 - Andy Kellett
|
|
Imperva’s SecureSphere Data Security Suite combines web and database security to provide a comprehensive risk-management framework that defines and controls external and internal user and application access protection while continuously monitoring and auditing the infrastructure for violations. SecureSphere Data Security Suite brings together a portfolio of Imperva products including its SecureSphere web application firewall (WAF), its SecureSphere database firewalls, its database-discovery and assessmen…
Technology Audits - published 12/04/2010 - Andy Kellett, Karthik Balakrishnan, Nishant Singh
|
|
Seeburger Business Integration Server (BIS) is an all-inclusive business-to-business (B2B) gateway solution that provides a single-platform approach to the delivery of an organization’s business-partner, supply-chain, and internal systems-integration requirements. The product set, which can be described as a full-featured, end-to-end, B2B electronic data interchange (EDI) solution, is unique in that all the product components have been developed in-house by Seeburger. Across its range of data and systems…
Technology Audits - published 08/04/2010 - Andy Kellett
|
|
AppGate with its Security Server solution is a focused enterprise-protection provider in the application gateway security marketplace, which is becoming a growing and dynamic sector. The company’s approach to protecting business assets is to ensure that only authorized users are allowed access to corporate applications and their content. Ovum believes that AppGate’s approach, though to some extent one-dimensional, is more streamlined than many of its competitors and represents a corporate-protection appr…
Technology Audits - published 08/04/2010 - Andy Kellett, Karthik Balakrishnan, Nishant Singh
|
|
M86 Security is an established global provider of secure email and Web-protection solutions. The company’s core product portfolio, which includes Secure Web Gateway Appliance, WebMarshal, and MailMarshal, was significantly strengthened by M86’s March 2009 purchase of Avinti (advanced behaviour-based malware detection) and most recently through its high-profile acquisition of Finjan (enterprise-level secure Web gateway protection). Using its extended product set, M86 Security is able to correlate and prov…
Technology Audits - published 26/02/2010 - Andy Kellett
|
|
IronKey Enterprise is a secure, encryption-based management solution for the protection of data that is copied to USB flash drives. Operating as removable storage devices, IronKey secure USB drives serve as encrypted repositories for passwords and the data that they protect. In operational use, IronKey Enterprise provides a number of security features that make it virtually impossible for a user to unlock and decrypt a device that they are not authorised to use. The product is FIPS 140-2 Level 3 complian…
Technology Audits - published 26/02/2010 - Andy Kellett, Karthik Balakrishnan, Somak Roy
|
|
Intelledox Enterprise is a rich Web-based e-forms solution for document composition and document-lifecycle management. The highly scalable product offers large-volume template-based design generation for the delivery of business documents. The solution uses Microsoft Word as the basis of its document template development approach. It is equipped with Wizard-driven tools for designing document layouts and managing the supporting infrastructure that provides the ability to deliver data from corporate busin…
Technology Audits - published 01/02/2010 - Andy Kellett, Karthik Balakrishnan, Somak Roy
|
|
The Aveksa Access Governance Platform, which comprises of Aveksa Compliance Manager, Aveksa Role Manager, and Aveksa Access Request and Change Manager, is an access control automation and management solution that focuses on delivering a business as well as a process-centric approach to controlling and managing access to corporate information resources. The product set is tasked with improving the way that organisations deliver and manage user access. It achieves this by bringing together and maintaining …
Technology Audits - published 04/01/2010 - Andy Kellett
|
|
The TippingPoint® 2500N and 5100N Intrusion Prevention System (IPS) platforms are the latest in a well-established lineage of high-performance, High-Availability (HA) IPS appliances. Both products provide automated protection against network infrastructure, enterprise, and Web application attacks, and incorporate the ability to safeguard critical business and customer data. Focus points of enterprise and network protection include the perimeter, Demilitarised Zones (DMZ), data centres, and all available …
Technology Audits - published 08/12/2009 - Andy Kellett
|
|
A significant proportion of today's security solutions are not equipped to deal with the fraud based attack approaches that threaten the security of our core information systems. Managing the needs of a mobile workforce, sharing business and customer information between business partners, collaborative business projects, and the use of Web and Web 2.0 communications, all contribute to an open trading environment where traditional protection regimes are no longer capable of keeping business systems safe.
Technology Evaluation and Comparison Reports - published 23/11/2009 - Alaa Owaineh, Alan Rodger, Andy Kellett, Karthik Balakrishnan
|
|
According to widely reported statistics the UK economy continued to shrink between July and September this year making the recession the longest since records began. And while there is evidence that other European economies are beginning to show the first positive signs of recovery, all countries within the EU continue to suffer from rising levels of unemployment. At the beginning of the downturn it was recognised that businesses would shed staff, and that due to the technology skills that many employees…
OpinionWire Articles - published 20/11/2009 - Andy Kellett
|
|
Virtualisation is positioned as a cost-effective approach to the utilisation of technology. It enables organisations to achieve both operational and business efficiency. Deployed correctly, virtualisation provides the potential to allow organisations to benefit from the consolidation of existing hardware and applications.
Butler Group Review Articles - published 30/10/2009 - Andy Kellett
|
|
If there were just two headlines that were worthy of comment from last week’s RSA Conference Europe, which itself was focused on the protection of the organisation, they both involved the subjects of people and process and the myth of protection.
OpinionWire Articles - published 30/10/2009 - Andy Kellett
|
|
At the company’s EMEA industry analyst conference last week, Symantec presented its main security message as “being the need for business to better protect, manage, and control information”. The volume of information that the business world gathers and holds continues to grow unchecked. Businesses may have become more information centric, with day-to-day operations dependent upon the availability and quality of that information; however, at the same time, the average organisation now looks to have less c…
OpinionWire Articles - published 15/10/2009 - Andy Kellett
|
|
Online commerce presents both the supplier and the consumer with many time, cost, and efficiency advantages, but when times are tough the Web is an easy target for fraud. One of the immediate problems that we all face when transacting business online is that of trust. Is the offer that we are responding to genuine, can we trust the Website concerned, are we prepared to pass on personal, business, or financial details? After all, anyone can copy a logo and put it on a Web page; abuse of Web sites is known…
OpinionWire Articles - published 12/10/2009 - Andy Kellett
|
