Perimeter defence is not enough

Up until now, the primary basis for almost all security strategies has been the moat and castle model, whereby a strong perimeter is established that divides the network into a trusted interior and untrusted exterior. It’s a model that has served well in the past, but due to the emergence of two new market trends, it now represents a significant liability.

Successful Adoption Of IT Service Management

Organisations are increasingly dependent on their IT networks to provide a competitive advantage. These networks are becoming progressively more complex in a bid to provide more sophisticated business services. The migration toward the goal of on demand, high availability, converged enterprise networks is set to provide a considerable challenge to those organisations wishing to reap the undoubted business benefits.

Security Risk Management: The Answer to Security

Security Risk Management (SRM) is emerging as this missing link, helping translate the black art of security into compliance risk terms that can be easily digested and documented. According to Forrester, “IT organisations have always scrambled to align IT with the business, but now there’s a new scramble going on — in the area of risk and compliance management.”

Busy for Information Security?

Hearing and understanding the importance of complying with all the new and forthcoming laws and appropriately securing sensitive electronic information is one thing. Finding the time (and the money) to make the rubber meet the road – well, that’s quite another. With all the HIPAAs, Sarbanes-Oxleys, and the dozen-plus state breach notification laws, for most organizations – large and small – information security is not an optional nice-to-have.

AJAX Security

Web developers cannot have failed to notice the excitement surrounding AJAX or Asynchronous JavaScript And XML. The ability to create intelligent web sites such as Google Suggest or compelling web-based applications such as Gmail is thanks in no small part to this technology. There is, however, a darker side - and accompanying the growth in AJAX applications we have noticed an equally significant growth in security flaws, with the potential to turn AJAX-enabled sites into a time bomb.

Data Management Challenges for Basel II Readiness

Data management is key to the biggest challenges facing the financial services industry today, more specifically the need to improve risk and regulatory management processes and systems. Following a period of hesitancy, banks are coming to grips with the broad implications of the Basel II Accord.

Remote filtering delivers protection in the field

It is no secret that IT managers view laptop users as a liability. In a recent Websense research report called Stress of Security, 71% of IT managers said they believed corporate laptops used outside the office and then re-connected to the network, posed a major security risk to their company.

Software as a Service and Security

These days, computer users are online not only for longer periods of time and more frequently, but they are also conducting more important transactions via e-mail and the Internet. Activities like banking online, trading stock, purchasing products and services, and managing personal accounts through Web sites are becoming more common

Policy Management Through Strength in Architecture

Many security officers dream that “deny by default, explicitly permit” was fully implemented and consistent across their IT infrastructure with “utilizing the most granular criteria possible” as the driving policy. Unfortunately their dream is the nightmares of the security operations managers that must manage and maintain this level of access granularity in the IT infrastructure.

Web Application Security and Sarbanes-Oxley Compliance

From a fundamental information security and controls perspective, it is clear that Web application security is crucial to Sarbanes-Oxley compliance. The requirements for SOX compliance apply to any system that processes or maintains financial data.

Next