You can engage with new prospects by sponsoring a download
on Infosecurity. Downloads provide users with the option
to review the information as frequently as they need so it's an ideal way to share
those white-papers. Our easy-to-use registration process provides you with a
list of pre-qualified leads.
To find out more about how you can be involved with downloads on this website
contact us today.
Download Now
In the world of identity and access management, Role Based Access Control (RBAC) is gradually becoming a frequently used term. Dictated in part by legislative and regulatory norms, an increasing number of organizations wish to manage and assign all access privileges across the network in a structured way. This is possible through the use of RBAC software. So how can companies achieve an adequate implementation of RBAC across their entire organization?
06 February 2012
The 2012 State of the Endpoint study sponsored by Lumension® and conducted by Ponemon Institute is the
third annual study to determine how effective organizations are in the protection of their endpoints and what
they perceive are the biggest obstacles to reducing risk.
24 January 2012
Both Denial-of-Service (DoS) and Brute Force Attacks have existed for many years, and many network devices tout the ability to withstand them. However, most of today’s DoS attacks target layer 7 (L7) by overwhelming applications with seemingly valid requests and Brute Force programs can send more than one million attempts per second. This paper will discuss how to intelligently mitigate these types of attacks.
07 November 2011
This whitepaper outlines the possible benefits that Enterprise SSO and authentication management (smart card-based login) can offer organizations.
24 October 2011
Domain Name System (DNS) provides one of the most basic but critical functions on the Internet. If DNS isn’t working, then your business likely isn’t either. Secure your business and web presence with Domain Name System Security Extensions (DNSSEC).
02 September 2011
The way corporations operate around mobile devices is currently shifting—employees are starting to use their own devices for business purposes, rather than company-owned devices. With no direct control of the endpoints, IT departments have generally had to prohibit this or risk insecure access inside the firewall. But as more mobile devices appear on the corporate network, mobile device management has become a key IT initiative.
02 September 2011
Five factors to look for in endpoint management and security solutions that will help reduce endpoint cost, simplify management and improve overall performance.
16 August 2011
The volume and sophistication of malware is skyrocketing, and traditional anti-virus approaches are struggling to keep up. It’s time to rethink how we protect our endpoints. Instead of trying to build a better anti-virus “mousetrap,” without any shift in the underlying management model for vetting change in endpoint environments, security professionals should investigate more innovative approaches to endpoint security that can automate trusted change policies.
16 August 2011
The ability to detect complex cases of computer misuse within an organisation, whether perpetrated by outsiders or from within, is vital to the continuing survival of the company. But as computer criminals refine their techniques, so must the detection methods evolve. To enable this, modern-day IT departments need to employ techniques and tools previously only available to forensic investigators within the law enforcement community. Thankfully, those tools are becoming available outside of the justice environment, and are proving highly effective in solving cases that would otherwise have remained impossible to close.
08 August 2011
IT departments are facing three big issues when it comes to protecting the data created and stored on the systems they manage. First, the value of the data is often only realised when it is legitimately shared in some way; second, that sharing is increasingly taking place across public networks and third, the users doing the sharing are doing so on a growing diversity of devices in locations that are convenient to them.
29 July 2011
TLS (Transport Layer Security), widely known as SSL (Secure Sockets Layer), is the most well known method to secure your web site. But it can also be used for much more.
Read the white paper, "Best Practices and Applications of TLS/SSL," to learn how TLS works, best practices for its use and the various applications in which it can secure business computing.
21 July 2011
While tools such as Web 2.0 applications, IM, P2P and portable USB media can be great for business innovation and productivity, they can introduce significant risks when not managed properly.
15 July 2011
The actions of users who intentionally or accidentally cause damage to an organization is now one of the most complex and difficult problems facing IT security teams.
In this short whitepaper, learn:
• Important aspects of insider threat
• How to reduce the risk of attack
• The essential role encryption plays in these attacks
13 June 2011
Take advantage of BitLocker® for Windows 7® by integrating it with the right data protection management solution to ensure and prove compliance. Download to learn best practices for managing BitLocker, how to easily integrate BitLocker into your security program plus how to reduce key management overhead and reporting.
09 May 2011
Sophisticated malware is proliferating, especially at the endpoints that connect your environment to the rest of the world. Here’s what you need to know about protecting your PCs, laptops and other endpoints in the new security arms race.
05 May 2011
As attacks proliferate, anti-virus software can't keep up. Fortunately, there's a better way.
01 April 2011
It's pretty easy for organizations to get so wrapped up about what goes out on USB drives that they forget to protect against what comes in their environments via USB
31 March 2011
Although most organizations employ email filtering, anti-virus, firewall, and anti-spyware technologies to defend against known threats, far fewer use web or URL filtering appliances to protect themselves against malware picked up on websites. In today’s shifting environment, defending against blended threats that take advantage of multiple attack vectors is imperative.
09 March 2011
Comprehensive email archiving, at one time, was a luxury that only larger organizations could afford. But the advent of cloud-based storage and services has changed the economics of email archiving.
09 March 2011
The rapid growth of removable media has revolutionized the way we store and transport information, encouraging increased productivity - as well as a higher risk for a data breach. Download this whitepaper to learn the top five removable media considerations to better secure these devices and avoid a serious breach.
07 March 2011
When trying to achieve continuous compliance with internal policies and external regulations, organizations need to replace traditional processes with a new best practice approach and new innovative technology. This white paper aims to explore these themes to help organisations develop a strategy that will aid them in maintaining continuous compliance.
16 February 2011
While tools such as Web 2.0 applications, IM, P2P and portable USB media can be great for business innovation and productivity, they can introduce significant risks when not managed properly.
31 January 2011
Interrupting information flows, which are increasingly transmitted over the internet, has become the prime focus for today’s financially motivated hackers. With web-based malware threats becoming more complex and sophisticated, trying to counter them with software deployed within an organization is becoming a growing headache.
26 January 2011
Small businesses can suffer hours of downtime per year for every computer used in their company, whilst the last two years have seen identity and information theft become the top security concern for the majority of business owners.
22 December 2010
Enterprise authentication used to be simple: passwords for everyone, expensive tokens for a small number who work remotely. But the world is changing. Experts agree that username/password authentication does not provide enough protection against unauthorized access. CIOs are challenged to increase authentication security while preserving operational and budget efficiency. Organisations need stronger forms of authentication that are easy to use and less costly to purchase, deploy and maintain than traditional “one-size-fits-all” options.
15 November 2010
Dr. Eugene Schultz, Chief Technology Officer, Emagined Security presented at our webinar titled ‘Unifying inbound and outbound content control: Secure your organisation’s web and email traffic’. This is the presentation that he gave.
07 July 2010
Today's businesses are often under the gun to meet certain data protection requirements. Unfortunately, many companies lack a cohesive strategy for assimilating, managing, and protecting that data. New regulatory requirements are often placed upon businesses with stiff penalties for noncompliance, with equally demanding deliverable dates.
Global organizations are even more complex due to international laws. In Data Protection and Compliance in Complex Environments: The CSO Executive Series by information security expert and author Kevin Beaver, readers will learn how to clearly classify, protect, and report on critical data that requires the highest due diligence and protection efforts.
16 June 2010
Retailers and merchant service providers are under increasing pressure to adhere to PCI DSS in an effort to avoid costly fines — and the even more detrimental loss of customer confidence that results from data leakage or data breaches.
11 May 2010
USB flash drives, removable disk drives and cell phones are making it easier than ever for employees who need to transfer large files – and harder than ever for companies to monitor and protect sensitive information.
11 May 2010
With awareness of data breaches at an all-time high, banking institutions are working hard to implement policies and solutions that protect sensitive financial information along with their reputations and industry competitiveness.
10 May 2010
Hackers are manipulating the trusted nature of Facebook, MySpace and other social networks to launch exploits and spread malware attacks.
08 April 2010
Preventing the installation and execution of unauthorized software should be a high priority for any IT security conscious organization. Allowing users to install or execute unauthorized software can expose an organization to a variety of security and legal risks, not to mention the burden of increased support costs. This paper will compare and contrast a variety of techniques for detecting and preventing unauthorized code.
07 April 2010
Maintaining information security is a multi-faceted operation that is best managed with a single comprehensive strategy rather than mix of tactics based on whatever point solutions are already deployed. Learn about the processes and technologies that support security information management (SIM) operations, as well as the business case for SIM.
15 December 2009
Learn the strategies, actions, and capabilities that Best-in-Class organizations employ and technologies they choose to obtain superior performance against various security performance metrics.
15 December 2009
In this podcast transcript, Jon Ramsey, Chief Technology Officer at SecureWorks, addresses an array of security issues currently facing businesses, including security in the cloud, insider attacks, securing mobile devices and how to manage spam and malware.
15 December 2009
Cloud computing promises to deliver IT infrastructure services via the Internet on an “as-needed, pay-per-use” basis. Cloud resources can be provisioned on-the-fly to support specific project needs, or they can be leveraged on a longer-term basis to add capability to an existing IT infrastructure. For some companies, cloud resources even serve as the entire IT infrastructure because of the ease and speed of deployment and cost-effectiveness compared to deploying an in-house infrastructure.
10 December 2009
This white paper, written by two security experts from Stach & Liu, Rob Ragan and Vincent Liu, describes the challenges of automated penetration testing or application scanning of Web 2.0 applications.
10 December 2009
This study reveals some eye-opening database security and compliance trends based on research from 175 enterprise organizations.
10 December 2009
You know your organisation's data is its lifeblood, yet the protection of IP and sensitive information is all too often inadequate in today's networked world.
13 November 2009
Blended threats are spam stealth attacks - moving undetected through your mail servers and blending in with all the other email - until they strike. They can compromise personal or corporate data, "recruit" computers into a network of bots, or initiate keystroke recording that collects passwords and other information.
13 November 2009
The problem of Web-borne threats is not theoretical: millions of users have been impacted and the threat is getting worse. Today, Web threats are more numerous and virulent than those delivered in email, and it is easier to be infected by them.
13 November 2009
As the first decade of the new century draws to a close, organisations are increasingly being asked to prove that they have achieved compliance - as well as actually complying with - a raft of relevant data and privacy protection.
06 November 2009
A new report based, provided by Eset, provides details on the changing threat landscape in the United Kingdom.
06 November 2009
This report, provided by Eset, offers an in-depth look at the top 10 malware threats through Sept.
06 November 2009
IT organisations want to provide high-quality, low-cost technology services to business units as part of their basic mission. However, software complexity, manpower changes, mergers and acquisitions, and changing business requirements have complicated that mission. Trends such as managing mobility, virtualisation adoption, new and increasing compliance and governance requirements, and the need to modernise existing infrastructure add further complication to managing the IT environment.
27 October 2009
Industry standards and government regulations such as Sarbanes-Oxley, PCI-DSS, HIPAA, Gramm-Leach-Bliley Act, and FISMA require organizations to constantly strengthen the protection of mission-critical information. With billions of dollars of annual losses attributed to security breaches, corporations are under pressure to eliminate non-secure legacy systems.
27 October 2009
Capital Card Services provides credit card service management to financial and non-financial companies that desire to offer credit products and wish to outsource the necessary back office services.
22 October 2009
More than 250 online sites entrust MarketLive to deliver stellar shopping experiences to their customers, necessitating both safeguards to protect cardholder information and compliance with industry regulations such as the Payment Card Industry’s Data Security Standard (PCI). With an increasing number of retailers facing PCI requirements, MarketLive decided to cre¬ate a strategic market advantage and become PCI compliant themselves.
22 October 2009
Security threats are real-time and continual and changes occur overnight..
22 October 2009
Compliance is a key driver for deployment of IT security controls, and many organisations are pursuing automation to improve accuracy and lower costs of fulfilling requirements. Automating controls is not just laudable – it’s essential for finding and fixing a myriad of vulnerabilities that enable criminals to breach enterprise IT, disrupt electronic business processes, and steal confidential business and customer data.
21 October 2009
Compliance with the Payment Card Industry (PCI) Data Security Standard (DSS) is mandatory if your company stores, processes, or transmits payment cardholder data. This reference source, provided by Qualys, is all about understanding PCI and how merchants can comply with its requirements.
21 October 2009
Premise-based IP PBXes (Internet Protocol Private Branch eXchanges) are changing how businesses implement and use their voice communications.
21 October 2009
Compare side-by-side functionalities of seven leading IP phones.
21 October 2009
How do organisations pass their PCI DSS audits yet still suffer security breaches? Paying attention to PCI DSS checklists only partially secures the cardholder environment.
16 October 2009
Learn how to align PCI compliance with business processes for a more streamlined and reliable IT infrastructure with this whitepaper from the IT Compliance Institute.
16 October 2009
With an increasing mobile force using a variety of wireless devices to access the Internet and download applications, confidential information becomes more easily accessible to hackers. This has complicated the job of information security professionals and raised awareness of how vulnerable mobile computing devices can be.
14 October 2009
From compliance requirements to data gathering for forensic purposes, companies have opened up the floodgates to log data. Based on audit findings and internal investigations, they have deployed expensive technologies and lots of personnel without a full understanding of what to log and why. Companies and organizations need a log management strategy that combines requirements from auditors with a process for the security team based on risk to gain better visibility into log data.
13 October 2009
The conclusion is quite clear: companies cannot afford data loss, however caused. Prevention becomes a priority in the strategy to data loss. DLP comes down to reducing the risks of information loss by locating and controlling sensitive data.
08 October 2009
At the Infosecurity Virtual Conference 2009, Eleanor Laing, Conservative MP, presented in our session, 'Infosecurity in government: What's going wrong, and how to fix it'. This download is the Conservative policy paper, titled Reversing the rise of the surveillance state.
29 September 2009
The past few years have witnessed several highly publicized cases of security breaches at major corporations. These high-profile incidents have emphasized the need to protect and control sensitive corporate information within the enterprise environment. As more data resides at the endpoint, administrators are being forced to defend a new architecture that has critical corporate resources dispersed around the globe.
01 September 2009
The responses received in a recent IDC survey regarding corporate IT security give rise to serious concerns about the pace at which enterprises are responding (or are able to respond) to the growing security threat to the endpoints of their IT infrastructure. In particular, the responses show that enterprises appear to be falling behind in the following areas: HIPS usage, layered protection, mobility security.
01 September 2009
Organizations oftentimes spend upwards of 50% more on compliance efforts than necessary. This is due to the inefficient deployment of resources and manpower to satisfy the burgeoning set of internal and external compliance and audit mandates. This whitepaper outlines five ways to streamline compliance efforts and thereby reduce the IT audit tax.
26 August 2009
White paper reports on new Web threats and what’s being done to defend businesses.
18 August 2009
White paper reports on severity of email/web-borne threat and offers solutions for exposing it.
18 August 2009
White paper reports on technology which complements data resiliency and recovery strategies.
18 August 2009
White paper offers insight into technologies enabling quick, easy data recovery to any point in time
18 August 2009
White paper offers practical advice to ensure success.
18 August 2009
IDC examines the challenging process of firewall operations and the growing need for an automated approach to controlling and analyzing network security changes and configuration management processes throughout their entire life cycle.
07 August 2009
Passwords are a known weak link and continue to be exploited at alarming rates, making two-factor authentication mandatory for many organizations. Whether you’re planning to implement two-factor authentication for the first time or are looking to expand or upgrade your current implementation, this whitepaper will help you choose the two-factor solution that is right for your business.
31 July 2009
As businesses embrace mobility, IT professionals are facing new challenges. But gone are the days when stodgy IT departments would fight this business imperative. Most organisations today are simply trying to get smarter about how to manage and secure their increasingly mobile population and distributed assets.
22 July 2009
You can’t afford to ignore email archiving, security, internal policy or regulatory requirements, but can you afford to keep paying for it as multiple systems on top of your email system?
17 July 2009
To develop the necessary trust and confidence within the Public Sector communities and between Government and the citizens, a common approach to risk management and the implementation of anInformation Assurance framework becomes increasingly important.
16 July 2009
The IT threat landscape is evolving. Organised crime is involved & it’s big business. Criminals are hunting for confidential business data & the techniques they employ are increasingly complex.
01 July 2009
For most companies, information security is a top priority. Demand for protecting data and employee confidentiality is continuing to grow, especially in industries that require a regulatory-compliant environment. However, applying user names and passwords for authentication is insufficient.
25 June 2009
The archiving market continues to expand as ‘cool’ vendors enter with new storage options and services that make archiving more cost-effective and ease the migration of older data.
17 June 2009
It is critical that organizations are proactive in their approach to mitigating insider threats. Week-after week there are disturbing, déjà vu-like stories of significant data breaches, arrests connected to insider attacks, or investigation reports emphasizing the necessity to control privileged accounts that hold highly sensitive data.
16 June 2009
This report includes the input of over 2,000 companies running AIX and IBM i (i5/OS) environments regarding their data protection, recovery and optimization technologies and strategies.
11 June 2009
Once a mere novelty peripheral, USB storage devices are now as common as the mouse and keyboard. Analysts say by 2010 the market will have shipped 2.8 billion USB-enabled devices. Unfortunately, even as USB devices have evolved into useful storage media, they’ve also turned into a security nightmare for organisations.
05 June 2009
The rise of identity and access management has revolutionized how the enterprise defines
a key domain of IT risk control. Access management has become a cornerstone of best practice in IT governance, risk and compliance control — except for the most important access of all, the privileged user for shared administrative accounts, and the embedded application identities found within applications, scripts and application servers.
01 June 2009
When you talk about document security, there are many different ideas as to what security is actually wanted or needed. But the important question is, “what are you trying to achieve?”
01 June 2009
Is the PDF security software you are looking to purchase really secure? If the PDF security software you are evaluating can be simply broken, then you might as well save your money.
01 June 2009
eBook reports on how data-stealing malware is thwarting enterprise security, and offers solutions to combating these threats.
19 May 2009
This whitepaper will examine PCI DSS and explain how Lumension® Compliance and IT Risk Management can help organizations reduce the cost of addressing compliance by streamlining and automating the IT audit process, unifying control and compliance frameworks, automating assessment and remediation processes, and enabling continuous monitoring of their compliance and IT risk management posture.
15 May 2009
The collaborative benefits of Web 2.0 technologies have fueled rapid growth in online consumer markets and now are being adopted by businesses worldwide. With these technologies come new types of attack vectors.
08 April 2009
The much anticipated Breach Security Lab’s Web Hacking Incidents Database (WHID) 2008 Annual Report is ready for download.
07 April 2009
Vulnerability assessment is a complex and wide-ranging subject. This timely and informative white paper will help you understand the subject and learn how to cost-effectively implement the IT security strategy within your organisation. Written by Information security industry veteran Bigfix, this paper will be a valuable addition to your educational resources - download it today.
06 April 2009