Security Policies White Papers

A Security Policy is a plan of action for tackling security issues, or a set of regulations for maintaining a certain level of security. It can span anything from the practices for securing a single computer, to building/premises security, to securing the existence of an entire nation-state.
Results 1 - 25 of 243Sort Results By:Published Date | Title | Company Name
By: NAVEX Global     Published Date: Mar 04, 2014

Almost every company has some, many or all of the elements of an effective third party compliance program. The challenge is to identify what you have. This whitepaper can help you identify.

Tags : navex global, compliance program, third party risk management, risk management, compliance implementation, effective compliance, identify and prioritize, risk assessment
    
By: Nativeflow     Published Date: Feb 25, 2014

Are your company’s employees using Sharepoint, Dropbox for Business or other enterprise cloud file-sharing services? Do your users want to use standard market aps to view and edit shared files on the go? Are you concerned about preventing enterprise data leakage from mobile devices? Download the datasheet to learn about approaches that address these challenges so that your enterprise can use these services while ensuring enterprise data is protected.

Tags : enterprise file-sharing, mobile devices, sharepoint, dropbox, cloud file-sharing, standard market app, datasheet, file leakage
    
By: Symantec Corporation     Published Date: Feb 25, 2014

The efficacy of code signing as an authentication mechanism for software depends on the secure storage of code signing private keys used by software publishers. Companies that are diligent and willing to invest in the appropriate security measures can make the compromise of their private keys highly unlikely. This white paper describes recent security breaches and why they may have happened, along with best practices, especially for the Windows platform, which can help to safeguard the private keys associated with code signing certificates.

Tags : symantec, stuxnet, cyber-attack, security, certificate authority, application security, security policies
    
By: Symantec Corporation     Published Date: Feb 25, 2014

The explosive growth of the mobile apps market presents a tremendous opportunity for software developers and cybercriminals alike.  Infected apps are not only a threat to mobile device users, but also to network and platform providers, device manufacturers, and the reputation of the industry as a whole. Fortunately, developers can protect their code – and their customers – with a straightforward and easy-to-manage technology: code signing certificates. This white paper details the rise of mobile applications and why code signing certificates are essential to protecting the entire mobile apps ecosystem.

Tags : symantec, mobile, mobile applications, security, code signing certificates, security management, security policies, vulnerability management
    
By: Symantec Corporation     Published Date: Feb 25, 2014

"For years, developers have known that one of the best ways to reassure users is by signing code using a digital signature accessed via a private key issued by a respected certificate authority. But signed code is not invulnerable. Due to lax key security and vetting processes, malware has managed to infiltrate applications with signed code. Extended Validation (EV) Code Signing Certificates help to halt malware infiltration by requiring a rigorous vetting process and helping ensure that private key security cannot be compromised. EV certificates require a hard token and associated PIN in order to sign code, introducing a more secure physical factor of authentication to the signing process. The EV Code Signing process provides browsers, operating systems, and security software an additional source of confidence in applications signed with an EV certificate. Read the white paper, Protect Your Applications—and Reputation—with Symantec EV Code Signing, to learn: • Key background on the latest malware threats • How you can provide users with reassurance that your application is safe to download • Why EV Code Signing Certificates represent the next step in advanced website security and their effectiveness • How you can help provide a frictionless experience when users attempt to download your application "

Tags : symantec, malware, applications, security, code signing, application security, security policies
    
By: Symantec Corporation     Published Date: Feb 25, 2014

Android is on the rise. Unfortunately, popularity can also bring unwanted attention. While Android fans love the fact that it is an open development platform that offers developers the ability to build extremely rich and innovative applications, the same open nature of the Android platform is what makes it so attractive to malware creators. It’s high time for Android developers to increase their awareness of the pitfalls awaiting their users. This white paper focuses on the value of secure code signing practices for building more secure Android apps.

Tags : android, malware, android apps, secure code signing, symantec, application security, security policies, mobile device management
    
By: Kaspersky     Published Date: Feb 14, 2014

Inside you'll find survey analysis, discover trends, and learn more about what you need to know when it comes to security management.

Tags : kaspersky, security, security management, byod, network security, application security, security policies
    
By: McAfee     Published Date: Jan 28, 2014

SANS Institute looks at how network attacks can be avoided by utilizing a SIEM platform that combines historical data with real-time data from network sources and security policies for better, more accurate reporting.

Tags : siem, sans, endpoint, network, correlation, integration, anti spyware, anti virus
    
By: Thawte     Published Date: Dec 20, 2013

Learn how you can build customer confidence around Internet security. This guide will explain the various ways in which your business can benefit if you secure your MSIIS server with a Thawte digital certificate.

Tags : security, ms iis, access control, anti spam, anti spyware, anti virus, application security, auditing
    
By: Neustar Inc.     Published Date: Oct 14, 2013

As the digital universe evolves in both volume and scope, companies must be diligent about protecting their content. Fortunately, companies can easily leverage IP information to protect themselves. This paper explores the best practices of using IP intelligence for digital rights management to reduce risk to online content.

Tags : digital rights management, ip intelligence, best practices, neutar, security, wireless security, online content, rights
    
By: Blue Coat Systems     Published Date: Jul 18, 2013

CISOs recognize the risk threats such as phishing, fake antivirus (AV), and search engine poisoning bring, and are anxious to invest in web security technology to safeguard users. Unfortunately, it’s not so easy. Many security executives are struggling to answer questions about the most effective approach. This ESG white paper from BlueCoat explains why some CIOs are struggling to manage security in an increasingly complex and mobile landscape, and offers advice for what they should be looking for in web security.

Tags : web security, appliance, virtual, physical, saas, hybrid, access control, application security
    
By: Blue Coat Systems     Published Date: Jul 18, 2013

Data breaches have become a fact of life for organizations of all sizes, in every industry and in many parts of the globe. While many organizations anticipate that at some point a non-malicious or malicious data breach will occur, the focus of this study is to understand the steps organizations are taking—or not taking--to deal with the aftermath of a breach or what we call the Post Breach Boom. Sponsored by Solera Networks, The Post Breach Boom study was conducted by Ponemon Institute to understand the differences between non-malicious and malicious data breaches and what lessons are to be learned from the investigation and forensic activities organizations conduct following the loss or theft of sensitive and confidential information. The majority of respondents in this study believe it is critical that a thorough post-breach analysis and forensic investigation be conducted following either a non-malicious or malicious security breach.

Tags : data, non-malicious, malicious, ponemon, solera network, application security, encryption, internet security
    
By: Dell SecureWorks     Published Date: May 28, 2013

How a CIRP Can Pay for Itself Many Times Over, and Best Practices for Creating One.

Tags : hacker detection, internet security, intrusion detection, intrusion prevention, security policies, vulnerability management
    
By: EMC     Published Date: Apr 18, 2013

See how RSA Archer Risk Management enables you to proactively address risks to your organization with a central GRC management system for identifying risks, evaluating their impact, relating them to mitigating controls, and tracking their resolution.

Tags : risk assessment, risk management, it infrastructure, governance, tracking resolution, compliance, grc, authentication
    
By: Kaseya     Published Date: Apr 04, 2013

A holistic, forward-looking and flexible IT security strategy can help organizations avoid common pitfalls and meet security threats head on in a cost and time efficient manner.

Tags : it security, anti-virus, vulnerability management, intrusion prevention, access control, anti spam, anti spyware, anti virus
    
By: Rapid7     Published Date: Apr 04, 2013

This whitepaper examines the many different methods employed in phishing attacks and social engineering campaigns, and offers a solution-based approach to mitigating risk from these attack vectors.

Tags : rapid7, protect organization, attacks via phishing, solution based approach, mitigating risks, intrusion detection, intrusion prevention, phishing
    
By: McAfee     Published Date: Mar 08, 2013

Compliance does not automatically equate to security. A company may be compliant with a host of regulatory requirements, while its databases remain exposed and vulnerable. Learn how McAfee Database Security can help prevent such vulnerabilities.

Tags : database security, database compliance, native dbms auditing, database protection, database password audit, database activity monitoring, pci dss, sarbanes-oxley
    
By: McAfee     Published Date: Mar 08, 2013

With McAfee® Database Security, achieving protection and compliance is easier than you might think.

Tags : database security, database audit, database compliance, cert, database security policy, database vulnerability management, database virtual patching, database activity monitoring
    
By: McAfee     Published Date: Mar 08, 2013

Learn about McAfee Database Security solutions, compliance and security requirements, and principles for protecting your database.

Tags : database security, native dbms auditing, sarbanes-oxley, pci dss, hipaa, sas 70, ssae 16, database compliance
    
By: McAfee     Published Date: Mar 08, 2013

Databases store companies’ most valuable information assets, but in most cases they’re poorly protected. It’s important to secure databases as well as or better than other systems in the enterprise. But it’s not that simple.

Tags : real-time database monitoring, database authentication, database access control, database activity monitoring, database intrusion prevention, authentication and access control, database security, anti spam
    
By: McAfee     Published Date: Mar 07, 2013

McAfee recently bridged the MySQL security gap with a unique solution that combines an open source auditing plug-in with industry-leading database security modules — the McAfee MySQL Audit Plug-In.

Tags : securing mysql, mysql security, sql injections, mysql database, mysql audit plugin, cert, pci dss, glba
    
By: McAfee     Published Date: Mar 07, 2013

Recent surveys of IT managers revealed two commonly held beliefs: database regulations are the most challenging to comply with, and of all regulatory standards, the Payment Card Industry Data Security Standard (PCI DSS) the toughest.

Tags : pci dss compliance, best database security, pci security standards council, pci dss requirements, database activity monitoring, vulnerability manager for databases, anti spam, anti spyware
    
By: Websense     Published Date: Feb 26, 2013

Miercom conducted an independent third-party validation of the Websense TRITON Web Security Gateway Anywhere (WSGA) version 7.7.3, with comparisons to several major competitive products evaluated in this review.

Tags : security, appliance, detection, blocking, malware, threats, sandboxing, forensic reporting
    
By: McAfee     Published Date: Feb 12, 2013

AV-TEST preforms a comparative review of McAfee, Microsoft, and Symantec endpoint protection to pro-actively protect against zero-day attacks.

Tags : mcafee, av-test, deep defender, rootkits, detection, network security, email security, intrusion detection
    
By: McAfee     Published Date: Feb 06, 2013

Users who take work with them everywhere unknowingly jeopardize networks and systems.

Tags : windows 8 security, endpoint security, windows platform security, windows 2008, windows 2003, windows 7, windows vista, windows 2000
    
Start   Previous   1 2 3 4 5 6 7 8 9 10    Next    End

Related IT Whitepaper Topics

Add White Papers

Get your company's white papers in the hands of targeted business professionals.