Access Control includes authentication, authorization and audit. It also includes additional measures such as physical devices, including biometric scans and metal locks, hidden paths, digital signatures, encryption, social barriers, and monitoring by humans and automated systems. Authorization may be implemented using role based access control, access control lists or a policy language such as XACML.
Access Control
Is your data at risk? Why physical security is insufficient for laptop computers
published by Sophos on Feb 05, 2010
Evaluating the various data security options to protect your PCs can be challenging. This paper examines the options, discusses why passwords alone are not sufficient and makes the case for strong data encryption.
Understanding and Teaching Bots and Botnets
published by ESET on Jan 21, 2010
Bots and botnets suck, so what better teaching aid to help people understand them than a vacuum cleaner? It can be extremely challenging to attempt to explain technical concepts to non-technical people. There are two goals for this presentation. Click on this white paper to read about it.
PCI DSS Compliance with Tripwire
published by Tripwire on Jul 05, 2007
Find out step-by-step what it takes to become compliant with the Payment Card Industry (PCI) Data Security Standard (DSS), and how Tripwire can help your company achieve and maintain PCI compliance.
The PCI Data Security Standard
published by Tripwire on Jul 05, 2007
Learn about the validation requirements of the payment card industry's data security standard (PCI DSS), including administrative and technical elements of the program, and the potential sanctions for failure to comply.
Full-Disk Encryption: On the Rise
published by WinMagic Inc. on Jan 18, 2010
The simplicity of encrypting everything on the endpoint, or the precision of encrypting only specific files or folders based on content and pre-existing policies? Both approaches are widely deployed, but Aberdeen's benchmark research over the last two years makes it clear that full-disk encryption is on the rise, especially among those companies achieving Best-in-Class results.
Securing eHealth Applications in a Web World
published by Trend Micro, Inc. on Nov 25, 2009
The increasing adoption of electronic health records greatly complicates the tasks of security and privacy requirements. In this webcast, *Trend Micro* and *Beth Israel Deaconess Medical Center* discuss how to successfully navigate through the challenges associated with securing Web-based applications.
The Forrester WaveT: Web Filtering, Q2 2009
published by McAfee ITWhitePapers on Nov 17, 2009
One of your biggest challenges is evaluating and selecting vendor products and services. That's why Forrester created the Forrester Wave, making it easy for you to make well-informed decisions. This complimentary Forrester Wave report on Web Filtering ($795 retail value) offers: An in-depth evaluation of Web filtering vendors, based on 53 criteria and a powerful Excel spreadsheet that allows you to easily compare products and get in-depth data and analysis about each one.
Preventing Data Breaches in Privileged Accounts Using Access Control
published by BeyondTrust on Nov 13, 2009
It is critical that organizations are proactive in their approach to mitigating insider threats. Week-after week there are disturbing, déjà vu-like stories of significant data breaches, arrests connected to insider attacks, or investigation reports emphasizing the necessity to control privileged accounts that hold highly sensitive data. This white paper explores insider attacks, threats and risks involved across every enterprise. Lastly, we will recommend a sound, cost-saving solution to prevent a disaster from happening to a company's financial assets and reputation using access control.
From Trust to Process: Closing the Risk Gap in Privileged Access Control
published by BeyondTrust on Nov 13, 2009
In this whitepaper, Enterprise Management Associates (EMA) examines this critical issue in IT security administration in light of the BeyondTrust approach to helping businesses move from a trust-based system to a secure, auditable process in order to provide a higher standard of control and better support for regulatory compliance.
Privileged Access Lifecycle Management: How PALM Enables Security, Compliance, and Efficiency for En
published by BeyondTrust on Nov 13, 2009
Strengthening security, maintaining compliance, and achieving efficiencies and economies of scale are top-of-mind issues for enterprise IT executives. In this paper, IDC analysts examine the role of identity and access management (IAM) solutions in addressing these needs and specifically looks at the role privileged access lifecycle management (PALM) can play in helping heterogeneous organizations proactively refine their strategies regarding privileged access management controls, cross-platform monitoring, and automated workflow capabilities.
A Process-based Approach to Protecting Privileged Accounts & Meeting Regulatory Compliance
published by BeyondTrust on Nov 13, 2009
This white paper outlines a sound process-based approach in protecting critical privileged accounts that are found in virtually every application, database and infrastructure device throughout enterprises. This paper will present BeyondTrust PowerKeeper as a solution to secure passwords for privileged accounts in heterogeneous IT environments. Through features such as automated password resets and management workflows, secure storage of credentials, and a sealed operating system, PowerKeeper is the only solution in the market that is fully heterogeneous out-of-the-box.
Integrated Security for Broad Protection, Swift Response
published by McAfee Inc on Nov 10, 2009
If you were a hacker, would you rather attack Bank of America or Bob's Bike Shop? If you are a smaller organization, is your data less valuable? The reality: mid-size organizations face as many, if not more, threats. Why? You have less time and resources dedicated to protecting against every risk. Find out the cost savings and protection benefits that are achieved when you take a methodical approach to closing your security gaps. Read more.
Threat Vector Series - Data Protection for Midsize Companies
published by McAfee Inc on Nov 10, 2009
If you're in IT, you understand all too well the challenge of competing priorities. Security is important-but so are all of your other jobs. That's why McAfee offers a practical approach to managing security and lays out an approach for managing security in just 15 minutes a day. Read more.
Better Visibility, Visible Savings
published by McAfee Inc on Nov 10, 2009
Whether you stick with the defaults or set up a dedicated display, McAfee equips you to control your security, your way. Weigh the hidden costs of day to day maintenance of point solutions, such as learning curve, system costs, configuration overhead, maintenance, risk monitoring, incident response, and reporting. Get tangible examples of how McAfee centralized management options make you more efficient while giving you greater visibility and control in just 15 minutes a day or less. Read more.
McAfee Buyer's Guide to Data Protection
published by McAfee Inc on Nov 04, 2009
Data-Protect critical information anywhere it goes. Implementing data protection products and processes can be daunting. Make the right decisions by exploring what is available and what makes sense for your organization. Use this simple guide to evaluate different vendor offerings.
Secure in 15: An at-a-glance Calendar
published by McAfee Inc on Nov 04, 2009
Secure in 15-Security practices you can use each day. Start with this "15 Minutes Month-at-a-Glance" calendar today. Each month, we'll send you additional tools and tricks to stay protected around the clock.
2009 Forrester Wave Report on Web Filtering
published by McAfee Inc on Oct 29, 2009
As email and web applications dominate enterprise infrastructure, more companies are wondering how to ensure appropriate use and reduce the risk of malicious content. Two new reports issued by Forrester Research, Inc., discuss the market trends, client demands, and the strong offering and market strategy that distinguish McAfee products for web and email filtering. The McAfee acquisition of Secure Computing coincided with these evaluations. The twin reports examined the performance of the McAfee products (acquired through Secure Computing) against ten other vendors and extensive criteria that reflected customer interviews and end-user inquiries. These detailed evaluations concluded that McAfee is a market leader in both web and email filtering, ranking ahead of the field in critical areas such as filtering functionality, reputation research, customer satisfaction, and go-to-market partnerships.
Ntreev USA Tackles Chargebacks and Terms of Service Violations with Device Reputation
published by Iovation on Sep 25, 2009
One of the world's largest MMORPG publishers uses iovation to keep their games safe for their valued players, and the fraudsters out.
Addressing the complexities of remote data protection
published by IBM on Sep 10, 2009
Data protection and recovery can be a complicated problem in remote offices. But there are options. This white paper explores a range of possibilities, and shows how an adaptive data protection solution can protect remotely stored data for enterprises of all sizes.
New data protection strategies
published by IBM on Sep 10, 2009
As the demands for data capacity and higher service levels grow, protecting corporate data becomes more challenging. Continuous Data Protection, as discussed in this white paper by Evaluator Group and IBM, can cost-effectively improve security with As the demands for data capacity and higher service levels grow, protecting corporate data becomes more challenging. Continuous Data Protection, as discussed in this white paper by Evaluator Group and IBM, can cost-effectively improve security with minimal impact to operations.
Legacy Tools: Not Built for Today's Helpdesk
published by LogMeIn on Aug 21, 2009
This paper explores the challenges of supporting a remote workforce with legacy tools and the hidden costs of these tools. It also highlights best practices that organizations can use to choose enterprise helpdesk tools that better meet the needs of remote employees, while also helping to cut costs. Get this white paper today and find out how legacy tools can fall short when it comes to supporting today’s mobile workforce. See how it easy it is to make the switch to best-in-class helpdesk solutions.
Addressing Compliance Requirements for Privacy, Data Retention, and e-Discovery
published by Trend Micro, Inc. on Aug 21, 2009
Protecting individual and financial data, retaining data, and meeting e-discovery requirements are common compliance requirements across geographies and industries. Finding accurate, usable, and cost-effective solutions for meeting these requirements can make the difference between achieving compliance goals or leaving the organization vulnerable through unsecured use of sensitive data. Trend Micro Data Protection solutions for endpoint data leak protection, email encryption, and email archiving help organizations meet their compliance requirements – easily and cost-effectively.
When Encryption Is Not Enough
published by Trend Micro, Inc. on Aug 21, 2009
Encryption will help to protect data against unauthorized access by outsiders from lost or stolen devices such as laptops, thumb drives, and other removable media. But it does not protect against the insider threat-employees and contractors with authorized access to data who mistakenly or maliciously leak your most valuable assets.
Managing Access in a Virtualized Environment
published by CA NVM on Aug 21, 2009
To reduce virtualization security risks, an independent access enforcement technology must be employed in conjunction with system security measures. This white paper discusses ways to reduce virtualization security risks, to learn more, download this white paper today.
Respond to changing business challenges faster with SOA.
published by IBM EBF ITWP on Jul 28, 2009
A complex IT infrastructure is a stumbling block for many businesses seeking greater agility in these uncertain times. This white paper shows how a service oriented architecture (SOA) helps align the infrastructure with business needs in order to achieve maximum flexibility.
More Security Topics
Search The Library
Related Topics
Special Report
Integrating PID Controllers Into Automated Processes Via Ethernet
Ethernet communications is rapidly gaining popularity in industrial applications because it enables the real-time exchange of information between processing equipment and companies' Ethernet-based management systems. The emergence of protocols such as EtherNet/IP enables engineers to attain the advantages of using Ethernet in industrial applications.
