White. Paper. Cloud Computing Demands Enterprise- class Password Management and Security. April 2013

Size: px
Start display at page:

Download "White. Paper. Cloud Computing Demands Enterprise- class Password Management and Security. April 2013"

Transcription

1 White Paper Cloud Computing Demands Enterprise- class Password Management and Security By Jon Oltsik, Senior Principal Analyst April 2013 This ESG White Paper was commissioned by McAfee (a Division of Intel Corp.) and is distributed under license from ESG.

2 Contents White Paper: Cloud Computing Demands Enterprise- class Password Management and Security Executive Summary... 3 Security Professionals Are Very Concerned About Malware and System Compromises... 3 PC Users Are Extremely Vulnerable... 4 Passwords Represent a Growing Vulnerability... 5 Organizations Remain Burdened by Passwords and Password Management... 6 Passwords Also Carry a Lot of IT Operations Overhead... 6 Password Problems Are Exacerbated by Cloud Computing... 7 The Bigger Truth... 9 All trademark names are property of their respective companies. Information contained in this publication has been obtained by sources The Enterprise Strategy Group (ESG) considers to be reliable but is not warranted by ESG. This publication may contain opinions of ESG, which are subject to change from time to time. This publication is copyrighted by The Enterprise Strategy Group, Inc. Any reproduction or redistribution of this publication, in whole or in part, whether in hard-copy format, electronically, or otherwise to persons not authorized to receive it, without the express consent of The Enterprise Strategy Group, Inc., is in violation of U.S. copyright law and will be subject to an action for civil damages and, if applicable, criminal prosecution. Should you have any questions, please contact ESG Client Relations at

3 Executive Summary The Enterprise Strategy Group (ESG) recently conducted a survey of 307 IT and security professionals working at midmarket (i.e., 100 to 999 employees) and enterprise (i.e., more than 1,000 employees) organizations based in North America, Europe, and Asia. The purpose of this survey was to uncover concerns, challenges, and strategic plans around a number of cybersecurity topics but the majority of questions were focused on the security, manageability, and operations of authentication technologies such as passwords, multi- factor authentication, and single sign- on (SSO). Based upon the results of the ESG survey and the data presented herein, ESG concludes: Security professionals remain concerned about a wide variety of security threats. In spite of layers of security defenses, security professionals continue to worry about all types of security incidents including malware infections, identity theft, and system compromises. These anxieties extend beyond the enterprise IT infrastructure 32% of security professionals are extremely concerned about having their employer s cloud service provider(s) suffer a computer security breach. End- users are especially vulnerable to attacks and identity theft. More than three- fourths of security professionals believe that the average Internet user is extremely vulnerable or vulnerable to a malicious code attack that could lead to identity theft. Security professionals point to weak security and authentication (i.e., passwords) as major issues here. Most security professionals believe that passwords are no longer adequate security controls. More than half of security professionals believe that passwords are insecure and no longer appropriate for controlling access to some or all enterprise applications. Traditional passwords demand an inordinate amount of IT overhead. Aside from weak security, passwords are difficult to provision, manage, and support. These issues are aggravated by the fact that many organizations assign multiple passwords so users can access multiple discrete applications. This antiquated practice simply doesn t scale. Cloud computing exacerbates password security and management headaches. Large and small organizations are embracing cloud applications while end- users utilize a plethora of Internet services for collaboration, note taking, and social networking. Regrettably, cloud applications/services intensify password problems with redundant operations, additional user accounts, and a lack of visibility/control. At a higher level, this adds operational overhead and increases IT risk. Organizations need to bridge the password problems gap. While replacing password authentication with multi- factor authentication might eliminate management and security problems, few if any organizations have the time or money to pursue this disruptive strategy. In lieu of a full replacement, CISOs should seek out solutions that help them streamline operations and lower password risk especially as they increase the use of cloud applications/services. These solutions must centralize identity/authentication operations, ease multi- factor provisioning/management, and provide an integration bridge between internal identity and access management solutions and cloud applications/services. Security Professionals Are Very Concerned About Malware and System Compromises The ESG data clearly illustrates that security professionals are extremely concerned about an array of security risks. For example, 86% of security professionals are concerned or very concerned about having their organization s employees PCs infected by a virus or other type of malicious code, 83% are concerned or very concerned about having their employer suffer a computer security breach, and 82% are concerned or very concerned about having their organization s employees account(s) breached or hacked (see Figure 1). Furthermore, security professionals concerns extend beyond internal IT alone three- fourths of the security professionals surveyed are very concerned or concerned about having their employer s cloud server providers suffer a computer security breach.

4 Figure 1. Security Professionals Have Numerous Concerns How concerned if at all are you about each of the following Internet security risks? (Percent of respondents, N=307) Very concerned Concerned Neutral Not concerned Not at all concerned Having your organizajon s employees PCs infected by a virus or other type of malicious code 42% 44% 11% 3% Having your employer suffer a computer security breach 41% 42% 12% 5% Having your organizajon s employees account(s) breached or hacked 38% 44% 12% 6% Having your organizajon s employees personal informajon stolen 36% 39% 16% 8% 1% Having your organizajon s employees smart phone or tablet infected by a virus or other type of malicious code 35% 45% 12% 6% 2% Having your employer s cloud service providers suffer a computer security breach 32% 43% 16% 7% 1% Source: Enterprise Strategy Group, Security professionals are paid to be paranoid, but their concerns are not based on general opinions alone. A majority of respondents (59%) acknowledged that their organization suffered an endpoint security breach within the last two years. Alarmingly, of those organizations that suffered an endpoint security breach within the last two years, 28% admit to at least 11 security breaches or more. PC Users Are Extremely Vulnerable 0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100% The concerns described above are understandable; security professionals are acutely aware of cybersecurity issues including the increasing malware volume, growing hacktivist activities, and a wave of publicly disclosed security breaches at organizations like Google, Lockheed- Martin, and the New York Times. Additionally, security professionals realize that PC users may represent the weakest link in the security chain. For example, 79% of security professionals believe that the average Internet user is extremely vulnerable or vulnerable to a security breach that would ultimate lead to identity theft (see Figure 2).

5 Figure 2. Security Professionals believe Internet Users Are Vulnerable to Identity Theft Given your experience managing security and user authenzcazon, how vulnerable do you believe the average Internet user is to idenzty the[? (Percent of respondents, N=307) Not vulnerable, 6% Extremely vulnerable, 24% Neutral, 15% Passwords Represent a Growing Vulnerability Vulnerable, 56% Source: Enterprise Strategy Group, Over the past few years, global organizations of all sizes have invested billions of dollars in security technologies, yet security professionals remain concerned while PC users continue to be vulnerable to attack. Why? It s easy to speculate about things like software vulnerabilities, social engineering techniques, and sophisticated malware, but one of the greatest security weaknesses may be the continued reliance on the use of passwords for user authentication. The issues associated with passwords were recently described in great detail in a Wired Magazine article. As the article stated: Since the dawn of the information age, we ve bought into the idea that a password, so long as it s elaborate enough, is an adequate means of protecting all this precious data. But in 2012 that s a fallacy, a fantasy, an outdated sales pitch. And anyone who still mouths it is a sucker or someone who takes you for one No matter how complex, no matter how unique, your passwords can no longer protect you. 1 Do security professionals agree with the position stated in the Wired article? In a word, yes. Eleven percent of security professionals believe that user name/ password authentication is no longer secure and should be eliminated in all cases, 44% stated that user name/password authentication is no longer secure and should be eliminated for business critical applications but remains an adequate option for authentication to non- business critical applications (see Figure 3). Security professionals in the Asia Pacific region are especially bearish 19% said that user name/ password authentication is no longer secure and should be eliminated in all cases. 1 Source: Honan, Mat, Kill the Password: Why a String of Characters Can t Protect Us Anymore, Wired, November 15, 2012.

6 Figure 3. Security Professionals Believe that Passwords Are No Longer Secure 50% 45% Given the current threat landscape (i.e., malicious code, automated tools, idenzty the[, etc.), which of the following statements best reflects your opinion with regards to the use of user name/password combinazons for authenzcazon? (Percent of respondents, N=307) 44% 40% 35% 34% 30% 25% 20% 15% 10% 5% 11% 11% 0% User name/password authenjcajon is no longer secure and should be eliminated as a form of authenjcajon in all cases User name/password authenjcajon is no longer secure and should be eliminated as a form of authenjcajon for business crijcal applicajons but User name/password authenjcajon is fairly secure and remains an adequate opjon for authenjcajon to most business crijcal and non- User name/password authenjcajon is secure and remains an adequate opjon for authenjcajon for all business crijcal and non- business crijcal applicajons remains an adequate opjon business crijcal applicajons for authenjcajon to non- business crijcal applicajons Source: Enterprise Strategy Group, Organizations Remain Burdened by Passwords and Password Management Despite the fact that the majority of security professionals are wary about password security, large and small organizations continue to rely on passwords as their primary authentication mechanism for network and application access. This makes these organizations vulnerable to general password security weaknesses, but this is not the only issue. Security risk is exacerbated because users typically have numerous passwords for accessing various applications and services. Security professionals claim that 56% of users are assigned between two and five passwords by their organizations, 19% of users are assigned between six and ten passwords by their organizations, and 15% of users are assigned more than ten passwords by their organizations. Not surprisingly, enterprise organizations tend to assign more passwords per user than midmarket organizations. Given the security vulnerabilities associated with passwords, more passwords per user equates to more risk for the organization. Passwords Also Carry a Lot of IT Operations Overhead As if IT risk wasn t enough, provisioning and managing user accounts is fraught with manual processes and costly operational tasks. Why? User provisioning can involve input and cooperation from a number of corporate constituencies including security administrators, network administrators, dedicated identity administrators, application administrators, and department heads. When asked to define user account provisioning and management challenges, 50% of organizations point to defining account access and privileges, 49% say auditing accounts to ensure that employees have the right privileges, and 43% are challenged by changing accounts as employees change roles and/or internal organizations (see Figure 4).

7 Faced with organizational collaboration and specific user- provisioning and management challenges, it is not surprising that it takes several days to provision all of the accounts and systems once a new employee is hired at half of all organizations surveyed. Figure 4. Challenges Associated with User Account Provisioning and Management Which of the following present the biggest challenges for your organizazon in terms of provisioning/managing user accounts for new employees? (Percent of respondents, N=307, mulzple responses accepted) Defining account access and privileges Audijng accounts to ensure that employees have the right privileges Changing accounts as employees change roles and/or internal organizajons Terminajng accounts when an employee leaves or is terminated Provisioning muljple accounts across muljple applicajons and services Monitoring idenjty stores for stale and/or rogue accounts Complejng all requests for new accounts in a defined period of jme Confirming the provisioning of each account Genng approval from all parjcipants in a jmely fashion 29% 28% 50% 49% 43% 42% 38% 37% 36% None of the above 4% 0% 10% 20% 30% 40% 50% 60% Source: Enterprise Strategy Group, Aside from provisioning and IT management issues, users also deal with a number of challenges with passwords. According to the security professionals surveyed, 39% of users require password reset support at least five times per month. Just over half (51%) of organizations report that it takes between five and ten minutes for their help desk staff to help users reset their passwords. This does not seem like much effort alone but it can add up to a significant amount of time for organizations with thousands of employees and multiple passwords for users. Password Problems Are Exacerbated by Cloud Computing These issues are bad enough when contained to internal networks and applications, but few organizations limit their IT services to corporate systems alone. Over the past few years, most organizations have effectively externalized their IT services through the use of cloud- based infrastructure (IaaS), applications (SaaS), and development platforms (PaaS). Forty- six percent of organizations use between one and five cloud applications/services, 40% use between six and ten cloud applications/services, and 14% use between 11 and 20 cloud applications/services today. Additionally, the number of organizations using between 11 and 20 cloud applications/services will increase from 15% to 40% over the next 12 months (see Figure 5). Aside from corporate deployment, users are also implementing an increasing number of cloud- based applications/services themselves sometimes without the knowledge or permission of IT. In fact, 38% of organizations found employees using cloud- based applications and/or services that IT was unaware of prior to this discovery. Seventeen percent of organizations found employees using cloud- based applications and/or services that IT was unaware of prior to this discovery five or more times over the past year.

8 Figure 5. Cloud- based Applications and Services Used Today and In the Next 12 Months 50% 45% 40% 35% 30% 25% 20% 15% 10% 5% 0% Approximately how many cloud- based applicazons and/or services does your organizazon currently use? Approximately how many cloud- based applicazons and/or services will your organizazon use in the next 12 months? (Percent of respondents, N=307) Number of cloud applicajons/services currently used 2% None Number of cloud applicajons/services used 12 months from now 46% 23% 40% 29% Between 1 and 5 Between 6 and 10 Source: Enterprise Strategy Group, From a security perspective, it is worth noting that many of these applications also contain sensitive or regulated data. In fact, 26% of organizations claim that their cloud- based applications use sensitive, regulated, or company- confidential data extensively, while 53% of organizations say that their cloud- based applications use sensitive, regulated, or company- confidential data somewhat. Few would argue about the fact that cloud computing has the potential to enable new business processes, streamline operations, and cut IT costs. These benefits are offset, however, by a plethora of security risks. Since password security and management is already tenuous within IT, it is only logical that password problems will multiply as cloud computing becomes increasingly pervasive. Furthermore, user provisioning and password management tasks will become more difficult and time consuming, as IT administrators deal with multiple cloud applications, identity tools, and reporting/auditing capabilities. CIOs and CISOs must understand and address these issues as part of their cloud computing strategies. 14% 40% Between 11 and 20 2% More than 20 4% Don t know

9 The Bigger Truth White Paper: Cloud Computing Demands Enterprise- class Password Management and Security In aggregate, the data presented in this paper presents an alarming and risky pattern. The security professionals surveyed by ESG believe: 1. Account provisioning is fraught with numerous challenges and cross- organizational processes that often take days to work through. 2. Organizations are embracing cloud computing applications that often utilize sensitive data. The use of cloud computing applications/services makes password provisioning and management even more difficult. 3. Users remain vulnerable to identity theft in spite of password provisioning and their investment in security technology controls. 4. Password authentication is no longer secure and should be eliminated for all or some business applications. ESG believes that the situation described above has come to a head. Passwords are insecure and difficult to manage. Users who can t remember them increase help desk costs. At the same time, many organizations are increasingly turning to cloud applications/services, making password management extremely difficult and rapidly increasing IT risk. This situation is unacceptable. So what s needed? Many organizations use strong passwords, multi- factor authentication, and single- sign on (SSO) tools to address the operational and security challenges described above, but many of these legacy technologies lack integration, scale, and adequate reporting. Furthermore, most identity tools are designed to plug into a variety of legacy mainframe, client/server, and web applications rather than the army of new cloud- based offerings. Replacing all passwords with multi- factor authentication technologies like tokens, one- time passwords (OTP), smart cards, or biometrics is not an option as this would be too complex, expensive, and disruptive to the business. So what should be done in the short term? To truly address risk and operational overhead, organizations need identity and access solutions designed to automate, improve, and simplify: 1. User lifecycle management. Internal IT must have the ability to provision, de- provision, and change user accounts (i.e., change user role, group, password, etc.) for all internal and cloud- based applications from a central console. To minimize redundant operations, these administrative activities must be tightly integrated with existing user repositories, such as Active Directory. 2. Authentication controls. User authentication demands flexible options. IT administrators need the ability to enforce strong password management, leverage existing multi- factor authentication technologies, or seamlessly tie into SaaS- based authentication methods while remaining transparent to user activities. Many organizations recognize these needs 91% of organizations employ a strong password policy today while 57% use some type of multi- factor authentication technology. What are needed now are centralized tools that provide flexibility and automation of multiple methods of authentication. 3. Cloud connectivity. IT managers need tools for SSO connectivity to disparate cloud applications. Since these connections will vary, SSO technology must support federated ID standards such as SAML tokens and provide native connectors for proprietary sign- on techniques such as shared secrets. The best SSO tools will also provide form- based authentication for connections with unsophisticated cloud applications lacking technical integration points. 4. Monitoring, logging, reporting, and auditing. Collecting and analyzing user activity is essential for risk management, compliance, and incident detection/response. Unfortunately, previous ESG research indicates that the ability to track user behavior for security analysis is an area of weakness at many organizations. To address this shortcoming, IAM technologies that bridge internal IT and cloud applications must provide strong monitoring, logging, reporting, and auditing. 5. Single Sign- on (SSO) for bridging IT and cloud computing. It is simply unacceptable to burden users with multiple passwords for internal and cloud- based applications/services. SSO solutions can help bridge this gap and provide a point of central control for all identity and password management activities for cloud application/services accounts. ESG recommends that organizations work with vendors offering both on- premises and on- demand SSO solutions. By doing so, CIOs can implement SSO where appropriate and have the flexibility to swap on- premises products for on- demand services (or vice versa) in the future.

10 20 Asylum Street Milford, MA Tel: Fax: global.com

White. Paper. Enterprises Need Hybrid SSO Solutions to Bridge Internal IT and SaaS. January 2013

White. Paper. Enterprises Need Hybrid SSO Solutions to Bridge Internal IT and SaaS. January 2013 White Paper Enterprises Need Hybrid SSO Solutions to Bridge Internal IT and SaaS By Jon Oltsik, Senior Principal Analyst January 2013 This ESG White Paper was commissioned by McAfee. and is distributed

More information

Virtual Patch Management Offers Automation, Availability, and Cost Benefits Date: June 2013 Author: Jon Oltsik, Senior Principal Analyst

Virtual Patch Management Offers Automation, Availability, and Cost Benefits Date: June 2013 Author: Jon Oltsik, Senior Principal Analyst ESG Brief Virtual Patch Management Offers Automation, Availability, and Cost Benefits Date: June 2013 Author: Jon Oltsik, Senior Principal Analyst Abstract: Timely patch management is a security best practice,

More information

Research Perspectives

Research Perspectives Research Perspectives Paper Network Security Operations and Cloud Computing By Jon Oltsik, Senior Principal Analyst April 2015 This ESG Research Perspectives Paper was commissioned by Tufin and is distributed

More information

Utilizing Security Ratings for Enterprise IT Risk Mitigation Date: June 2014 Author: Jon Oltsik, Senior Principal Analyst

Utilizing Security Ratings for Enterprise IT Risk Mitigation Date: June 2014 Author: Jon Oltsik, Senior Principal Analyst ESG Brief Utilizing Security Ratings for Enterprise IT Risk Mitigation Date: June 2014 Author: Jon Oltsik, Senior Principal Analyst Abstract: What do large enterprises need in order to address increasingly

More information

White. Paper. Rethinking Endpoint Security. February 2015

White. Paper. Rethinking Endpoint Security. February 2015 White Paper Rethinking Endpoint Security By Jon OItsik, Senior Principal Analyst With Kyle Prigmore, Associate Analyst February 2015 This ESG White Paper was commissioned by RSA Security and is distributed

More information

The Growing Need for Real-time and Actionable Security Intelligence Date: February 2014 Author: Jon Oltsik, Senior Principal Analyst

The Growing Need for Real-time and Actionable Security Intelligence Date: February 2014 Author: Jon Oltsik, Senior Principal Analyst ESG Brief The Growing Need for Real-time and Actionable Security Intelligence Date: February 2014 Author: Jon Oltsik, Senior Principal Analyst Abstract: ESG data indicates that many enterprise organizations

More information

Advanced Cyber Threats Demand a New Privileged Account Security Model Date: June 2013 Author: Jon Oltsik, Senior Principal Analyst

Advanced Cyber Threats Demand a New Privileged Account Security Model Date: June 2013 Author: Jon Oltsik, Senior Principal Analyst ESG Brief Advanced Cyber Threats Demand a New Privileged Account Security Model Date: June 2013 Author: Jon Oltsik, Senior Principal Analyst Abstract: In spite of marginal progress, privileged accounts

More information

Is your organization developing its own custom applications specifically for mobile devices? (Percent of respondents, N=242)

Is your organization developing its own custom applications specifically for mobile devices? (Percent of respondents, N=242) Solution Brief Check Point Capsule for Mobile Computing Security, Operations Efficiency, and Business Enablement Date: October 2014 Author: Jon Oltsik, Senior Principal Analyst; Kyle Prigmore, Research

More information

Addressing APTs and Modern Malware with Security Intelligence Date: September 2013 Author: Jon Oltsik, Senior Principal Analyst

Addressing APTs and Modern Malware with Security Intelligence Date: September 2013 Author: Jon Oltsik, Senior Principal Analyst ESG Brief Addressing APTs and Modern Malware with Security Intelligence Date: September 2013 Author: Jon Oltsik, Senior Principal Analyst Abstract: APTs first came on the scene in 2010, creating a wave

More information

ESG Brief. Overview. 2014 by The Enterprise Strategy Group, Inc. All Rights Reserved.

ESG Brief. Overview. 2014 by The Enterprise Strategy Group, Inc. All Rights Reserved. ESG Brief Webroot Delivers Enterprise-Class Threat Intelligence to Security Technology Providers and Large Organizations Date: September 2014 Author: Jon Oltsik, Senior Principal Analyst; Kyle Prigmore,

More information

Market Research. Study. Database Security and Compliance Risks. December, 2009. By Jon Oltsik

Market Research. Study. Database Security and Compliance Risks. December, 2009. By Jon Oltsik Market Research Study Database Security and Compliance Risks By Jon Oltsik December, 2009 An ESG Market Research Study Sponsored by Application Security, Inc. 2009, Enterprise Strategy Group, Inc. All

More information

Enterprise Organizations Need Contextual- security Analytics Date: October 2014 Author: Jon Oltsik, Senior Principal Analyst

Enterprise Organizations Need Contextual- security Analytics Date: October 2014 Author: Jon Oltsik, Senior Principal Analyst ESG Brief Enterprise Organizations Need Contextual- security Analytics Date: October 2014 Author: Jon Oltsik, Senior Principal Analyst Abstract: Large organizations have spent millions of dollars on security

More information

Data- centric Security: A New Information Security Perimeter Date: March 2015 Author: Jon Oltsik, Senior Principal Analyst

Data- centric Security: A New Information Security Perimeter Date: March 2015 Author: Jon Oltsik, Senior Principal Analyst ESG Solution Showcase Data- centric Security: A New Information Security Perimeter Date: March 2015 Author: Jon Oltsik, Senior Principal Analyst Abstract: Information security practices are in the midst

More information

This ESG White Paper was commissioned by Blue Coat and is distributed under license from ESG.

This ESG White Paper was commissioned by Blue Coat and is distributed under license from ESG. White Paper Network Encryption and its Impact on Enterprise Security By Jon Oltsik, Senior Principal Analyst February 2015 This ESG White Paper was commissioned by Blue Coat and is distributed under license

More information

VMware and the Need for Cyber Supply Chain Security Assurance

VMware and the Need for Cyber Supply Chain Security Assurance White Paper VMware and the Need for Cyber Supply Chain Security Assurance By Jon Oltsik, Senior Principal Analyst September 2015 This ESG White Paper was commissioned by VMware and is distributed under

More information

Cybersecurity Skills Shortage: A State of Emergency

Cybersecurity Skills Shortage: A State of Emergency Enterprise Strategy Group Getting to the bigger truth. ESG Brief Cybersecurity Skills Shortage: A State of Emergency Date: February 2016 Author: Jon Oltsik, Principal Analyst, Doug Cahill, Senior Analyst,

More information

Enterprise Strategy Group Getting to the bigger truth. By Bill Lundell, Senior Research Analyst and John McKnight, VP Research and Analysts

Enterprise Strategy Group Getting to the bigger truth. By Bill Lundell, Senior Research Analyst and John McKnight, VP Research and Analysts Enterprise Strategy Group Getting to the bigger truth. By Bill Lundell, Senior Research Analyst and John McKnight, VP Research and Analysts March 2015 4 Cloud Computing: Not a Question of If, but Rather

More information

RSA Enterprise Compromise Assessment Tool (ECAT) Date: January 2014 Authors: Jon Oltsik, Senior Principal Analyst and Tony Palmer, Senior Lab Analyst

RSA Enterprise Compromise Assessment Tool (ECAT) Date: January 2014 Authors: Jon Oltsik, Senior Principal Analyst and Tony Palmer, Senior Lab Analyst ESG Lab Review RSA Enterprise Compromise Assessment Tool (ECAT) Date: January 2014 Authors: Jon Oltsik, Senior Principal Analyst and Tony Palmer, Senior Lab Analyst Abstract: This ESG Lab review documents

More information

Threat Intelligence and Its Role Within Enterprise Cybersecurity Practices

Threat Intelligence and Its Role Within Enterprise Cybersecurity Practices Research Report Abstract: Threat Intelligence and Its Role Within Enterprise Cybersecurity Practices By Jon Oltsik, Senior Principal Analyst With Bill Lundell, Senior Research Analyst and Jennifer Gahm,

More information

Reducing the Critical Time from Incident Detection to Containment

Reducing the Critical Time from Incident Detection to Containment White Paper Reducing the Critical Time from Incident Detection to Containment By Jon Oltsik, Senior Principal Analyst May 2014 This ESG White Paper was commissioned by Bradford Networks and is distributed

More information

Business Enablement Demands Tight Identity and Security Integration Date: April 2009 Author:

Business Enablement Demands Tight Identity and Security Integration Date: April 2009 Author: INFORMATION SECURITY BRIEF Business Enablement Demands Tight Identity and Security Integration Date: April 2009 Author: Jon Oltsik, Principal Analyst Abstract: Identity management and security were once

More information

IBM: An Early Leader across the Big Data Security Analytics Continuum Date: June 2013 Author: Jon Oltsik, Senior Principal Analyst

IBM: An Early Leader across the Big Data Security Analytics Continuum Date: June 2013 Author: Jon Oltsik, Senior Principal Analyst ESG Brief IBM: An Early Leader across the Big Data Security Analytics Continuum Date: June 2013 Author: Jon Oltsik, Senior Principal Analyst Abstract: Many enterprise organizations claim that they already

More information

The State of Mobile Computing Security

The State of Mobile Computing Security Research Report Abstract: The State of Mobile Computing Security By Jon Oltsik, Senior Principal Analyst and Bill Lundell, Senior Research Analyst With Jennifer Gahm, Senior Project Manager February 2014

More information

White. Paper. Desktop Virtualization, Management, and Security. November, 2009. By Jon Oltsik, Principal Analyst and Mark Bowker, Senior Analyst

White. Paper. Desktop Virtualization, Management, and Security. November, 2009. By Jon Oltsik, Principal Analyst and Mark Bowker, Senior Analyst White Paper Desktop Virtualization, Management, and Security By Jon Oltsik, Principal Analyst and Mark Bowker, Senior Analyst November, 2009 2009, Enterprise Strategy Group, Inc. All Rights Reserved Contents

More information

White. Paper. The Big Data Security Analytics Era Is Here. January 2013

White. Paper. The Big Data Security Analytics Era Is Here. January 2013 White Paper The Big Data Security Analytics Era Is Here By Jon Oltsik, Senior Principal Analyst January 2013 This ESG White Paper was commissioned by RSA Security and is distributed under license from

More information

Web Application Security Testing Tools and Services

Web Application Security Testing Tools and Services Research Report Abstract: Web Application Security Testing Tools and Services By Jon Oltsik, Senior Principal Analyst, and Jane Wright, Senior Research Analyst With Jennifer Gahm April 2013 Introduction

More information

Corporate Online File Sharing and Collaboration Market Trends

Corporate Online File Sharing and Collaboration Market Trends Research Report Abstract: Corporate Online File Sharing and Collaboration Market Trends By Kristine Kao, Market Research Analyst, Terri McClure, Senior Analyst, and Jane Wright, Senior Production Analyst

More information

The Top 7 Ways to Protect Your Data in the New World of

The Top 7 Ways to Protect Your Data in the New World of The Top 7 Ways to Protect Your Data in the New World of Shadow IT and Shadow Data Brought to you by Elastica and Centrify Introduction According to research conducted by Elastica, most companies use over

More information

Information-driven Security and RSA Security Analytics and RSA ECAT

Information-driven Security and RSA Security Analytics and RSA ECAT White Paper Information-driven Security and RSA Security Analytics and RSA ECAT By Jon Oltsik, Senior Principal Analyst September 2014 This ESG White Paper was commissioned by RSA, The Security Division

More information

managing SSO with shared credentials

managing SSO with shared credentials managing SSO with shared credentials Introduction to Single Sign On (SSO) All organizations, small and big alike, today have a bunch of applications that must be accessed by different employees throughout

More information

White. Paper. Understanding and Addressing APTs. September 2012

White. Paper. Understanding and Addressing APTs. September 2012 White Paper Understanding and Addressing APTs By Jon Oltsik, Senior Principal Analyst September 2012 This ESG White Paper was commissioned by Trend Micro and is distributed under license from ESG. 2012,

More information

Security Intelligence: A Key Component of Big Data Security Analytics Date: December 2012 Author: Jon Oltsik, Senior Principal Analyst

Security Intelligence: A Key Component of Big Data Security Analytics Date: December 2012 Author: Jon Oltsik, Senior Principal Analyst ESG Brief Security Intelligence: A Key Component of Big Data Security Analytics Date: December 2012 Author: Jon Oltsik, Senior Principal Analyst Abstract: The intersection of big data and security analytics

More information

2012 NCSA / Symantec. National Small Business Study

2012 NCSA / Symantec. National Small Business Study 2012 NCSA / Symantec National Small Business Study National Cyber Security Alliance Symantec JZ Analytics October 2012 Methodology and Sample Characteristics JZ Analytics was commissioned by the National

More information

Cyber Security. An Executive Imperative for Business Owners. 77 Westport Plaza, St. Louis, MO 63416 p 314.439.4700 f 314.439.4799

Cyber Security. An Executive Imperative for Business Owners. 77 Westport Plaza, St. Louis, MO 63416 p 314.439.4700 f 314.439.4799 Cyber Security An Executive Imperative for Business Owners SSE Network Services www.ssenetwork.com 77 Westport Plaza, St. Louis, MO 63416 p 314.439.4700 f 314.439.4799 Pretecht SM by SSE predicts and remedies

More information

Online File Sharing and Collaboration: Deployment Model Trends

Online File Sharing and Collaboration: Deployment Model Trends Research Report Abstract: Online File Sharing and Collaboration: Deployment Model Trends By Terri McClure, Senior Analyst and Bill Lundell, Senior Research Analyst With Jennifer Gahm, Senior Project Manager

More information

The Network Application Security Architecture Requirement

The Network Application Security Architecture Requirement White Paper The Network Application Security Architecture Requirement By Jon Oltsik March, 2011 This ESG White Paper was commissioned by Juniper Networks and is distributed under license from ESG. 2011,

More information

Transporter from Connected Data Date: February 2015 Author: Kerry Dolan, Lab Analyst and Vinny Choinski, Sr. Lab Analyst

Transporter from Connected Data Date: February 2015 Author: Kerry Dolan, Lab Analyst and Vinny Choinski, Sr. Lab Analyst ESG Lab Test Drive Transporter from Connected Data Date: February 2015 Author: Kerry Dolan, Lab Analyst and Vinny Choinski, Sr. Lab Analyst Abstract: This report documents the results of an ESG Lab Test

More information

ProtectWise: Shifting Network Security to the Cloud Date: March 2015 Author: Tony Palmer, Senior Lab Analyst and Aviv Kaufmann, Lab Analyst

ProtectWise: Shifting Network Security to the Cloud Date: March 2015 Author: Tony Palmer, Senior Lab Analyst and Aviv Kaufmann, Lab Analyst ESG Lab Spotlight ProtectWise: Shifting Network Security to the Cloud Date: March 2015 Author: Tony Palmer, Senior Lab Analyst and Aviv Kaufmann, Lab Analyst Abstract: This ESG Lab Spotlight examines the

More information

SaaS with a Face: User Satisfaction in Cloud- based E- mail Management with Mimecast

SaaS with a Face: User Satisfaction in Cloud- based E- mail Management with Mimecast White Paper SaaS with a Face: User Satisfaction in Cloud- based E- mail Management with Mimecast By Bill Lundell, Senior Research Analyst January 2013 This ESG White Paper was commissioned by Mimecast

More information

Varonis: Secure Enterprise Collaboration and File Sharing Date: June 2015 Author: Terri McClure, Senior Analyst; and Leah Matuson, Research Analyst

Varonis: Secure Enterprise Collaboration and File Sharing Date: June 2015 Author: Terri McClure, Senior Analyst; and Leah Matuson, Research Analyst ESG Brief Varonis: Secure Enterprise Collaboration and File Sharing Date: June 2015 Author: Terri McClure, Senior Analyst; and Leah Matuson, Research Analyst Abstract: With the burgeoning workplace mobility

More information

Evaluating IaaS security risks

Evaluating IaaS security risks E-Guide This expert tip examines the risks organizations need to be aware of when evaluating IaaS solutions, and highlights the key architectural and process components of access management services that

More information

Data-Centric Security vs. Database-Level Security

Data-Centric Security vs. Database-Level Security TECHNICAL BRIEF Data-Centric Security vs. Database-Level Security Contrasting Voltage SecureData to solutions such as Oracle Advanced Security Transparent Data Encryption Introduction This document provides

More information

Compensating Security Controls for Windows Server 2003 Security

Compensating Security Controls for Windows Server 2003 Security ESG Solution Showcase Compensating Security Controls for Windows Server 2003 Security Date: May 2015 Author: Jon Oltsik, Senior Principal Analyst Abstract: It is common knowledge by now that Microsoft

More information

Executive Summary P 1. ActivIdentity

Executive Summary P 1. ActivIdentity WHITE PAPER WP Converging Access of IT and Building Resources P 1 Executive Summary To get business done, users must have quick, simple access to the resources they need, when they need them, whether they

More information

The Shift Toward Data Protection Appliances

The Shift Toward Data Protection Appliances Research Report Abstract: The Shift Toward Data Protection Appliances By Jason Buffington, Senior Analyst and Bill Lundell, Senior Research Analyst With Jennifer Gahm, Senior Project Manager March 2015

More information

Five Reasons It s Time For Secure Single Sign-On

Five Reasons It s Time For Secure Single Sign-On Five Reasons It s Time For Secure Single Sign-On From improved security to increased customer engagement, secure single sign-on is a smart choice. Executive Overview While cloud-based applications provide

More information

1. For each of the 25 questions, multiply each question response risk value (1-5) by the number of times it was chosen by the survey takers.

1. For each of the 25 questions, multiply each question response risk value (1-5) by the number of times it was chosen by the survey takers. Employee Security Awareness Survey Trenton Bond trent.bond@gmail.com Admin - Version 1.3 Security Awareness One of the most significant security risks that organizations and corporations face today is

More information

This ESG White Paper was commissioned by Extreme Networks and is distributed under license from ESG.

This ESG White Paper was commissioned by Extreme Networks and is distributed under license from ESG. White Paper Network Solutions for Modern Data Centers By Bob Laliberte, Senior Analyst October 2013 This ESG White Paper was commissioned by Extreme Networks and is distributed under license from ESG.

More information

VDI-Centric Endpoint Security Can Help Lower Costs and Increase ROI

VDI-Centric Endpoint Security Can Help Lower Costs and Increase ROI White Paper VDI-Centric Endpoint Security Can Help Lower Costs and Increase ROI By Jon Oltsik, Senior Principal Analyst June 2012 This ESG White Paper was commissioned by Trend Micro and is distributed

More information

Research Report. Abstract: 2014 Public Cloud Computing Trends. March 2014

Research Report. Abstract: 2014 Public Cloud Computing Trends. March 2014 Research Report Abstract: 2014 Public Cloud Computing Trends By Wayne Pauley, Senior Analyst and Bill Lundell, Senior Research Analyst With Jenn Gahm, Senior Project Manager March 2014 Introduction Research

More information

Research Report. Abstract: 2013 Public Cloud Computing Trends. March 2013

Research Report. Abstract: 2013 Public Cloud Computing Trends. March 2013 Research Report Abstract: 2013 Public Cloud Computing Trends By Wayne Pauley, Senior Analyst and Bill Lundell, Senior Research Analyst With Jenn Gahm, Senior Project Manager March 2013 Introduction Research

More information

Addressing the United States CIO Office s Cybersecurity Sprint Directives

Addressing the United States CIO Office s Cybersecurity Sprint Directives RFP Response Addressing the United States CIO Office s Cybersecurity Sprint Directives How BeyondTrust Helps Government Agencies Address Privileged Account Management and Improve Security July 2015 Addressing

More information

Novell Cloud Security Service Reducing Risk by Securing the Cloud. Stefan Stiehl Senior Sales Technology Specialist sstiehl@novell.

Novell Cloud Security Service Reducing Risk by Securing the Cloud. Stefan Stiehl Senior Sales Technology Specialist sstiehl@novell. Novell Cloud Security Service Reducing Risk by Securing the Cloud Stefan Stiehl Senior Sales Technology Specialist sstiehl@novell.com Disclaimer for Product in Development Unpublished Work of Novell, Inc.

More information

Why SAAS makes sense: The benefits of Cloud Computing for Email Archiving

Why SAAS makes sense: The benefits of Cloud Computing for Email Archiving Why SAAS makes sense: The benefits of Cloud Computing for Email Archiving Confidentiality This document contains confidential material that is proprietary to Gradian Systems Ltd. The material, ideas, and

More information

Healthcare Information Security Today

Healthcare Information Security Today Healthcare Information Security Today 2015 Survey Analysis: Evolving Threats and Health Info Security Efforts WHITE PAPER SURVEY BACKGROUND The Information Security Media Group conducts an annual Healthcare

More information

Trends in Private Cloud Infrastructure

Trends in Private Cloud Infrastructure Research Report Abstract: Trends in Private Cloud Infrastructure By Mark Bowker, Senior Analyst and Bill Lundell, Senior Research Analyst With Jennifer Gahm, Senior Project Manager April 2014 Introduction

More information

Proven LANDesk Solutions

Proven LANDesk Solutions LANDesk Solutions Descriptions Proven LANDesk Solutions IT departments face pressure to reduce costs, reduce risk, and increase productivity in the midst of growing IT complexity. More than 4,300 organizations

More information

An Analytics-based Approach to Cybersecurity

An Analytics-based Approach to Cybersecurity ESG Solution Showcase An Analytics-based Approach to Cybersecurity Date: May 2015 Author: Jon Oltsik, Senior Principal Analyst Abstract: Since the Google Aurora incident announced in 2010, large organizations

More information

The SentinelOne Endpoint Protection Platform

The SentinelOne Endpoint Protection Platform Enterprise Strategy Group Getting to the bigger truth. SOLUTION SHOWCASE The SentinelOne Endpoint Protection Platform Date: September 2015 Author: Jon Oltsik, Senior Principal Analyst; and Doug Cahill,

More information

How to Secure Your SharePoint Deployment

How to Secure Your SharePoint Deployment WHITE PAPER How to Secure Your SharePoint Deployment Some of the sites in your enterprise probably contain content that should not be available to all users [some] information should be accessible only

More information

WHITEPAPER SAML ALONE IS NOT SECURE - HERE S HOW TO FIX IT

WHITEPAPER SAML ALONE IS NOT SECURE - HERE S HOW TO FIX IT WHITEPAPER SAML ALONE IS NOT SECURE - HERE S HOW TO FIX IT Executive Overview SAML (Security Assertion Markup Language) is a standard that facilitates the exchange of security information. Developed by

More information

Cybersecurity and Secure Authentication with SAP Single Sign-On

Cybersecurity and Secure Authentication with SAP Single Sign-On Solution in Detail SAP NetWeaver SAP Single Sign-On Cybersecurity and Secure Authentication with SAP Single Sign-On Table of Contents 3 Quick Facts 4 Remember One Password Only 6 Log In Once to Handle

More information

Total year-over-year spending change in networking, 2009-2012. (Percent of respondents) 37% 36% 35% 37% 29% 26% 16% 13% 0% 20% 40% 60% 80%

Total year-over-year spending change in networking, 2009-2012. (Percent of respondents) 37% 36% 35% 37% 29% 26% 16% 13% 0% 20% 40% 60% 80% Research Brief 2012 Networking Spending Trends Date: March 2012 Author: Jon Oltsik, Senior Principal Analyst; Bob Laliberte, Senior Analyst; and Bill Lundell, Senior Research Analyst Abstract: According

More information

Getting on the Road to SDN. Attacking DMZ Security Issues with Advanced Networking Solutions

Getting on the Road to SDN. Attacking DMZ Security Issues with Advanced Networking Solutions White Paper Getting on the Road to SDN Attacking DMZ Security Issues with Advanced Networking Solutions By Bob Laliberte, Senior Analyst March 2014 This ESG White Paper was commissioned by NEC and is distributed

More information

Cisco Systems and the Migration from Network Access Control (NAC) to Endpoint Visualization, Access, and Security (EVAS)

Cisco Systems and the Migration from Network Access Control (NAC) to Endpoint Visualization, Access, and Security (EVAS) White Paper Cisco Systems and the Migration from Network Access Control (NAC) to Endpoint Visualization, Access, and Security (EVAS) By Jon Oltsik, Senior Principal Analyst October 2014 This ESG White

More information

White. Paper. Evaluating Sync and Share Solutions. Balancing Security, Control, and Productivity. September, 2014

White. Paper. Evaluating Sync and Share Solutions. Balancing Security, Control, and Productivity. September, 2014 White Paper Evaluating Sync and Share Solutions Balancing Security, Control, and Productivity By Terri McClure, Senior Analyst September, 2014 This ESG White Paper was commissioned by Code42 and is distributed

More information

SavvyDox: Next-generation Collaboration Bridges the Space Between EFSS and ECM

SavvyDox: Next-generation Collaboration Bridges the Space Between EFSS and ECM ESG Solution Showcase SavvyDox: Next-generation Collaboration Bridges the Space Between EFSS and ECM Date: June 2015 Author: Terri McClure, Senior Analyst; and Leah Matuson, Research Analyst Abstract:

More information

Platform-as-a-service Usage and Satisfaction Study

Platform-as-a-service Usage and Satisfaction Study Research Report Abstract: Platform-as-a-service Usage and Satisfaction Study By Stephen D. Hendrick, Principal Analyst with Bill Lundell, Senior Research Analyst and Jennifer Gahm, Senior Project Manager

More information

Top 5 Reasons to Choose User-Friendly Strong Authentication

Top 5 Reasons to Choose User-Friendly Strong Authentication SOLUTION BRIEF: USER-FRIENDLY STRONG AUTHENTICATION........................................ Top 5 Reasons to Choose User-Friendly Strong Authentication Who should read this paper This executive brief asserts

More information

White. Paper. The Modern Network Monitoring Mandate. April 2014

White. Paper. The Modern Network Monitoring Mandate. April 2014 White Paper The Modern Network Monitoring Mandate By Bob Laliberte, Senior Analyst April 2014 This ESG White Paper was commissioned by Emulex and is distributed under license from ESG. White Paper: The

More information

Identity and Access Management in the Commonwealth

Identity and Access Management in the Commonwealth Identity and Access Management in the Commonwealth Erik Avakian, CISSP, CISA, CISM, CGCIO Chief Information Security Officer Commonwealth of Pennsylvania eavakian@pa.gov William (Bill) Harrod, CISSP Cyber-Security

More information

AB 1149 Compliance: Data Security Best Practices

AB 1149 Compliance: Data Security Best Practices AB 1149 Compliance: Data Security Best Practices 1 Table of Contents Executive Summary & Overview 3 Data Security Best Practices 4 About Aurora 10 2 Executive Summary & Overview: AB 1149 is a new California

More information

The Business Case for Security Information Management

The Business Case for Security Information Management The Essentials Series: Security Information Management The Business Case for Security Information Management sponsored by by Dan Sullivan Th e Business Case for Security Information Management... 1 Un

More information

Security management solutions White paper. Extend business reach with a robust security infrastructure.

Security management solutions White paper. Extend business reach with a robust security infrastructure. Security management solutions White paper Extend business reach with a robust security infrastructure. July 2007 2 Contents 2 Overview 3 Adapt to today s security landscape 4 Drive value from end-to-end

More information

White. Paper. Big Data Advisory Service. September, 2011

White. Paper. Big Data Advisory Service. September, 2011 White Paper Big Data Advisory Service By Julie Lockner& Tom Kornegay September, 2011 This ESG White Paper was commissioned by EMC Corporation and is distributed under license from ESG. 2011, Enterprise

More information

Guide to Evaluating Multi-Factor Authentication Solutions

Guide to Evaluating Multi-Factor Authentication Solutions Guide to Evaluating Multi-Factor Authentication Solutions PhoneFactor, Inc. 7301 West 129th Street Overland Park, KS 66213 1-877-No-Token / 1-877-668-6536 www.phonefactor.com Guide to Evaluating Multi-Factor

More information

INTRODUCING isheriff CLOUD SECURITY

INTRODUCING isheriff CLOUD SECURITY INTRODUCING isheriff CLOUD SECURITY isheriff s cloud-based, multi-layered, threat protection service is the simplest and most cost effective way to protect your organization s data and devices from cyber-threats.

More information

Everything You Wanted to Know about DISA STIGs but were Afraid to Ask

Everything You Wanted to Know about DISA STIGs but were Afraid to Ask Everything You Wanted to Know about DISA STIGs but were Afraid to Ask An EiQ Networks White Paper 2015 EiQ Networks, Inc. All Rights Reserved. EiQ, the EiQ logo, the SOCVue logo, SecureVue, ThreatVue,

More information

ITAR Compliance Best Practices Guide

ITAR Compliance Best Practices Guide ITAR Compliance Best Practices Guide 1 Table of Contents Executive Summary & Overview 3 Data Security Best Practices 4 About Aurora 10 2 Executive Summary & Overview: International Traffic in Arms Regulations

More information

Research Report. Abstract: The Evolution of Server Virtualization. November 2010

Research Report. Abstract: The Evolution of Server Virtualization. November 2010 Research Report Abstract: The Evolution of Server Virtualization By Mark Bowker and Jon Oltsik With Bill Lundell, John McKnight, and Jenn Gahm November 2010 2010 Enterprise Strategy Group, Inc. All Rights

More information

Secure Enterprise Online File Sharing with Syncplicity Date: November 2014 Author: Tony Palmer, Senior Lab Analyst, Aviv Kaufmann, Lab Analyst

Secure Enterprise Online File Sharing with Syncplicity Date: November 2014 Author: Tony Palmer, Senior Lab Analyst, Aviv Kaufmann, Lab Analyst ESG Lab Review Secure Enterprise Online File Sharing with Syncplicity Date: November 2014 Author: Tony Palmer, Senior Lab Analyst, Aviv Kaufmann, Lab Analyst Abstract: Organizations are challenged in today

More information

Developing Secure Software in the Age of Advanced Persistent Threats

Developing Secure Software in the Age of Advanced Persistent Threats Developing Secure Software in the Age of Advanced Persistent Threats ERIC BAIZE EMC Corporation DAVE MARTIN EMC Corporation Session ID: ASEC-201 Session Classification: Intermediate Our Job: Keep our Employer

More information

WRITTEN TESTIMONY OF NICKLOUS COMBS CHIEF TECHNOLOGY OFFICER, EMC FEDERAL ON CLOUD COMPUTING: BENEFITS AND RISKS MOVING FEDERAL IT INTO THE CLOUD

WRITTEN TESTIMONY OF NICKLOUS COMBS CHIEF TECHNOLOGY OFFICER, EMC FEDERAL ON CLOUD COMPUTING: BENEFITS AND RISKS MOVING FEDERAL IT INTO THE CLOUD WRITTEN TESTIMONY OF NICKLOUS COMBS CHIEF TECHNOLOGY OFFICER, EMC FEDERAL ON CLOUD COMPUTING: BENEFITS AND RISKS MOVING FEDERAL IT INTO THE CLOUD BEFORE THE COMMITTEE ON OVERSIGHT AND GOVERNMENT REFORM

More information

identity as the new perimeter: securely embracing cloud, mobile and social media agility made possible

identity as the new perimeter: securely embracing cloud, mobile and social media agility made possible identity as the new perimeter: securely embracing cloud, mobile and social media agility made possible IT transformation and evolving identities A number of technology trends, including cloud, mobility,

More information

Cloud Computing. Chapter 5 Identity as a Service (IDaaS)

Cloud Computing. Chapter 5 Identity as a Service (IDaaS) Cloud Computing Chapter 5 Identity as a Service (IDaaS) Learning Objectives Describe challenges related to ID management. Describe and discuss single sign-on (SSO) capabilities. List the advantages of

More information

2012 Endpoint Security Best Practices Survey

2012 Endpoint Security Best Practices Survey WHITE PAPER: 2012 ENDPOINT SECURITY BEST PRACTICES SURVEY........................................ 2012 Endpoint Security Best Practices Survey Who should read this paper Small and medium business owners

More information

Endpoint Security for DeltaV Systems

Endpoint Security for DeltaV Systems DeltaV Systems Service Data Sheet Endpoint Security for DeltaV Systems Essential protection that consolidates endpoint and data security. Reduces the time and effort spent deploying and managing security

More information

This ESG White Paper was commissioned by Zettaset and is distributed under license from ESG.

This ESG White Paper was commissioned by Zettaset and is distributed under license from ESG. White Paper Closing the Big Data Management and Security Gap By Nik Rouda, Senior Analyst October 2014 This ESG White Paper was commissioned by Zettaset and is distributed under license from ESG. 2 Contents

More information

Integrating Single Sign-on Across the Cloud By David Strom

Integrating Single Sign-on Across the Cloud By David Strom Integrating Single Sign-on Across the Cloud By David Strom TABLE OF CONTENTS Introduction 1 Access Control: Web and SSO Gateways 2 Web Gateway Key Features 2 SSO Key Features 3 Conclusion 5 Author Bio

More information

McAfee Acquires NitroSecurity

McAfee Acquires NitroSecurity McAfee Acquires NitroSecurity McAfee announced that it has closed the acquisition of privately owned NitroSecurity. 1. Who is NitroSecurity? What do they do? NitroSecurity develops high-performance security

More information

Securing Endpoints without a Security Expert

Securing Endpoints without a Security Expert How to Protect Your Business from Malware, Phishing, and Cybercrime The SMB Security Series Securing Endpoints without a Security Expert sponsored by Introduction to Realtime Publishers by Don Jones, Series

More information

The Benefits of an Integrated Approach to Security in the Cloud

The Benefits of an Integrated Approach to Security in the Cloud The Benefits of an Integrated Approach to Security in the Cloud Judith Hurwitz President and CEO Marcia Kaufman COO and Principal Analyst Daniel Kirsch Senior Analyst Sponsored by IBM Introduction The

More information

Driving Company Security is Challenging. Centralized Management Makes it Simple.

Driving Company Security is Challenging. Centralized Management Makes it Simple. Driving Company Security is Challenging. Centralized Management Makes it Simple. Overview - P3 Security Threats, Downtime and High Costs - P3 Threats to Company Security and Profitability - P4 A Revolutionary

More information

Enterprise Database Trends in a Big Data World

Enterprise Database Trends in a Big Data World Research Report Abstract: Enterprise Database Trends in a Big Data World By Nik Rouda, Senior Analyst With Bill Lundell, Senior Research Analyst and Jennifer Gahm, Senior Project Manager July 2014 Introduction

More information

Research Report. Abstract: Social Enterprise Adoption Trends. June 2012

Research Report. Abstract: Social Enterprise Adoption Trends. June 2012 Research Report Abstract: Social Enterprise Adoption Trends By Tom Petrocelli, Senior Analyst With Bill Lundell, Senior Research Analyst, and Jenn Gahm, Senior Project Manager June 2012 2012 Enterprise

More information

Lots of workers, many applications, multiple locations......and you need one smart way to handle access for all of them.

Lots of workers, many applications, multiple locations......and you need one smart way to handle access for all of them. Lots of workers, many applications, multiple locations......and you need one smart way to handle access for all of them. imprivata OneSign The Converged Authentication and Access Management Platform The

More information

An Oracle White Paper December 2010. Implementing Enterprise Single Sign-On in an Identity Management System

An Oracle White Paper December 2010. Implementing Enterprise Single Sign-On in an Identity Management System An Oracle White Paper December 2010 Implementing Enterprise Single Sign-On in an Identity Management System Introduction Most users need a unique password for every enterprise application, causing an exponential

More information

Leveraging Privileged Identity Governance to Improve Security Posture

Leveraging Privileged Identity Governance to Improve Security Posture Leveraging Privileged Identity Governance to Improve Security Posture Understanding the Privileged Insider Threat It s no secret that attacks on IT systems and information breaches have increased in both

More information

Platform-as-a-service Language Use Study

Platform-as-a-service Language Use Study Research Report Abstract: Platform-as-a-service Language Use Study By Stephen D. Hendrick, Principal Analyst with Bill Lundell, Senior Research Analyst & Jennifer Gahm, Senior Project Manager February

More information