Join Microsoft and Enline to learn how effective Identity Management can reduce costs, improve compliance and reduce risk at your Trust.

This webinar will demonstrate how Forefront Identity Manager can link with ESR to automatically manage user accounts for employees starting and leaving the Trust; provide Self Service Password reset to reduce the burden on the service desk and ensure users only have access to the information they are entitled to.

When? – 10:00 – 11:00 Wednesday 30th May 2012.

Who should attend? – Business and Technical decision makers from IT and HR departments within the Health Sector.

To register for the event please click here. 

As you might know, Design is not only about chairs, desktop and furniture…

The word comes from the late Middle English as a derivative word from Latin “Designare“, which means to indicate something for a purpose or duty.

As it happens for many concepts, the word has a definition but different meanings depending on the context where it is applied.

Just like Security.

Two important principles related to design are usability and ergonomics.
Both are related to improve people efficiency in their working environment.

The same two principles are not only related, but fundamentally important for Security.

When you design something, you mainly think about the purpose of that something in different contexts.
Because different usage contexts mean different needs to address, different perspectives, different angles.

Just like in Security planning.

Especially after Cloud Computing wave, there has been lots of talking about context-aware security.
To highlight and stress that security technologies and implementations should always consider the whole context of a session and not only a fragment of it.
For example, not limiting authentication to user credentials validation only but extend the analysis and validation to the whole “security posture” by assessing the hardware he’s using, the network he’s coming from, the strength of the authentication method used, etc.

At Stonesoft, we have blended all these important principles in our solutions from day one.

We offer dynamic, software based network security solutions that can adapt to the context where they are implemented, providing protection against the lastest and most dangerous threats: AETs.

We provide great usability both for security administrators and for users, to maximize the efficiency and user experience while minimizing impact on resources.

We can prove reduction of CAPEX and OPEX costs with real, tangible savings.

We believe in ergonomics principles applied to (e.g.) authentication, where users should be able to achieve strong authentication naturally, using methods and devices they learnt to use daily for multiple other purposes.

We offer secured authenticated access to the cloud, enabling universal access from multiple platforms and context-aware security.

We empower MSSPs to provide faster time-to-market for security services and most scalable solution to manage thousands customers with minimized OPEX.

Ins’t this… ergonomic Network Security by design?

News Facts

Supporting Quote

Supporting Resources

(1) Gartner “Magic Quadrant for Identity and Access Governance,” by Earl Perkins, Perry Carpenter, December 15, 2011

(2) Garter “Magic Quadrant for User Administration/Provisioning,” by Perry Carpenter, Earl Perkins, December 22, 2011

About the Magic Quadrant

Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

About Oracle

Oracle engineers hardware and software to work together in the cloud and in your data center. For more information about Oracle (NASDAQ: ORCL), visit http://www.oracle.com.

Trademarks

Contact Info

Oracle Named a Leader in Identity Management by Leading Analyst Firm.

If there is one thing that the internet is not short of, it’s opinions. Good, bad or indifferent, for every product or service available there are tales of joy, and tales of woe. It is wise of course to see these opinions in the context of broader views, and while the internet gives us far greater access to user experiences, you still can’t improve upon the direct opinion of someone who depends daily on a product or service for the survival of their business…or, indeed, their clients’ business.

Do as I say…and as I do
One interesting example of a company that’s well placed to advise customers based on its experiences is Enline, an independent technology solutions provider. Its business centres on areas such as hardware supply, operating systems, virtualisation services, remote access, firewalls and VPNs. The service it provides its private and public sector clients on matters relating to information security and infrastructure solutions, is based on its ‘practise what we preach’ philosophy. The advice the company offers with respect to products and services is based on Enline’s first-hand experience of the solutions it sells. This experience enables the company to tailor the advice, service and support to its customers’ specific business needs and requests, based on real-world experience, rather than hearsay or the opinions of others.

If it works for the reseller…
Recently, Mike Nelsey, Enline’s managing director noticed an emerging trend among his customers. He explains, “They are now looking at how they can deploy cost effective solutions for home working, remote access or secure local access, whether the need is driven through budgetary constraints, or as a part of an overall approach to security and compliance.” This growing customer requirement happened to coincide with Enline’s need for a solution that could be easily integrated into CA SiteMinder, using a SOAP interface.

To address both requirements, Enline deployed VASCO’s IDENTIKEY server internally, initially. IDENTIKEY is VASCO’s authentication server that provides network and application security while offering one-time password and e-signature capability. It provides authentication through RADIUS, on IIS¬-based applications and its SOAP interface enables the integration of strong authentication in virtually any web-based environment. Impressed with its results and satisfied that this solution met not only its needs but its customers’ too, Enline participated in a training programme, becoming an accredited IDENTIKEY partner in the UK. This enabled it to offer IDENTIKEY consultancy – and, critically – first-hand experience, service and after sales support, to its customers.

Enline envisaged how its IDENTIKEY experience and benefits could be enjoyed by its customers, due to its ease of use, flexibility and scalability, which would enable it to accommodate the needs of both its large and small customers. Meanwhile, its complete functionality and management features – without the need for significant budgetary or personnel investments – are well suited to a business backdrop that sees all organisations looking to reduce cost and total cost of ownership. Mike Nelsey explains: “The cost-benefit of VASCO’s solution is highly compelling for such a high quality offering. This really is a case of “spend to save”, as the return on investment is surprisingly quick.”

Of course secure authentication – more so than cost savings – remain at the heart of the IDENTIKEY Server. It verifies authentication requests from standard RADIUS clients against a local database of users. Remote users can easily establish their identity quickly with an individually assigned DIGIPASS device, which generates a unique one-time password that replaces insecure static passwords. This ensures the provision of robust security to prevent man-in-the-middle attacks. Authentication and transaction validation functions can be integrated into existing web-based applications, which entails that one DIGIPASS device can be used for several applications, providing extra convenience for the user.

Enline was aware that another key consideration for its customers was ease of use, which IDENTIKEY addresses through the inclusion of an intuitive installation wizard, which guides users through the simple setup process from start to finish.

Another benefit that Enline recognised would be appreciated by its customers, was IDENTIKEY Server’s single web-based administration interface, which is accessible through any web browser from anywhere on the network. This allows for remote administration, and presents new opportunities for outsourced service providers.

Experience based opinion
IDENTIKEY has been received favourably at Enline. More end-users are being migrated to the solution. Those that have been using it for some time have commented on its ease of use, and effortless manageability. As ever, even in the Internet age, the best source of an informed opinion is ‘to ask a man who owns one’; and Mike Nelsey summarises Enline’s IDENTIKEY experience by stating: “We’re delighted at the prospect of having IDENTIKEY to protect our customers, their information and businesses.” And recommendations rarely come more strongly – or trusted – than that, not least when a company is planning to implement something that’s so integral to the security of their business and their clients’.

Download the full press release

Click to watch the video now.

Helsinki, Finland – 12 March 2012 – The network security vendor Stonesoft today announced it has received the ‘Recommend’ rating for the Stonesoft FW-1301 in NSS Labs’ Next Generation Firewall (NGFW) Group Test. The Comparative Analysis Report, to be released in late March, evaluates seven different security vendors with only three earning the coveted ‘Recommend’ rating. Stonesoft is one of only three vendors to pass NSS Labs’ evasion, stability and leakage tests.

NSS Labs, a recognized leader in independent security research and testing, tested each vendor against various types of threats and quantities of traffic. The Stonesoft FW-1301 delivered an impressive 100 percent protection against year 2011 exploits, and also demonstrated 100 percent protection against evasions used in the test. Furthermore, Stonesoft passed 100 percent of the stability tests, thereby proving the solution’s ability to sustain security for high levels of network traffic even when under attack.

The impressive performance exhibited by the Stonesoft FW-1301 validates the solution’s ability to provide cost efficiently the highest level of protection for the most demanding customers.

Antti Kuvaja, director of product management at Stonesoft comments: “We are very proud of the outcome, especially our price per protected Mbps which is excellent for its product class. Without extensive tuning, our firewall provides the highest standard of next generation protection even against the most advanced threats.”

Stonesoft’s NGFW solutions are designed to protect complex networks supporting enterprises, service providers, multi-tenant environments, data centers and government agencies across both physical and virtual networks. The Stonesoft FW-1301 is ideally suited for those organizations that want to simplify network management and reduce cost of ownership while still enjoying the highest level of network security.

Echoing the feedback from Stonesoft’s customers across the globe, NSS Labs comments on the Stonesoft NGFW’s management capabilities in its recent report: “Stonesoft’s management interface was well designed and intuitive. For users of Stonesoft firewalls, there will not be much of a learning curve. Tuning and maintenance is simple and well thought out, keeping with the overall theme and ease of use.”

Stonesoft recently announced a new advancement in its NGFW/NGIPS capabilities with the introduction of the industry’s first transformable security engine. Depending on the user’s preference, the Stonesoft Security Engine can be easily transformed to function as seven different security product roles with user-defined security capabilities. The solution flexibly adapts to changes in threat and/or business environments.

For detailed information on NSS Labs’ Next Generation Group Test, please visit www.nsslabs.com.

To learn more about Stonesoft’s NGFW solutions, go to www.stonesoft.com or ngfw.stonesoft.com.

About NSS Labs, Inc.

NSS Labs, Inc. is the recognized leader in independent security research and testing.  We provide subscription-based security intelligence to enterprises worldwide. Our test-based research and expert analyses provide information technology professionals with the unbiased data they need to select and maintain complex security products for their organizations.

NSS Labs evaluates both network and endpoint security products, producing both individual Product Analysis Reports and group Comparative Analysis Reports. Group tests culminate in our exclusive Security Value Map™. Founded in 1991, the company is located in Austin, Texas. For more information, visit www.nsslabs.com.

Network security risks are serious business risks that require continuous reassessment and re-evaluation. As the business develops, any related data security risks will also evolve. At the same time hacking has also become more and more ingenious, often backed by organized crime.

The pain chain of a data security breach manifests itself in different forms throughout the company. While the IT expert is struggling to fix a security hole in the system, customer services are being inundated with calls and emails, sales freeze due to a confidence crisis, the business management is squirming in front of the management board and the communications department is fighting a non-stop battle to save what it left of the company’s reputation.

Not to mention what is going on in the head of the shareholder who is first and foremost interested in the return on his investment.

When a threat to network security actually becomes a breach, it will become a major problem across the entire organisation. And often this pain is reflected also outside the organization, including customers and business partners.

Network security technology must be able to meet organizations’ evolving business needs. In this respect, there are considerable differences between the various network security providers and solutions.

Today’s most significant data security solution trends relate to

• open interfaces, as different types of partnerships have become more common and companies have to allow their partners and customers increased access to their systems
• mobile solutions
• cloud services.

The number of sensitive interfaces in business operations has grown and continues to do so. While the company’s executive management is nurturing their strategy and its implementation, they should make sure that data security is integrated into strategic planning. In well managed companies, security topics should be on top of the executive management’s agenda.  Furthermore, the risks of cybercrime and their impact on everyone’s work should be communicated to the entire personnel clearly and on a regular basis.