Archive for December, 2009
Secure and Enable the New Internet
Posted by actiance in Application Filtering, Compliance, Enterprise 2.0, New Internet, Web 2.0, Web Security on December 7, 2009
Last month we announced that Check
Point Software Technologies had purchased our application database for use in
their products. According to Check Point, this technology will “… provide
businesses unparalleled granular control over application usage and enable
security administrators to prevent threats associated with the use of certain
Internet applications. Check Point will offer this new level of security
controls as a Software Blade that will be available for all gateways.” (read their
release here: )
This deal reaffirms our leadership
in the Web 2.0 security space. More importantly, it highlights the growing need
for network solutions that provide visibility and control at the application
level not just at the port & protocol level. Check Point sees this need and
will use our database to provide application level control. Application level
control will become the price of entry in the Firewall
market.
But beyond visibility and control,
what enterprises are asking for is “enablement”.
- How do I allow access to Facebook or
LinkedIn and stay in compliance with FINRA or FERC or HIPAA or PCI or [insert
your favorite regulation here]?
- How do I allow access to YouTube
videos but not the inappropriate stuff?
- How do I allow access to blogs and
wikis and webmail but ensure that confidential information if not getting
posted?
Our customers realize they can’t
block access to the New Internet
- they must enable it.
Which is why our mission statement
reads “Secure & ENABLE the New Internet”
How are you and your organization enabling the new Internet? What tools and applications do you need to secure to effectively enable your team?
Yesterday’s solution doesn’t address today’s issues
Posted by actiance in Compliance, Enterprise 2.0, Enterprise IM, New Internet, Public IM, Social Networking, Unified Communications, Web 2.0 on December 2, 2009
Normal
0
false
false
false
MicrosoftInternetExplorer4
/* Style Definitions */
table.MsoNormalTable
{mso-style-name:”Table Normal”;
mso-tstyle-rowband-size:0;
mso-tstyle-colband-size:0;
mso-style-noshow:yes;
mso-style-parent:”";
mso-padding-alt:0cm 5.4pt 0cm 5.4pt;
mso-para-margin:0cm;
mso-para-margin-bottom:.0001pt;
mso-pagination:widow-orphan;
font-size:10.0pt;
font-family:”Times New Roman”;
mso-ansi-language:#0400;
mso-fareast-language:#0400;
mso-bidi-language:#0400;}
Today’s guest blogger is Eric Young. Eric is FaceTime’s Sr,
Director of Field Services, and works with FaceTime customers to
implement leading edge security and compliance solutions for Unified
Communications and Web 2.0. Eric’s
worldwide role gives him an insight into the global requirements of
organizations implementing real time communications technologies to enable
their businesses and works closely with our product team to ensure that
FaceTime solutions remain at the forefront of the industry.
Yesterday’s solution doesn’t address today’s issues.
I was onsite with a customer
recently completing our fifth competitive replacement within the Fortune
400 in the past 6 months. As the customer was detailing all of the
requirements the previous solution did not satisfy, it made me wonder, how are
other customers of these competitors feeling they are operating in a compliant
fashion?
If you, as a compliance officer
or legal counsel, cannot make sense of a group chat conversation,
cannot actually view the content of a blocked message, or can’t see what
folks are trying to post to a social networking site; how can you
possibly defend your organization from SEC fines or from a
lawsuit in a court of law?
Security
technologies evolve quickly, especially in the area of real-time communications
- but the adoption of tools like Unified Communications, Instant Messaging and
social media has grown exponentially – in many cases even without the knowledge
of either IT or compliance.
Regulation
and compliance changes too, with the times.
Most recently I’ve seen FINRA starting to address the issue of social
media and issuing guidelines to member organizations and individuals on how
usage should be treated.
We all understand there is a big
difference between “logging” and “being compliant” but
knowing there are still some banks and other highly regulated companies using these
legacy solutions that were designed for technology of a few years back, it begs
the questions: What are the minimum requirements for security and
compliance for Unified Communications, Instant Messaging and Social Media?
And,
what are you doing about dealing with emerging technology?
