One brand, one Web site! DM Review is now the home of all the content you're used to at BIReview.com and much more. If you are registered at BIReview.com, you're already registered at DM Review. If not, take just a moment to sign up for all the free services we have for you at the new DMReview.com.
Security
Leveraging Intelligent Resources
Octave
This white paper is about OCTAVE, a risk based strategic assessment and planning technique for security.
Marion
This white paper discusses the Méthode d’Analyse des Risques Informatiques Orientée par Niveaux (MARION), the computing risk analysis method guided by levels, an audit method of French origin, last updated in 1998.
Analysis of Business Driven Metrics: Measuring for Security Value
This white paper is about the review and implementation of security within organizations and current practices for generating and communicating metrics.
Don't Get Hacked
This white paper describes advantages of using Open Source vulnerability analysis tools to protect your Internet facing servers, While acknowledging that vulnerability analysis is only a part of the solution to securing your server, it is clear that a reliable ongoing vulnerability analysis is a step in the right direction.
SOX: Sarbanes-Oxley Act
This white paper is about information security and the Sarbanes-Oxley Act.
The Key for Managing IT Services
This white paper is about the information technology infrastructure library (ITIL), a framework of best practices used to manage IT operations and services.
PCI DSS made easy
This white paper examines the requirements to adhere to the Payment Card Industry Data Security Standard (PCI DSS), the implications of non-compliance and how effective event log management and network vulnerability management can help achieve compliance.
Mehari
This white paper is about, information security method, Mehari.
ISO 17799: Code of Practice for Information Security
This white paper is about information security in relationship to ISO 17799, a guide of good practices for information security management. This standard defines objectives and recommendations. Its ambition is to answer global information security concerns in regards to the organization's total activities.
COBIT: Control Objectives for Iinformation and Related Technology
This white paper is about control objectives for information and related technology (COBIT), a set of best practices (framework) for information technology (IT) management created by the Information Systems Audit and Control Association (ISACA), and the IT Governance Institute (ITGI) in 1992.
Entensys Corporation - UserGate 4.1 Internet Security Server
This white paper describes the need for and use of the UserGate 4.1 security server.
Email Archiving: Do You Really Need To Archieve Everything?
This white paper addresses email archiving-how and what should be archived.
How to Improve Business Results through Secure Single Sign On to SAP
This paper is about full disk encryption (FDE) and recent advances that have enabled the use of hardware-based encryption, eliminating the need to use valuable CPU time for encryption, increasing performance and maximizing security.
Achieve and Maintain Compliance with the Payment Card Industry (PCI) Data Security Standard
This white paper is abut PCI compliance.
A Strategic Approach to Gramma-Leach-Bliley Act Compliance
This white paper is about the Gramm-Leach-Bliley Act(GLBA). It outlines a strategic approach to compliance.
Achieve and Maintain PCI Compliance - Part 4
This paper is about the Payment Card Industry Data Security Standard (PCI), a standard intended to protect cardholder data wherever it resides or is transmitted. It requires that merchants and service providers that store, process or transmit cardholder data meet specific security requirements. (Requirements 10 to 12)
Achieve and Maintain PCI Compliance - Part 3
This paper is about the Payment Card Industry Data Security Standard (PCI), a standard intended to protect cardholder data wherever it resides or is transmitted. It requires that merchants and service providers that store, process or transmit cardholder data meet specific security requirements. (Requirements 6 to 9)
Achieve and Maintain PCI Compliance - Part 2
This paper is about the Payment Card Industry Data Security Standard (PCI), a standard intended to protect cardholder data wherever it resides or is transmitted. It requires that merchants and service providers that store, process or transmit cardholder data meet specific security requirements. (Requirements 1 to 4)
A Distributed Firewall Appliance
Conventional Firewalls protect network entry points and are defining for a long time the outer network security perimeter. However the increasing need for computational power and the networking trends for increasing connectivity and higher bandwidth threatens this architecture to become obsolete in near future. This paper will describe the design and implementation of a distributed Firewall using iptables, ipf and netscreen and try to resolve a real world security problem for a large infrastructure of more than 250 servers.
Believe in a higher level of IT Security
Protecting Digital Assets - Full Disk Encryption White Paper
Data Security is Less Expensive Than Your Next Liability Lawsuit: Best Practices in Application Data Security
This whitepaper focuses on the challenges of database security for Oracle applications and provides an overview of common security mechanisms you can use to ensure your database security is not compromised.
Developments in High-Risk Entity Screening
Developments in High-Risk Entity Screening and new AML screening product trends are shaping the future of high-risk entity screening.
Lifecycle Data Protection Renews Server-Based Computing Appeal
Read this white paper and learn why server-based computing (SBC) is recommended for data protection.
Phishing Special Report: What We Can Expect for 2007
This white paper examines several trends in online fraud including the number of phishing attacks and brands attacked over a 12-month period, attacks by the size of financial institutions, and the hosting methods used to conduct phishing attacks.
No Time For Declarations Of Victory: Protecting Customers Beyond Compliance Deadlines
This white paper presents an overview of the survey results as well as solutions and recommendations for keeping security at the forefront of strategic initiatives, even beyond compliance deadlines.
From Traditional Antivirus to Collective Intelligence
This paper presents the fourth generation of security technologies by Panda Security, called Collective Intelligence. The Collective Intelligence allows us to maximize our malware detection capacity while at the same time minimizing the resource and bandwidth consumption of protected systems.
Six Ways to Strengthen your Existing Security Infrastructure
To mitigate risk and manage security, organizations must be able to measure the effectiveness of the people, policies, processes and products securing applications and data. By gaining transparency into risk and security status with rapid, flexible security assessments, organizations can rapidly improve risk management. Assessments should deliver a risk-relevant view of the IT infrastructure, enabling you to track progress towards policy compliance targets. This white paper describes a new technology for conducting rapid, flexible assessments.
Protecting Microsoft Exchange
While it was once a convenient way for employees to communicate internally, today email systems like Microsoft Exchange are tightly integrated with other business applications and are one of the primary methods for communicating with current and prospective customers. Protecting Exchange against costly downtime has become a top priority for more IT departments. So how do you ensure that your Exchange environment is always protected? When recoverability matters, depend on Double-Take Software to protect and recover business-critical data and applications.
