Security Group Tests

Legislation at the state and federal level seems to be favouring encryption mandates for businesses that have a strong need to protect sensitive data. The use of biometric authentication covers a lot of territory, but we saw a lot less breadth this year than last. Recently a colleague told me of an organisation that was abandoning its tape back-up system and was distributing USB drives instead. The environments in which we all work have become more complicated as the years have passed, and one of the outcomes is that they are far more difficult to test for vulnerabilities. As most of my readers know, convergence is a bit of a soapbox for me, both pro and con. Regardless of what I think of the convergences in a particular product group, it is what it is. In the broad category of the security issues surrounding email, however, I tend to be more pro than con.
This is a multi-faceted area, and combining several single-function tools with more general solutions may be the best way to cover all bases. Peter Stephenson looks at a growing market Computer forensics tools have evolved into several specialised strands as data is stored on a wider variety of devices, from PCs to mobile phones and PDAs. Justin Peltier reports Tools that assess the vulnerability of the application infrastructure are gaining momentum thanks to ever increasing threats and compliance demands. Nathan Ouelette takes a closer look Contrary to expectations, this category is far from extinct, but the market is certainly characterised by a much smaller product choice compared to previous years. By Peter Stephenson Unified threat management has come a long way since the cobbled-together devices of the early days. Economy, security and ease of use characterise today's offerings. Peter Stephenson reports Being almost immune to blocking has given these solutions the edge over their IPSec-based counterparts when it comes to providing secure access for remote workers. Justin Peltier reports From fingerprint scanning to facial recognition, these solutions provide high-security access control to networks, PCs and buildings. Will passwords soon be a thing of the past? By Peter Stephenson Corporate needs driven by regulatory necessity and incident management are beginning to call the shots in the forensic arena, reports Peter Stephenson. Unraveling the confusion about wireless standards is no mean feat. Justin Peltier takes a look at the latest crop of products in the field of wireless security management. A variety of new USB products have a level of sophistication in what can be managed and what data is allowed on the managed endpoints, says Peter Stephenson. The UTM group, with a lot of anti-malware functionality, is maturing rapidly and taking market share from multipurpose products, but there is good news and bad news, says Peter Stephenson With more and more laptops connecting to enterprise networks, two-factor authentication provides greater assurance that the user on the connection is authorized, says Justin Peltier. For testing products connecting to the web, we needed to scan beyond the depth of a traditional network vulnerability assessment utility, says Justin Peltier. There are fewer real IDS/IPS products in the market as functionality continues to move toward universal threat management, but there are still some very good products, says Peter Stephenson. Encryption and disposal are key to keeping your messages safe, even if some vendors have other ideas. Peter Stephenson rounds up the enterprise solutions that met his criteria.