Helping Financial Services Organizations Gain Visibility on Endpoints and Compliance
In this BankInfoSecurity interview with Matt Mosher, SVP of Americas for Lumension, learn about endpoint security challenges such as data protection and vulnerability management, and how Lumension delivers solutions to address these issues while enabling regulatory compliance. In today’s security landscape, financial organizations must have visibility and control of their endpoints in order to be compliant. Lumension helps financial organizations achieve this visibility and control by:
- Providing automated tools to assess and remediate software and configuration vulnerabilities
- Continuously monitoring and reporting on the status of your environment
- Controlling the inbound and outbound flow of data through the use of removable devices
Click here to download it now »
Application Security Whitelisting: Keep the Bad Guys Out - Let the Good Guys In
In this BankInfoSecurity interview, Brent Rickles, Senior Vice President of First National Bank of Bosque County, discusses his whitelisting approach to protecting their systems from potential unknown threats. Whitelisting grants access to only the approved individuals or applications, eliminating their concern of the unknown variables. Hear how their organization took a stance to become proactive in their security measures by implementing Lumension Endpoint Protection. By listening to this podcast you will:
- Understand what traditional security issues are faced with applications and the Web
- Learn how to manage known & unknown applications
- Find out why implementing multiple layers of protection is beneficial
- Discover the benefits of flexibility in managing authorized program
Click here to download it now »
Cutting the Cost of Compliance
Organizations of all sizes and from all industries face many evolving regulations governing information protection as well as implementing proper internal controls. These standards require the enforcement, monitoring and auditing of specific security measures and processes to help protect intellectual property while proving compliance. The cost of proving compliance can be quite expensive if not automated to the highest extent possible.
In this podcast interview with Dee Liebenstein, Senior Director of Product Management with Lumension, listeners will learn:
- The biggest compliance challenges that organizations face today
- How to address these challenges and to effectively map controls to regulatory or policy requirements
- What solutions are available for IT Managers and security professionals improve their security compliance initiatives
- How these solutions help reduce the cost of compliance
Click here to download it now »
Patch Management 2.0: More Than Just Security Patches
As the window of time between vulnerabilities discovered and exploits launched continues to shrink, the biggest challenge for many organizations is remediating these before an exploit occurs. This is why patch management has evolved from simple security fixes to more of a vulnerability management lifecycle. In this podcast, listeners will learn:
- Why organizations need to look beyond security patches for their traditional remediation activities
- How patching solutions discover what applications and operating systems are in your environment
- How organizations can determine which patches actually fix and security hole
- "Patching Best Practices"
Click here to download it now »
Endpoint Security Best Practices for Complying with FDCC Standards
As of February 1, 2008, all federal agencies have to comply with Federal Desktop Core Configuration (FDCC), which is mandated by the U.S. Office of Management and Budget, specifically as OMB Mandate 07-11. The mandate requires all federal agencies running Windows XP and Vista to standardize their desktop and laptop configurations as outlined in the FDCC.
In this podcast we will learn what the FDCC is, why agencies need to comply with the standard, and how Lumension is uniquely positioned to help agencies improve their compliance posture and lower operational and support costs by securing and standardizing security configurations.
Click here to download it now »
How to Enforce an Always-on Security Posture
In this podcast, Shiseido’s Executive Director of IT, Anthony Sica discusses how to stay out in front of security threats with automated vulnerability management. Get first hand insight into how Shiseido, one of the largest cosmetics companies in the world, improved their overall security and global compliance initiatives while also reducing costs. By utilizing Lumension Vulnerability Management Solution, Shiseido’s ROI was achieved within 3 months – freeing up resources to focus on other business-critical activities. In addition, Sica discusses:
- The value of automating the vulnerability assessment and patch management process
- How vulnerability management helps address regulatory compliance challenges
- The importance of having visibility into your enterprise environment
- How vulnerability management improves productivity of IT operations as well as their end users
Click here to download it now »
How to Reduce Your Attack Surface: A Look at Conficker Worm
This podcast examines the IT security headache known as Conficker, also known as Downup, Downadup and Kido. Conficker is a computer worm targeting the Windows operating system - first detected in October of last year. This stealth worm exploits a vulnerability in the network stack of several versions of Windows and it has been difficult for the industry to counter because of its combined use of advanced malware techniques. Learn how Conficker works and the key recommendations to reduce your attack surface from Conficker and other threats.
Click here to download it now »
The Critical Security Controls – Moving Beyond the Checklist Mentality
The “Critical Security Controls” (CSC) guidelines (previously known as the “Consensus Audit Guidelines,” or CAG) are designed to help organizations move beyond a “checklist” mentality by making security an integral part of, instead of an adjunct to, the operations and management of systems and networks. Based on known “real world” attack vectors, it helps organizations by prioritizing IT security expenditures so they get the most value from their IT security spend. Though the initial framework was focused on federal agencies, the CSC might impact organizations beyond just US governmental agencies. Since 85% of the critical public infrastructure (think communications, power, transportation, financial and more) are in private hands, the notions suggested in CSC are expected to force their way into those arenas (via, for instance, NERC and CFATS). The CSC consists of 20 Critical Controls; the first 15 of these should be automatically measured and validated, while the last five cannot be automatically assessed with today’s technology. These 20 controls are made up of 142 different implementation guidelines.
Click here to download it now »
Getting Back to the Basics of Compliance and Risk Management
In today’s growing IT world, organizations continue to be plagued with increasing regulations from government, industry and even internal compliance regulations and policies. They are further challenged by the complexities and costs associated with demonstrating compliance and managing levels of risks in their environments. According to the IT Policy Compliance Group, a typical organization can spend 30-50% on compliance and IT risk policy management and there are increased pressures driving organizations to cut costs while also trying to keep pace with the growing number of compliance mandates.
This Lumension audiocast will examine:
- Top compliance and IT risk management challenges organizations face today
- Key components organizations should look for in evaluating an IT compliance and risk management solution
- Recommendations for companies to keep compliance costs down and mapping against their compliance needs
Click here to download it now »