November 2008 19 11 Issue of SCMagazine

November 2008 19 11 Issue of SCMagazine



Pondering IT security basics

There are IT security fundamentals that just can't be underestimated, says Illena Armstrong.

Threat of the month

2 minutes on

Nation's first encryption law

For the first time in the United States, a law specifies that encryption be used for the transmission of any electronic data.


Enterprise-wide encryption

The introduction disclosure obligations is having an impact on the adoption of encryption across the enterprise, says Richard Moulds, Thales Group.

Business and web security

Identify all data that has value to your business, says Monte Robertson, Software Security Solutions.

CSO's desk

A standard for payment security

Rob Tourt, chair of the PCI Security Standards Council, outlines developments on PCI DSS requirements.


View from the top

The SC Magazine/CompTIA CEO survey shows stakeholders are trying to get a handle on risk management, reports Illena Armstrong.

Head in the clouds: Cloud computing security issues

The latest craze in cloud computing shows great promise, but it is introducing a host of new security issues, reports Deb Radcliff.

Power surge: SCADA industry must prep for attacks

Operators of the nation's critical infrastructure can no longer afford to be complacent, and NERC is making sure of this, reports Dan Kaplan.

Q&A with Karen Evans

A keynote speaker at the upcoming SC World Congress, Karen Evans, OMB, discusses the latest federal initiatives in cybersecurity.

Product opener

More ways to manage access to data

We have been discussing products that help manage access to data over some of our past Group Tests and this month we're back at it. ...

Product Reviews

GTB Technologies Inspector

The GTB Inspector is an appliance which, while heavy, provides numerous features.

Identity Finder Enterprise Edition

Two hundred and seventy-eight pages. That’s the length of the Identity Finder Enterprise Edition documentation. It is easy to see that this needs to be ...

Intelligent Wave CWAT

Like many products in this group review, the CWAT (Cybercrime, Warning, Alert, Termination) product takes a modular approach to data leakage prevention. CWAT consists of ...

NextLabs Enterprise DLP

NextLabs DLP is an interesting software-based offering. While most data leakage prevention products use a primary server to stem the tide of sensitive information from ...

Symantec Vontu

The Symantec offering is the most complex product in this Group Test review.

Trend Micro LeakProof

Trend Micro LeakProof is an all-in-one appliance that comes with everything preloaded. All the admin needs to do is configure the device.

AdventNet ManageEngine

The AdventNet Manage-Engine Password Manager Pro provides a complete system for password management in one simple web-based package. This product includes features which allow for ...

Cyber-Ark Software Enterprise Password Vault

The Cyber-Ark Enterprise Password Vault, or EPV, is a high-end password management powerhouse. This product helps administrators manage privi­leged account passwords across several major platforms ...

Hitachi ID Systems ID-Archive

The Hitachi ID-Archive sets its focus on password randomization. With this product, administrators can set up password randomization for sensi­tive and privileged accounts on workstations ...

Lieberman Software Enterprise Random Password Manager

The Lieberman Software Enterprise Random Pass­word Manager is a full-on password manager and randomiz­er for local and domain accounts throughout the enterprise. With little effort ...

Proginet Corporation SecurForce

Proginet SecurForce is a little bit of a horse of a different color for this month’s Group Test. It focuses more on managing passwords from ...

Siber Systems RoboForm Enterprise

On the surface, RoboForm Enterprise starts out looking like a single sign-on product, but that is just on the surface. This product allows administrators to ...

Symark International PowerKeeper

The Symark PowerKeeper is a hardened appliance. It comes with a sealed operating system that provides a secure privileged account access management process to replace ...

Thycotic Software Secret Server

The Thycotic Secret Server integrates into the exiting environment to manage and control access to critical privileged passwords using a cen­tral web-based repository. With this ...

Symark International PowerBroker

The Symark PowerBroker is a policy-driven, privileged access control application that provides granular account access delegation, detailed logging and reporting, and centralized administration across heterogeneous ...

First Look

Bradford Networks NAC Director Guest Contractor Services

Most NAC products require enough administration that managing transient users often is more trouble than it’s worth.

Last Word

A few thoughts on data protection

It is time for us as a community to look for alternative solutions to data protection, says Chenxi Wang.



Send your comments, praise or criticisms to We reserve the right to edit letters.


Sign up to our newsletters