Starting with a goal several years ago to include more and varied products and services in our monthly Group Tests and First Looks, we established our U.S.-based testing team, which includes SC Lab staff and a network of external experts who are respected industrywide.
The diligence and commitment to excellence made by these staff and other members of our editorial team have made our Product Reviews one of the most well-read sections of our magazine and website. As a result, they remain the most objective, thorough and best in the industry.
In our Group Tests each month, we look at several products around a common theme based on a predetermined set of SC Labs standards (performance, ease of use, features, documentation, support, and value for money). There are roughly 50 individual criteria in the general test process. These criteria were developed by the SC Lab in cooperation with the Center for Regional and National Security at Eastern Michigan University.
We developed second sets of standards specifically for the groups under test and use the Common Criteria (ISO 1548) as a basis for the test plan. Group Test reviews focus on operational characteristics and are considered at evaluation assurance level (EAL) 1 (functionally tested) or, in some cases, EAL 2 (structurally tested) in Common Criteria-speak.
Our final conclusions and ratings are subject to the judgment and interpretation of the tester and are validated by Technology Editor Peter Stephenson. All reviews are vetted for consistency, correctness and completeness by Stephenson and his team prior to being submitted for publication. All prices quoted are in American dollars.
Additionally, each December we select the past year's Innovators, those companies that have shown sustained innovation and performance and have contributed materially to the growth of our industry.
As well in December, among the Innovators, we honor a few companies with induction into the SC Magazine Hall of Fame. This is reserved for our best of the best. That is not a simple or knee-jerk kind of decision, either. There are lots of organizations - large and small - that have cool products and, in fact, there are publications that address the "cool product" issue quite well. We, on the other hand, are concerned that, no matter how cool the product is, the company will be around in one form or another for quite a while.
The recipient needs to be a demonstrated innovator. That is not a one-year proposition. That means sustained performance. The company also needs to show depth. That means that not just the product or service is innovative, the organization itself must demonstrate an innovative approach to its business and the market. Third, the winners need to be responsive to real challenges, and those challenges need to be important over time to an identifiable segment of the market.
Finally, our Hall of Famers need to demonstrate in other ways - such as winning Best Buy, Recommended and other SC Magazine designations - that they have reached the level of excellence that belongs in the Hall of Fame and have sustained that level of excellence over time.
Each month, Peter Stephenson introduces the Product Section of SC Media. As many of our loyal readers likely are aware, Stephenson has worked with SC in some capacity for years.
In addition to overseeing SC Media's reviews and writing the "Threat Hunter" blog, Stephenson also is a researcher and author. His areas of expertise include information assurance and risk, information warfare, counter-terrorism, cyber criminology, cyber jurisprudence, and digital investigation and forensics. He has taught information assurance, network attack and defense, digital forensics and cyber investigation on both the graduate and undergraduate levels.He started his 50+ year career as a U.S. Navy cryptographer, then moved into the private sector where he operated his own information security consulting practice for some 20 years. Navigating the industry and his career with aplomb, he then became director of technology for the global security practice of Netigy Corporation and was, until July 2003, the director of technology and a research coordinator for QinetiQ Trusted Information Management, a large international information security professional and managed services company. He holds a doctorate in digital investigation and is pursuing a second PhD in law. He holds the CISSP (retired) designation from (ISC)2 and retired as a Fellow of the American Academy of Forensic Sciences.
In short, Stephenson knows a thing or two about IT security.
Peter is aided by Judy Traub, SC Labs analyst, who oversees pre/post product review process with lab staff, security vendors and service providers. Judy is a technical professional with experience and educational background in networking, communications technology, computer information systems, and information technology for Homeland (Cyber) Security and compliance.
She has worked for companies such as HP, MCI, SBC, and AT&T in the areas of project, team and resource management, client relationship management, and communication services consulting. As a business manager with AT&T, Judy received national recognition for her individual and team contribution to the financial success and overall customer satisfaction within the Midwest region.
In 2006, she returned to the small business sector joining CDFS Lab in the role of project manager with a focus on information security product testing, specifically managing project constraints, stakeholder relationships, deliverables development and distribution, quality and risk management, and crises resolution. In addition to her project management role with CDFS and SC Labs, Judy is also an active member of Project Management Institute and PMI Troubled Projects Community of Practice, providing new ideas to resolve and/or avoid troubled project situations.