READER TRUST AWARDS
Best Data Leakage Prevention (DLP) Solution
Products in this category include those that help organizations safeguard their intellectual property and customers’ critical data persistently – inside and outside the company. Network-based and endpoint data leakage prevention products will be considered. Products should prevent data from unauthorized exit from the network, or protect data on the endpoint – whether the endpoint is connected to a network or not. Products typically are policy-driven and should include scanning of all data, regardless of protocol or application leaving the network, and/or keep track of peripherals, such as removable storage and attached to the endpoint – reporting that inventory to a central location or administrator. All entrants should have the capability of being managed by a centralized administrator. Those products considered part of this category include: network DLP products, which are typically gateways; those products protecting only endpoints; and hybrid products that operate at both the gateway to the network and at the endpoint. Specifically for endpoint DLP, traffic should be monitored and encryption should be available.
- DeviceLock for DeviceLock Endpoint DLP Suite
- RSA, the security division of EMC, for RSA DLP
- Safetica Technologies for Safetica 5
- WatchDox for WatchDox
- Websense for Websense Data Security Suite
Best Risk/Policy Management Solution
These products measure, analyze and report risk, as well as, enforce and update configuration policies within the enterprise, including but not limited to network, encryption, software and hardware devices. Contenders’ products should offer a reporting format that covers the frameworks of multiple regulatory requirements, such as Sarbanes-Oxley, Gramm-Leach-Bliley and other Acts and industry regulations. As well, this feature should be network-centric, providing reporting to a central administrator and allowing for companies to centrally manage the product.
- McAfee for McAfee Real Time for ePolicy Orchestrator
- Rapid7 for Rapid7 ControlsInsight
- RSA, the security division of EMC, for RSA Archer
- SolarWinds for SolarWinds Network Configuration Manager
- Tripwire for Tripwire Enterprise Suite
Best Customer Service
Support and service of products and services sold are critical components of any contract. For many organizations that seek out help from information security vendors and service providers, the assistance they get from customer service representatives is crucial to the deployment, ongoing maintenance and successful running of the technologies they’ve bought and to which they have entrusted their businesses and sensitive data. For this new category, we’re looking for vendor and service providers that offer stellar support and service – the staff that fulfilled its contracts and maybe even goes a little beyond them to ensure that organizations and their businesses are safe and sound against the many threats launched by today’s savvy cyber criminals.
- Barracuda Networks for Barracuda Customer Service and Support
- DigiCert for DigiCert Customer Service
- IBM for IBM Security
- Qualys for Qualys
- Trustwave for Trustwave
Best Professional Certification Program
Programs are defined as professional industry groups offering certifications to IT security professionals wishing to receive educational experience and credentials. Entrants can include organizations in the industry granting certifications for the training and knowledge they provide.
- GIAC – Global Information Assurance Certification for GIAC Intrusion Analyst (GCIA)
- GIAC – Global Information Assurance Certification for GIAC Security Expert (GSE)
- Guidance Software for EnCase Certified Examiner (EnCE)
- Information System Audit and Control Association for Certified Information Systems Auditor (CISA)
- Information System Audit and Control Association for Certified Information Security Manager (CISM)
- (ISC)2 for CISSP
Best Professional Training Program
Programs are defined as those geared toward strengthening expertise of information security professionals via training, by an outside industry expert, on secure coding, end- user awareness and more. Entrants can include companies offering such training and which does not conclude with the winning of a particular professional certification.
- Guidance Software for Guidance Software EnCase Training
- InfoSec Institute for Information Security Boot Camps
- (ISC)2 for (ISC)2 Education Program
- Security University for SU’s Unique Holistic Q4 Credential Training Programs
- The SANS Institute for SANS Training