Network
Access Control Technologies
By Richard Langston
Contributed by Sygate Technologies, Inc.
Today, businesses must face the very real threat of
their systems being compromised by misuse, misconfiguration and malicious
access. In fact, Gartner estimates that 20 percent of managed systems are
already compromised. Add to that their estimate that 20 percent of systems on
corporate networks are entirely unmanaged and it becomes clear that most
enterprises are vulnerable to loss of productivity, leakage of confidential
information, and other expensive (and potentially embarrassing) abuse.
HIPAA - Final
Security Rule
Information Security Reference Guide
Author: Gary Swindon
Contributed by Sygate Technologies, Inc.
The HIPAA Final Security Rule is divided into three
broad categories of safeguards; administrative,
physical, and technical and contains 42 security
specifications. This reference guide lists the
requirements of the Final Security Rule in point
format with the action that needs to be taken in
order to achieve compliance for Healthcare
Operations by April 21, 2005, the final compliance
date. More to the point it provides explanations
for each specification in plain English.
Metric of
Network Integrity
Author: Kevin Soo Hoo
Contributed by Sygate Technologies, Inc.
The recent spate of network worms has focused
attention, once again, upon information security, particularly network security.
After more than a quarter century of corporate computing, business managers and
technologists alike can do little more to articulate the state of their network
security than give qualitative descriptions of their "gut feel" about it. Why is
this the case? Certainly, the lack of concrete metrics may confer a certain
degree of job security for some, but they, alone, cannot account fully for the
absence. A more plausible root cause may rest in the fast pace of innovation in
network technology and the inherent difficulties associated with measuring
security itself.
Examining
the Sarbanes-Oxley Act
Author: Robert P. Abbott
Contributed by Sygate Technologies, Inc.
This paper briefly describes sections of the
Sarbanes-Oxley Act (SOX)1 that are relevant to Information Technology (IT). The
subjects of Controls and Control Objectives are introduced enroute to
identifying the properties of Sygate products beneficial to complying with SOX.
The bulk of the paper identifies specific control objectives wherein Sygate
products provide audit evidence of compliance. A number of control objectives
are also put forth as state-of-the-art contributions to the overall need for IT
controls and for the automated monitoring of those controls.