Monday, February 28, 2005

CA Stakes Another Mainframe Security Claim

CA on Tuesday will announce a new security framework for the mainframe that is designed to tie together the various aspects of identity, authentication and authorization in a standards-based architecture.

2/28/2005 08:04:00 PM  

NIST releases final security guidelines | CNET News.com

A final version of security guidelines designed to protect federal computer systems and the information they hold was released Monday by the National Institute of Standards and Technology.

2/28/2005 08:00:00 PM  

Extending Identity Management's Realm

With the security benefits and administrative efficiencies of user identity management coming into focus for IT leaders, some experts say those same benefits can be extended to routers, switches, applications, Web services and devices by creating a common interoperable identity model for other nodes on a network.

2/28/2005 07:57:00 PM  

BearingPoint Launches New Customer Identity Management Practice to Help Companies to 'Know Your Customer' While Tightening Security and Privacy

BearingPoint, Inc. (NYSE: BE - News), one of the world's largest business consulting and systems integration firms, today announced that it will begin offering Customer Identity Management (CIM) services, a new convergence of Customer Relationship Management (CRM), Identity Management and Risk Management, to help companies gain more information about their customers and at the same time keep their information private and secure.

2/28/2005 11:11:00 AM  

Hackers are real-time. Are you?

To meet the SOX general IT security requirements, organizations need to deploy multiple security point solutions such as firewalls, intrusion detection systems, anti-virus systems and others. See here for an article discussing Security Information Management Solutions.

2/28/2005 11:08:00 AM  

Five Things Every CSO Needs to Know About the Chief Privacy Officer

1. The CPO's history parallels the CSO's own emergence.
2. The CPO role is as much about business as privacy.
3. In the data world, security and privacy go hand in hand.
4. Outside of the data world, security and privacy are tough to reconcile.
5. Security and privacy executives will depend upon each other for success.

Covery story on CSOOnline.

2/28/2005 11:05:00 AM  

New Hyperion Dashboard First to Deliver Data Visibility for Sustainable Compliance

Hyperion (Nasdaq:HYSL), the global leader in Business Performance Management software, today announced the launch of Hyperion Compliance Management Dashboard, the first solution to marry internal controls data, such as those defined by COSO, with financial data. As a result, finance officers are now able to gain visibility into their companies' Sarbanes-Oxley compliance status and potential risk exposures, improving reporting accuracy and confidence in financial statements and disclosures moving forward.

2/28/2005 07:09:00 AM  

Korea emerges as e-government leader

At the end of 2004, the Korean government heard the good news from the United Nations that its status as an electronic government had jumped to fifth place from 13th in 2003.
"The Korean central services portal (http://www.egov.go.kr)... is definitely one of the world leaders in tightly integrating online government services," the U.N. report said.

2/28/2005 07:06:00 AM  

Saturday, February 26, 2005

US bank 'loses' customer details

The Bank of America has revealed it has lost computer tapes containing account details of more than one million customers who are US federal employees.

2/26/2005 06:33:00 PM  

Friday, February 25, 2005

Archer Wins SC Magazine's Award for Best Security Solution for Financial Services

Archer Technologies (Archer), a recognized leader in delivering enterprise security solutions, announced today that it has been awarded the US Excellence Award for Best Security Solution for Financial Services in SC Magazine's prestigious Global Awards.

2/25/2005 06:15:00 AM  

Information Security Forum Announces New Standard Of Good Practice

The ISF 2005 Standard of Good Practice pays particular attention to current hot issues such as secure instant messaging, web server security, patch management and virus protection as well as important and changing areas of information security including information risk management, outsourcing, privacy and the disappearance of the network boundary. See here for details.

2/25/2005 06:13:00 AM  

Microsoft Promises To Ease Security Concerns

"There's only really one thing that could stand in the way of realizing the full potential of digital infrastructure, and that's security threats: We have to make sure they are kept to a minimum," Microsoft's Bill Gates told delegates at the RSA Conference.

2/25/2005 06:10:00 AM  

Wednesday, February 23, 2005

Sourcefire Recognized for Best Intrusion Solution By SC Magazine

SC Global Awards 2005 Adds to the Growing Accolades for Open Source Snort(R), the Most Widely Adopted Intrusion Detection and Prevention Technology in the Industry. See Sourcefire site.

2/23/2005 10:19:00 AM  

New free Data Security and Encryption guide from Intelligent Output Solutions

Intelligent Output Solutions explain how to make your data secure, reduce the costs associated with traditional PKI encryption and calculate your security budget with an easy-to-digest and free 14-page guide. The new guide to Data Security is available directly from Intelligent Output Solutions by visiting http://www.ioutput.com/data_security.htm or by emailing e-mail protected from spam bots.

2/23/2005 10:14:00 AM  

Tuesday, February 22, 2005

MarkMonitor Unveils Identity Tracker(TM) to Help Corporations Investigate and Stop Online Fraud

MarkMonitor, the leader in online Corporate Identity Management, today announced its new Identity Tracker system to help companies protect their reputation and brand investment from online fraud, while safeguarding their customers from gray market goods and financial loss.

2/22/2005 10:07:00 AM  

Three Security Imperatives For 2005

IT Analysis has an article on the three most important security challenges that the industry should address in 2005.

2/22/2005 10:04:00 AM  

Monday, February 21, 2005

Actuate launches compliance product

Actuate Corporation has launched its Actuate Financial Performance Management (FPM) solution to help firms comply with financial regulations such as Sarbanes-Oxley. Sun and PricewaterhouseCoopers also made similar announcements.

2/21/2005 10:37:00 AM  

Thursday, February 17, 2005

Single Sign-On Off The Drawing Board

Single sign-on is finally moving from theory to practice in the commercial world, thanks to the growing adoption of the Security Assertion Markup Language (SAML 2.0) specification, a key protocol for secure digital identity management within Web-based transactions. Details.

2/17/2005 05:07:00 PM  

Vendors emphasize simplicity in e-mail security

Regulatory requirements for both the private sector and government mandate that sensitive information be protected and communications documented, creating a market for new e-mail encryption products and services. See here for details.

2/17/2005 04:54:00 PM  

Tuesday, February 15, 2005

VeriSign Introduces New Strong Authentication Capabilities and Competitive Token Upgrade Program

VeriSign, Inc. ( Nasdaq: VRSN ), the leading provider of intelligent infrastructure services for the Internet and telecommunications networks, today announced a series of next-generation tokens as well as new services and programs designed to further drive industry-wide adoption of strong authentication.

2/15/2005 11:15:00 AM  

Adobe Showcases Advancements in Document Security at RSA Conference 2005

Document Security from the experts in Document Mangement.

2/15/2005 11:12:00 AM  

Monday, February 14, 2005

Gemplus Launches Smart Identity Management Systems for North American Businesses

Gemplus International S.A., the world's leading provider of smart card solutions, today announces the launches of SafesITe Enterprise and SafesITe Corporate, two new smart identity management systems tailored to meet the needs of large enterprises and growing corporations based in North America.

2/14/2005 03:17:00 PM  

CA Extends Leadership in Identity and Access Management With eTrust IAM Suite r8

Computer Associates International, Inc. (NYSE: CA - News) is extending its leadership of the worldwide identity and access management (IAM) market with the delivery of eTrust Identity and Access Management r8 Suite, a complete set of integrated, modular IAM solutions.

2/14/2005 03:15:00 PM  

GeoTrust Launches GeoRoot

GeoTrust, Inc., a leader in identity verification solutions for e-business and the world's second largest issuer of SSL (secure sockets layer) certificates for web security, today announced the availability of GeoRoot(TM), an enterprise solution that allows organizations to chain their internally issued digital certificates to GeoTrust's publicly recognized roots.

2/14/2005 03:14:00 PM  

Friday, February 11, 2005

Liberty Alliance beefs up web service security

The Liberty Alliance today unveiled the public draft release of its second-generation framework for identity-based web services, dubbed ID-WSF 2.0.

2/11/2005 11:35:00 AM  

Thursday, February 10, 2005

PharmaLive: Identrus and SAFE-BioPharma, LLC Announce Agreement to Collaborate on Interoperability and Marketing

Identrus(TM), a global provider of trusted identity solutions, and SAFE-BioPharma, LLC, an organization dedicated to managing an electronic signature standard for worldwide use by the biopharmaceutical industry, today announced that the companies have reached an agreement under which SAFE (Secure Access for Everyone) and Identrus will collaborate to assure interoperability of digital credentials issued by SAFE Members and by Identrus Participants accredited by SAFE, and Identrus will exclusively market implementations of the SAFE Standard outside the biopharmaceutical industry.

2/10/2005 02:56:00 PM  

HSPD-12, ePassports Headline Smart Card Alliance 4th Annual Smart Cards in eGovernment Conference

Homeland Security Presidential Directive 12 (HSPD-12) and chip-enabled U.S. passports headline the agenda at the Smart Card Alliance 4th Annual Smart Cards in eGovernment Conference and Exhibition on March 9th through 11th, 2005 at the Renaissance Hotel in Washington, D.C.

2/10/2005 02:54:00 PM  

Wednesday, February 09, 2005

nCipher tailors HSM to suit BACS

IT cryptographic vendor nCipher has put out a version of its payShield hardware security module molded to suit the specific requirements of automated payment services run by BACS Payment Schemes.

2/09/2005 11:26:00 AM  

Tuesday, February 08, 2005

Ingersoll-Rand Deploys Oblix COREid to Secure and Simplify Access to Integrated Dealer Portal

Oblix, a leading developer of identity-based security solutions, today announced that Ingersoll-Rand (IR), a leading diversified industrial firm, has deployed Oblix COREid to secure its dealer portal that enables thousands of its dealers to access hundreds of IR products across multiple product lines from a central location, giving them a single sign-on across their applications leveraging different technologies.

2/08/2005 10:10:00 AM  

Monday, February 07, 2005

Electronic Authentication Partnership Elects First Board

The Electronic Authentication Partnership (EAP) has announced the election of its first board of directors. The EAP promotes interoperability among public and private online authentication systems. See Scott's blog for details.

Glad to see Khaja Ahmed from Microsoft. He hired me into the areas of Security and Identity Management when he was the CTO of Identrus. Also, Jane Hennessy was on board of Identrus where I worked before I started consulting.

2/07/2005 04:10:00 PM  

SafeNet Luna Cryptographic Platform Enters Common Criteria and SigG Evaluation Process

SafeNet is First to Join Common Criteria and SigG for Identity Management HSMs; Serves Critical Markets with High Assurance Capabilities.

2/07/2005 12:07:00 PM  

NIST moves to stronger hashing

Federal agencies have been put on notice that National Institute of Standards and Technology officials plan to phase out a widely used cryptographic hash function known as SHA-1 in favor of larger and stronger hash functions such as SHA-256 and SHA-512.

2/07/2005 12:04:00 PM  

US Department of Defense PKI Program Management Office Selects Tumbleweed Validation Authority for Worldwide Deployment

Tumbleweed Valicert Validation Authority One of Two Highest Ranked Digital Certificate Validation Solutions by Independent Evaluation and Selected by DoD PKI PMO for 1.3 Million User Global Deployment.

2/07/2005 12:02:00 PM  

Wednesday, February 02, 2005

Entrust Integrates With New BlackBerry Enterprise Server(TM) v4.0

Entrust, Inc. (Nasdaq: ENTU), a world-leading provider of Identity and Access Management solutions congratulates Research In Motion (Nasdaq: RIMM; Toronto: RIM) (RIM) on the release of BlackBerry Enterprise Server(TM) v4.0 with its easy-to-use security capabilities and newly enhanced integration with Entrust's Secure Messaging Solution.

2/02/2005 10:45:00 AM  

The pains and gains of Identity Management

Interesting thoughts, but skewed towards Thor Inc.

2/02/2005 10:43:00 AM  

Nintendo Selects RSA Security to Protect Gaming Assets on Its New Nintendo DS Game Console

RSA Security Inc. (Nasdaq: RSAS) announced today that Nintendo Co., Ltd. has licensed micro and
full editions of its RSA BSAFE(R) encryption solutions for use in the newly-released Nintendo DS(TM) portable game console.

2/02/2005 10:40:00 AM  

Tuesday, February 01, 2005

Teros Delivers First Integrated Identity Management-Application Security Solution

Teros, Inc. today announced the immediate availability of the Teros Gateway containing integration with eTrust SiteMinder Web access management software from Computer Associates International, Inc.

2/01/2005 03:57:00 PM