Security's human side
When it comes to keeping your company's systems secure, employees and managers play roles as important as those of the technological gadgets they deploy. Any security shield that protects your business should be accompanied by sound company policies that explain risks, outline duties, and recommend correct behaviors to your users. Failure to do so could expose your company to litigation and possibly to damaging public embarrassment.
Unfortunately, keeping your users up to speed on security policies bears a significant cost because you need to create and disseminate those documents and then verify that your users acknowledge and understand them.
PentaSafe Security Technologies Inc., a software company that specializes in security products, offers a comprehensive solution to that problem with VigilEnt Policy Center (VPC) 2.0. The next release of the policy management software will employ a common, Web-based infrastructure to create, publish, and monitor security policies.
We looked at the beta version of VPC 2.0 and were impressed with its simplicity, ease of use, and powerful publishing and user-training capabilities. Despite some rough spots in the beta version, we recommend deploying the product when it is released in June.
Security policies on the move
Primarily, VPC is a browser-based platform for creating and publishing security policies written clearly and simply for the benefit of your employees. In addition to English, Version 2.0 can communicate with users in French, German, and Spanish, although the solution doesn't automatically translate a policy into a different language. The product provides its own HTTP server and integrates with Microsoft Corp. IIS on Windows NT 4.0 and Windows 2000 platforms.
From a browser-contained client, security administrators can write policies using wizards and templates, or they can import existing documents in the most common formats, including rich text, XML, HTML, Microsoft Word, and Adobe Systems Inc. Acrobat. Administrators can instantly publish a new policy and make it available to users across the company network, regardless of the employees' location. VPC stores policies in its embedded database or in a Microsoft SQL Server repository. Users view and acknowledge new policies from their browser-based client.
To simplify administrative tasks, VPC allows administrators to import user and group lists from an LDAP directory or text file. By doing so, administrators can easily maintain consistency with existing authentication systems. They can also define homogeneous access control lists that identify target users, such as developers, computer operators, accounting clerks, or security managers, and specify their access rights for each policy. When a new document is published, VPC will automatically insert a link to the document and a warning message on those users' home page.
Sign up for ITworld's Daily newsletter
Follow ITworld on Twitter @IT_world
jfruh
Apple syncing patent can't come soon enough
pasmith
New Twitter features borrow from 3rd party clients
Esther Schindler
Open Source Changes the Software Acquisition Process
mikelgan
How to set up continuous podcast play on the new iTunes
David Strom
Five important Windows 7 mobility features
sjvn
Guard your Wi-Fi for your own sake
Sandra Henry-Stocker
Grepping on Whole Words
Sidekick: The Good News & the Bad News
Either way you look at it Microsoft Data Center management did not follow standards or best practices in this failure. In which case it makes me wonder more about the outsourcing of corporate data much less personal data.
- mburton325
Join the conversation here
Quick, practical advice for IT pros. Made fresh daily.
Want to cash in on your IT savvy? Send your tip to tips@itworld.com. If we post it, we'll send you a $25 Amazon e-gift card.
