For those who use an IPS, what were your reasons for implementing it? Here’s a tip on determining your IPS needs: http://searchmidmarketsecurity.techtarget.com/tip/0,289483,sid198_gci1349855,00.html
Answer Question | April 15, 2010 2:14 PM
Intrusion detection, Intrusion detection and prevention, Intrusion prevention systems, Midmarket security
I recently talked to two Forefront customers, who had a lot of praise for Forefront’s all-in-one management console and its protection against external threats. Any Forefront users out there? What do you think? Do you agree? What have been some of your challenges? Also: what do you consider to be the trade-offs of going with a best-of-breed [...]
Answer Question | March 11, 2010 3:15 PM
Forefront Client Security, Microsoft Forefront, Microsoft Forefront TMG 2010, Microsoft Security, Midmarket security
In a recent SearchMidmarketSecurity.com article, contributor Mike Chapple says, “Unfortunately, many security practitioners don’t fully understand encryption due to the technology’s ill-deserved reputation as the unapproachable domain of mathematicians and cryptographers.” Do you agree? And what encryption task do you find most challenging: Securing websites? Encrypting email? Protecting laptop data? Implementing VPNs?
Answer Question | May 1, 2010 8:34 PM
Encrypted email, Encryption, Encryption key management, Midmarket security
What are your biggest challenges when pushing upgrades, like new browsers, across your organization?
Answer Question | February 1, 2010 4:59 PM
Browser security, Midmarket security, Security
For those of you who have outsourced email security, what were you looking for in terms of differentiators between email SaaS providers?
Answer Question | December 22, 2009 6:57 PM
Email security, Midmarket security, outsourcing security
Is your organization merging, or planning to merge, your email security and Web security gateway capabilities? Why does it make sense to do so, but more importantly, what are some of the gotchas you weren’t expecting?
Answer Question | December 22, 2009 6:55 PM
Email security management, Midmarket security, Web security gateway
From a reader regarding a recent technical tip posted to SearchMidmarketSecurity.com entitled: “Microsoft Windows RMS enables granular access control over sensitive data” http://searchmidmarketsecurity.techtarget.com/tip/0,289483,sid198_gci135 6909,00.html Do you know of any reporting service tool for .NET that can Intergraph with Microsoft Windows Rights Management Services (RMS). I am looking for an automatic process that I can code [...]
Answer Question | August 7, 2009 1:54 PM
.NET, Midmarket security, Windows Rights Management Services, Windows RMS
From a reader: I’m installing Web monitoring software and Microsoft ISA server so that we can get a handle on employee surfing and lock down troublesome sites. Now we already have a network firewall installed that isn’t going anywhere. Should I set up ISA as a secondary firewall? Any alternative suggestions? Thanks
Answer Question | July 24, 2009 1:37 PM
Employee monitoring, Firewall configuration, ISA Server configuration, Midmarket security
From a reader: Windows Updates are not working for us. Our InstallShield updates are being blocked, maybe by something in our firewall? Not sure. Where should we start looking?
Answer Question | July 14, 2009 7:58 PM
InstallShield, Midmarket security, Windows Update
Does anyone have any recommendations for server mobility software – that provides adequate access controls ensuring only the right people get to the right data?
Answer Question | July 13, 2009 7:14 PM
Access Control Server, Midmarket security, Mobile device security
From a reader: With the Nevada data protection regulation and upcoming Massachusetts data protection law, we’re looking for a checklist of encryption issues we should raise as we begin to look at vendors. Also: What are some red flags to look for as we talk/negotiate with vendors? What are reasonable service/support demands that we can [...]
Answer Question | July 13, 2009 7:11 PM
Encryption, Encryption key management, Midmarket security
From a reader: What can our company do to minimize false positives in our email security filters?
Answer Question | June 3, 2009 12:49 PM
Email security filters, False Positives, Midmarket security
Can anyone recommend training materials we could supply/send to end users to build awareness around phishing? We’re looking for online courses, or handouts. Any recommendations?
Answer Question | May 29, 2009 12:46 PM
Email security, Midmarket security, Phishing, security awareness training
This from a reader: In a recent SearchMidmarketSecurity.com technical tip, “Starting points for network monitoring” , expert Joel Snyder talked about the importance of automated network monitoring and what companies can learn once these products are implemented on networks. I’m wondering if you could advise on a product or two that would help with automated [...]
Answer Question | May 15, 2009 6:07 PM
Midmarket security, Network monitoring, Network monitoring software, Network Monitoring Tools
BitLocker drive encryption is intriguing and important, but it’s available only in Vista and Win 7 Ultimate and Corporate editions. Since these are the most expensive versions of the OS, most smaller companies use the Business version of Windows–what are some encryption options for them? As a reader put it: “If MS was really sincere [...]
Answer Question | May 8, 2009 2:30 PM
BitLocker drive encryption, Encryption, Encryption Software, Midmarket security
Is 802.1x the best option for implementing network access controls (NAC)? What are the advantages and disadvantages of 802.1x? What are some other options; and can you compare and contrast the advantages of those against 802.1x?
Answer Question | May 7, 2009 7:28 PM
802.1x, Midmarket security, Network Access Control
Experts tout unified threat management appliances as an ideal antimalware, intrusion prevention and content filtering firewall for midmarket companies. But doesn’t this counter the long-standing security practice of defense-in-depth? With a one vendor, platform, and management console, aren’t we talking about a dangerous single point of failure? When is UTM good enough? When should we [...]
Answer Question | May 8, 2009 7:01 PM
Defense in Depth, Intrusion detection, Midmarket security, Single Point of Failure, Unified Threat Management