Distributed by Guardian Digital, Inc.
08 November 2004
Volume II, Issue XI 

 In Every Issue

Guardian Digital, Inc.
165 Chestnut Street
Second Floor
Waldwick, NJ 07463

(201) 962-7300


(201) 866-625-4728




©Copyright 2004, Guardian Digital, Inc. All Rights Reserved.

Behind the Shield Unsubscribe



In this issue of Behind the Shield, Guardian Digital's chronicle of Internet and open source security news, we'll cover company highlights, thoughts from our CEO and revealing points on how Guardian Digital products are rapidly changing the face of open source for business.

Are you ready for the Sarbanes-Oxley Compliance deadline?

Read on to learn how Guardian Digital successfully assists corporations with compliance to relevant government regulations including Sarbanes-Oxley

Guardian Digital to Help Ease Sarbanes-Oxley Compliance with Free Compliance-Readiness Assessment

Guardian Digital recently implemented a compliance-readiness initiative aimed at helping organizations recognize infrastructure weaknesses in preparation for the fast approaching Sarbanes-Oxley deadline. Offering free compliance assessments to interested parties, Guardian Digital has dedicated resources to ensuring corporations of all sizes are educated and prepared for either the November 15, 2004 (for corporations with market capitalization greater then $75 million) or July 15, 2005 (for all others) deadlines.

Read Press Release

Guardian Digital Receives Thumbs up from Government of India

Recently, Guardian Digital was chosen as a solutions partner for Government of India’s Indian Space and Research Organization (ISRO). Implementing almost all of Guardian Digital Solutions into their network, ISRO is very pleased with the results. Having more than 300 users at IRSO headquarters and thousands more at each of ISRO's Centers, the Government of India's partnership with Guardian Digital has provided the flexibility necessary to seamlessly incorporate new locations and users into their existing network. "The scalability and security that we now have with our Guardian Digital solution will make future network integrations of other ISRO centers simple; and I have no doubt that many will embrace this successful solution."

Read Full Story

Industry Note

Network Management vs. Crisis Management

With Internet and network computing driving virtually all business practices, network availability is practically synonymous with operational success. Network management is a crucial part of the security process involving the ongoing monitoring and maintenance of corporate networks. In other words, network management is an activity or service that utilizes a variety of tools designed to assist network managers in effectively overseeing the activities on their network. Its main purpose and ultimate goal is to ensure the consistent security, reliability, and optimum performance of the system. It is also a key procedure necessary to remain compliant with the government legislations such as Sarbanes-Oxley. So why is it that smaller enterprises do not follow through with such a critical process?

This oversight can mostly be attributed to lack of resources. Network management is made up of five distinct areas; performance management, configuration management, accounting management, fault management, and security management. Each of these areas requires dedicated resources for monitoring and maintenance. Most small and medium sized organizations face the same IT tribulations; lack of expendable income and a shortage of qualified IT professionals. Combine that with the proliferations of Internet threats and the ever-quickening pace of technological developments, it becomes nearly impossible for smaller companies to consistently monitor and maintain the overall security of their networks.

Instead, these organizations are prone to divert network management into crisis management. Basically meaning administrators do not deal with a situation until it is in a position to cause a problem. On the surface, this appears to be the most economical way to handle network issues, however, a reactive approach to network protection is always a gamble. Not catching a problem quick enough can result in debilitating and costly network intrusions. These incidents can cost corporations millions of dollars in recovery cost, downtime, and lost revenues. In these cases the ends never justify the means.

A majority of organizations simply do not have the resources to staff and maintain a network security operations center which can be misconceived as the only way to fully provide the proper management for every aspect of a corporate network. That is not necessarily the case, however. A proactive approach to network security management is the only answer and there are plenty of options to help organizations with strained IT departments and minimal monetary resources continually protect their networks.

Outsourcing or at least farming out certain aspects of network management is always a viable alternative. Outsourcing vendors currently offer everything from remote monitoring to network design and management and with more and more vendors offering such services, pricing can be impressively competitive. If an organization would prefer to keep all network management operations in house, there are thousands of tool kits available that if properly chosen, installed, and employed will help simplify these often daunting and overwhelming administration duties

Dave Wreski, CEO Guardian Digital, Inc.

At a Glance

Enhancing the effectiveness of internal controls for Sarbanes-Oxley compliance by enforcing corporate policies, Guardian Digital SurfSecure provides an effortless and efficient Internet filtering solution proven to substantially increase employee productivity, conserve network resources, and reduce legal liability. Pre-defined site lists make administration simple by providing updated information on websites and Internet categories known to present problems in today’s corporations. Flexible access controls allows administrators to choose the sites they wish to block, and accept the ones they wish users to access. Includes constantly-evolving collection of website categories to provide fine-grained control over individual user access. Combining flexibility and functionality, SurfSecure allows administrators to balance work related and personal surfing permissions by configuring access based on groups, departments, or individual users, providing organizations with the powerful, customized protection only available from Guardian Digital.

Learn more about Guardian Digital SurfSecure

Guardian Digital In the News

U.S., International Space Organizations Turn to Open Source

Guardian Digital's partnership with the Government of India was featured in a recent Information Week article highlighting the company's open source solution for India's Space Research Organization.

Learn More

Indian government outsources Linux security to New Jersey firm

Indian government outsources Linux security to New Jersey firm Guardian Digital, based in Waldwick, New Jersey, is supplying security and productivity applications for the Indian Space Research Organization (ISRO) headquarters. And, according to Guardian Digital spokesperson Nicole Pearson, ISRO made the first contact. "They were originally looking for a secure mail server," says Pearson, who noted that ISRO found Guardian Digital through its online presence, not because of a sales call or other direct marketing efforts.

Read Full Article


Guardian Digital Mailbag

Q. What changes will I have to make to my email system regarding Sarbanes-Oxley Compliance?

A. As you may already know, email is a significant aspect to corporate communications. It is one of the most prominent avenues for business-related discussions as well as critical information transportation, and data maintenance and storage. Part of Sarbanes-Oxley is to ensure that the integrity of corporate information, with special regard to financial data, remain in tact so that any weaknesses within the business can be easily identified, reported on, and accountability can be established. Since e-mail systems are the most widely used and widely exposed areas of a technology infrastructure they must be secured in order to comply with the appropriate internal controls mandated by the legislation.

In order to do this effectively, corporate e-mail systems need to be protected, in order to ensure that different threat vectors are eliminated. Therefore, if not already properly secured, a solution may need to be implemented that will actively enforce corporate email policies, mitigate the occurrence of offending mail and eliminate threats before data integrity can be damaged.

Guardian Digital offers corporate email compliance with Secure Mail Suite. Addressing the need for corporations to secure channels in which financial information may be transported or stored on email systems, Secure Mail Suite effectively utilizes encryption and authentication standards to protect against unauthorized access, spam, virus and anti-phishing protection, to defend mail systems from potentially harmful malicious code and network intrusions, and corporate policy enforcement tools to ensure mail systems are always being used for legitimate business purposes.

The Behind the Shield editors encourage their readers to submit questions. The most frequently asked questions will appear in future issues. We look forward to answering all your inquiries! Email us at info@guardiandigital.com




Hints & Tips from Experts

SOX Compliancy

Most organizations can become SOX compliant by adding the policies, procedures, and technology they already have. To help the appropriate people accurately certify the necessary information and the success of relevant business processes, organizations are going to have to evolve current policies and procedures to SOX compliance requirements. With regard to IT departments, however, these policies will be created to drive security and ensure the integrity of all information contained on the network. Documented policies and procedures set acceptable rules for employees and executives conduct alike and furthermore, provide blueprints on how certain situations should most effectively be handled eliminating guesswork and inadvertent transgressions.

Although properly executed acceptable use policies are a good defense against many of the internal threats facing corporate infrastructure, they cannot protect the integrity of corporate data

Guardian Digital is pleased to provide Behind the Shield readers with informative expert advice on what network security really means. Each month a new topic of interest will be chosen to supply you with useful tips and information not offered elsewhere. This month, we'll have a brief discussion on steps to take when considering outsourcing IT security services.

Partner Profile

Through national and multi-national partners like Intelligent Decisions in Virginia, Guardian Digital is able to provide Sarbanes-Oxley compliance solutions to customers worldwide.

Founded in 1988, Intelligent Decisions, Inc. (IDI) is a fully diversified, systems manufacturing, integration and IT solutions company. Through its vast array of offerings and technology partners, IDI is able to provide strategic solutions in areas such as: identity management; storage, security and disaster recovery; web services; system migration; and logistics support. IDI has distinguished itself as a responsive and reliable partner to the federal government and maintains a robust GSA schedule and other contract vehicles supporting civilian, defense and intelligence agencies.

To assist organizations with governmental legislation compliance, IDI utilizes Guardian Digital solutions to provide a productive and secure IT infrastructure. “A key issue with any of these compliance regulations is the validity of source of the information. One of the best ways to deal with this is to impose multi-factor authentication on users. One of the security applications that we build on the Guardian Digital platform is a next generation multi-factor authentication solution. With Guardian Digital, we are able to make our security appliances secure and compliance-ready,” says Ted Ritter, director of cyber security, for the organization.

For further information on Intelligent Decisions, please visit their website at: www.intelligent.net




If you wish to unsubscribe from this newsletter, please click here.