Embed Size (px)
Citation preview
Security GuideThe Ultimate
What you need to secure everything – from client to cloud
At Softchoice, we believe security is a process. Our goal is to protect network environments with best-in-breed technologies that are
the right fit for that specific environment. We want to relieve your security concerns about your organization’s valuable data, so you
can spend more time focusing on innovations in your line of business and less time on maintaining supportive technologies.
This guide provides a comprehensive overview of the diverse elements in every network environment, along with insight into
today’s most powerful security solutions to protect them.
With its wide vendor coverage, product selection tools, policy templates, and blog posts, this guide will help you design an
impenetrable IT environment you can feel confident about.
What are the key security solutions that
you need to consider for your IT environment?
In this video, our security practice leader
Stephen Perciballi outlines the most important
areas to address when building your
security plan.
Share this guide!
>> p 4. How are you securing that?
>> p 9. Interactive product blogs
>> p 10. About Softchoice
>> p 6. Tools & resources
>> p 7. Vendor landscapes
• Laptops & PCs • Data Center • Tablets & Smart Phones
Share this guide!
How are you securing that?Security is a process, not a product. There are many options for you to
consider in order to secure the data of your organization, your customers and
your families. So when implementing new technologies in your environment,
ask yourself the question, “What am I doing to secure that?”
At Softchoice, we are often surprised by the security gaps we see in many
network environments that store and transmit critical information. On a personal
level, with our financial and healthcare information making its way online in more
accessible ways, there is more to securing the data than achieving compliance.
There are reputations and serious privacy concerns at stake.
1. Endpoint Anti-Virus2. Network Access Control3. DLP Solution4. Firewall5. Virtual Specific Security6. Mobile Device Management7. Email Gateway Appliance/SW8. Mail Security9. Email Encryption10. Web Gateway Appliance/SW11. Web Content/URL Filter12. Full Disk/Removable Disk Encryption13. Cloud-Based Security (SaaS)14. Desktop/Laptop Backup15. Host Intrusion Prevention
Share this guide!
Laptops & PCs
Tablets & Smart Phones
Data Center
Endpoint Anti-Virus: Detects attacks directed at client computers through email, services, or web browsers.
Full Disk Encryption: Protects information by converting the entire disk into unreadable code while the laptop is off so that data can’t be extracted and read. Data Loss Prevention: This technology is basically an information firewall. It’s a system that can detect a potential data breach and then prevent it by monitoring data while in use (endpoint actions), in motion (network traffic), and at rest (data storage). >> Read our blog post on DLP
Web Security Gateway: These gateways scan for malware in real time as the responses from trusted websites are coming back to users and drop the malware before it gets to the endpoint. It consolidates web, email, and data security into one unified architecture for the most comprehensive security available. >> Read our blog post on secure gateways
Mobile Device Management: Secures, monitors, manages and supports mobile devices of any type, whether employee or corporate owned. >> Read our blog post on MDM
Web Application Firewall: This type of firewall blocks attacks on web applications like SQL Injection and Cross-Site Scripting. It operates by monitoring and potentially blocking the input, output, or system service calls which do not meet the configured policy of the firewall. The application firewall is typically built to control all network traffic on any OSI layer up to the application layer. This is the number one way organizations get compromised today. >> Read our blog post on firewalls
Host Intrusion Prevention: These network security appliances monitor network and/or system activities for malicious activity. The main functions of intrusion prevention systems are to identify malicious activity, log information about that activity, attempt to block or stop the activity, and report the act. It monitors for changes to the files on the system as well as monitoring for the attacks.
Database Security: Protects databases including data, applications, systems, servers and the associated network links against compromises of confidentiality, integrity and availability. It monitors for malicious activity and queries against the database.
Security Information & Event Management (SIEM): Provides real-time analysis of security alerts generated by network hardware and applications. Can collect logs from all of the systems in the environment and then use the data to detect attacks in progress.
Virtualization Security: Similar to technologies you would normally find in a server environment but designed specifically for virtualization. It delivers virtualization-aware and enhanced application performance, enforces security policies on traffic between virtual machines and ensures policy consistency for highly mobile, densely populated virtual machines. >> Read our blog post on virtualization security
Network Intrusion Prevention: Monitors and blocks attacks directed at system services like email, web and databases.
Share this guide!
It has anti-virus, endpoint and mobile protection you need with device control,
encryption, web and email gateway security you demand.
Sophos Complete Security
>> Learn more
Tools & resources to help you build your security plan
We gathered what we believe are the best tools and guides from our partner, Info-Tech Research Group. They can help you and your team successfully deal with the challenges IT professionals face on a daily basis – from routine tasks to major initiatives.
These tools and resources have a $5,000 value – we hope you can put them to good use!
Security Policy Implementation ToolIn most cases, using a phased implementation approach for security policy allows enterprises to begin to reap benefits quickly without causing the massive culture shift associated with an en masse deployment. Determining which policies to implement in what order is key to the success of such a deployment. Info-Tech’s Security Policy Implementation Tool will help you determine that order based on:
• The magnitude of the impact of the policy on enterprise security.• The magnitude of the impact of the policy on day-to-day user activity.• The relative cost in terms of time and money.
Use this tool to plan for the deployment of the enterprise security policy in a way that maximizes benefits and minimizes pain.
>> Download Security Policy Implementation Tool Anti-Virus PolicyEach year, more and more viruses, worms and Trojan horses are built and released into the networking wild. Deploying anti-virus software on your desktops and servers is all well and good, but if your users don’t know the “rules of engagement”, your virus prevention efforts could fail. Develop and implement your own anti-virus strategy using Info-Tech’s editable anti-virus policy template to guide you.
>> Download Anti-Virus Policy Template
Share this guide!
Vendor Landscapes Info-Tech’s Vendor Landscapes review specific IT markets. They evaluate the strengths and abilities of the products available as well as the vendors of those products. The evaluations weigh selected vendors and their products on the following eight criteria to determine an overall standing:
Endpoint Encryption
Vendor landscape storyboardUnderstand the Endpoint Encryption market, the players, and their products. >> Download Endpoint Encryption vendor landscape storyboard
Vendor shortlist toolDevelop a customized vendor shortlist to speed solution selection. >> Download Endpoint Encryption vendor shortlist tool
Data Loss Prevention Vendor landscape storyboardData Loss Prevention (DLP) is critical for organizations that hold trade secrets, sensitive information, or must comply with strict regulatory policy. >> Download Data Loss Prevention vendor landscape storyboard Vendor shortlist toolThis tool helps enterprises profile their Data Loss Prevention (DLP) requirements. >> Download Data Loss Prevention vendor shortlist tool
Product evaluation criteria • Features • Usability• Affordability• ArchitectureVendor evaluation criteria
• Viability• Strategy• Reach• Channel
Comprehensive Protection for Mobile Devices with Trend Micro Mobile Security 8
Integrated mobile device, security and mobile application management solution that plugs in to existing endpoint infrastructure, enabling organizations to control the security of their PCs, protect data and manage mobile devices from a single console. Take control of your mobile environment with the right tools:
• Mobile Device Management (MDM)• Mobile Device Security• Application Management• Data Protection
>> Get Trend Micro Mobile Security 8 Now!
Share this guide!
Unified Threat Management/Next Generation Firewall
Vendor landscape storyboardFind the Unified Threat Management/Next Generation Firewall (UTM/NGFW) that best meets enterprise needs. >> Download Unified Threat Management vendor landscape storyboard
Vendor shortlist toolDevelop a customized shortlist of the most appropriate UTM/NGFW solutions. >> Download Unified Threat Management vendor shortlist tool
Security Information & Event Management Vendor landscape storyboardImplementing Security Information & Event Management (SIEM) allows enterprises to manage and respond to an ever-widening range of threats and compliance requirements by consolidating, aggregating, correlating, and reporting on security events. >> Download Security Information & Event Management vendor landscape storyboard Vendor shortlist toolThis tool allows enterprises to generate a customized shortlist of SIEM vendors based on their current and future requirements for log management, compliance reporting and security incident/event management. >> Download Security Information & Event Management vendor shortlist tool
Protect desktops, laptops, and USB drives with PGP Whole Disk Encryption from Symantec, the world’s leader in
data protection.
>> Learn more
PGP Whole Disk Encryption from Symantec
Share this guide!
Releveant Blog Posts
>> 1. End-Point Anti-Virus
>> 2. Network Access Control
>> 3. DLP Solution >> 4. Firewall
>> 5. Virtual Specific Security
>> 6. Mobile Device Management >> 7. Email Gateway Appliance/SW
>> 8. Mail Security
>> 9. Email Encryption
Click on a solution below to go to all recent blog posts on the topic.
>> 10. Web Gateway Appliance/SW
>> 11. Web Content/URL Filter
>> 12. Full Disk/Removable Disk Encryption
>> 13. Cloud-Based Security (SaaS)
>> 14. Desktop/Laptop Backup
>> 15. Host Intrusion Prevention
>> 16. Database Security
>> 17. Security Information & Event Management
Enables Compliance Enhances Security
Streamlines Operations
Cisco Identity Services Engine
Share this guide!
Why we’re here
Technology is the great enabler. And while it allows people and businesses to achieve remarkable things, taking advantage of the latest innovations creates more complexity (and risk) than many organizations are willing to accept. For Softchoice, being a North American solutions and services provider is about one thing: building great customer relationships by making it simple for organizations to use technology to build their success. To do this, we’ve created the most complete solutions and services offering available anywhere in North America. That includes the expertise to take advantage of the latest innovations as well as the tools and resources to make the most of your existing IT infrastructure.
How we do it
Our goal is simple: to help organizations use technology to become more productive, more competitive and, ultimately, more successful. That starts with answering the important questions – like where you are today and where you want to be in the future. Avoiding surprises, helping you make great decisions and providing the technical know-how to turn vision into reality – it’s all a part of how we deliver better outcomes for your business.
Here’s what you can expect from Softchoice:
We’re assessment-led: Implementing technology can be a risky affair, and nobody likes unnecessary risk. Softchoice’s Assessment Services reduce risk by analyzing your environment in detail before we make a recommendation. Because we use a data-driven approach that eliminates the guesswork, we think a Softchoice assessment is the best way to see opportunities for cost savings and to understand what’s really required to take your technology to the next level.
We’re vendor-agnostic: You might be interested to know that we offer hundreds of thousands of technology products without maintaining a single warehouse. That’s what our distribution partners are for! Because we don’t have to worry about moving product or managing inventory, you can count on Softchoice to give you unbiased advice. We focus on doing what’s right for you and providing technology solutions that further your goals.
We have the most complete offering: With the speed of innovation, there’s a lot to know and many moving parts. Softchoice makes things simple by providing solutions and services to help with just about any requirement – all under one roof. That could be as simple as providing reliable delivery on the technology products you use every day. Or it could mean leveraging our Solution Architects and Professional Services teams for help with a major project. From the desktop to the data center, from coast to coast, we’re here to turn your ambitions into reality.
Share this guide!
Our Security Experts
The goal of Softchoice’s Security Architects is to help you select and implement the right data protection strategy for your organization. We believe in an assessment-led approach that will first identify what you are trying to protect, and then qualify and quantify your data protection risks and opportunities. From security health checks on specific systems to vulnerability assessments of the applications and network, and even security software inventory and regulatory compliance reviews, Softchoice offers a complete repertoire of security assessments that ensures we’re starting from the right place.
Once an accurate assessment of your current state has been made, our highly experienced Security Architects will take a vendor-agnostic approach to proposing security solutions. Softchoice partners with every major security vendor, so we have an unbiased view of what will work best for your unique environment.
Because Softchoice has Solution Architects in all the other major technology categories, such as networking, data center, client computing and storage, we work together to design an integrated solution, rather than suggesting single-point security products. This is markedly different from other security providers that are aiming to sell specific technologies, and as a result can miss the big picture. For us, the only thing that matters is making your environment more secure.
>> Check the full listing of security products that we offer
Share this guide!
How we can help you
Network Vulnerability AssessmentsThese assessments identify vulnerabilities in your network that hackers can exploit. Our engineers scan your IP ranges for open services, and then identify known vulnerabilities in those services. Examples of what we typically find include unnecessary services running and unpatched/old server software running. Our reports are integrated into other security systems like Security Event Management systems. Web Application Vulnerability AssessmentsQuickly improve your web security posture with minimum resources and a limited budget. Our service offering assesses web applications remotely, ensuring maximum protection against hacker attacks. Softchoice gives you a real-time dashboard of dynamic results showing a prioritized listing of all vulnerabilities and remediation details. Show internal stakeholders that your organization’s website is secure by validating current security policies and practices. Examples of what we typically find include SQL Injection and Cross-Site Scripting. Our advantage is the ability to integrate these reports into popular web application firewalls for instant protection. With scans specifically designed for PCI, GLBA, SB1386, SOX, HIPAA, and OWASP, you can be sure that your site is checked for the most relevant attacks, thoroughly and consistently.
Malicious Activity AssessmentsProactively discovering risks can be effective; however, your network may still have issues that were not detected by other systems. Softchoice uses innovative technology to identify threats that already exist in your network. We provide either a server or a virtual appliance that will passively assess the network layer and perceive threats that are seldom identified by traditional signature-based security systems.
Data Loss Prevention AssessmentsBy passively monitoring network activity, a Softchoice DLP assessment can determine what your critical data is, where it is going and who has been accessing it. For further detail, agents may be deployed on select endpoints and servers.
Want to learn more? Connect with us today! www.softchoice.com | @softchoice
Share this guide!
