92737609Although huge amounts of data are being generated within organizations, few have formal strategies in place to effectively manage that data. There is a general lack of awareness of what types of data exist, where it’s housed, who uses it, and for what purposes. In addition, organizations don’t understand how poor their data quality really is.

Taking a proactive approach to data auditing is something every organization needs to do. Data is one of the organization’s largest assets. In order to utilize it effectively and benefit from it, data requires effective management in the form of policies, procedures, standards, and ownership. Audits will not only promote higher levels of data quality, they will also positively impact data security and compliance to regulatory laws and regulations.

Data audits will also identify where data owners and stewards may be required, any extraneous data sources that internal departments or lines of business’ may be using without IT’s knowledge, and the location of all data sources within the organization.

Audits don’t need to be a painful experience. Keeping things simple and sticking to a data audit framework is the secret to a successful audit. Organizations that perform audits on a regular basis will have a comprehensive inventory of all data assets, a clear understanding of any data issues that exist, and where data ownership and accountability may be lacking.  It’s in every organization’s best interest to perform regular data audits.

To complete your own data audit see Info-Tech’s Integrate a Data Audit into the Data Management Plan.

Share on FacebookShare on Google+Share on LinkedInTweet about this on Twitter

Endpoint protection has been the name of the security game for awhile now; but vendors have been late getting into encryption, and the endpoint encryption market has turned into a game of catch-up and consolidation.

The big-name security players such as Check Point, McAfee, Sophos, Symantec and Trend Micro all bought into the market. Few vendors are actually creating their own endpoint encryption solutions, except CREDANT and Canadian company, WinMagic. These vendors may find themselves with acquisition targets on their backs.

So which vendors ended up coming out on top?

Check Point and Sophos led the way with their endpoint encryption solutions, Full Disk Encryption and SafeGuard Enterprise respectively. Both vendors scored well for their advanced features and price – Check Point’s solution was the most affordable of the bunch with Sophos not far behind.

Up next was CREDANT as an Innovator. It scored well for its advanced features set, particularly due to its focus on policy-based encryption that allows for more flexibility, though can demand a higher management cost than traditional FDE solutions.  However, it’s one of the pricier options.

The Market Pillar division saw some of security’s most recognizable names: McAfee, Trend Micro and Symantec.

McAfee’s endpoint encryption solution was strong, especially with McAfee’s market differentiator, the ePolicy Orchestrator that allows seamless management of the entire McAfee stack via a single console. However, where the vendor scored less was in terms of pricing – McAfee’s solutions are among the most expensive.

Trend Micro offers competitive pricing with strong advanced features. But with its recent acquisition of Mobile Armour (Trend entered the encryption game late in 2010), integration issues could crop up. While Mobile Armour has been around for awhile, Trend does not have the experience in support for the product which would cause problems for customers needing help.

Symantec rounds out the Market Pillar category. Its PGP Line of products is broader than just endpoint encryption, encompassing email systems and fileservers in a broad encryption ecosystem. But Symantec will cost you – its solutions were the most expensive out of all the vendors evaluated.

Emerging Players were WinMagic and Trustwave. Independent, encryption-focused vendor WinMagic may be small but it’s growing with a key partnership with Lenovo with their SecureDoc solution. Trustwave offers full disk encryption as part of their managed services – the only vendor to offer managed services – which also includes a portfolio of security services for enterprises looking for a cost effective security option.

Trustwave also won the Innovator award for its unique Persistent File Encryption (PFE) feature that protects data in transit and at rest using Smart Tags. These tags protect only the data, not the devices it’s on, so data is protected no matter how it’s shared.

For more information on these Endpoint Encryption vendors, refer to Info-Tech’s Vendor Landscape: Endpoint Encryption.

Share on FacebookShare on Google+Share on LinkedInTweet about this on Twitter

The enterprise can’t be secure if it doesn’t know how – your documents need to get everyone on the same page.

Your Challenge

The organization has no formal documentation indicating how employees should act in order to maintain enterprise security.

Increasing regulatory pressure is upping the ante making the lack of policy a business inhibitor.

This research will guide you through the process of developing a policy, vetting it with the business, and getting implemented.

Critical Insight

Policy defines organizational security stance and forms the basis upon which all security decisions should be made. Studies show that developing and deploying a policy can reduce breach incidents by up to 93%.

The average cost in time and dollars to create a fully custom security policy is 12 months and $50,000. Upon completion of the work outlined in this solution set you will have created that policy without those expenditures.

Associated Research

1. Get a crash course in Security Policy.

Understand what Policy is, how it is constructed, and how to make best use of it.

2. Write the policies.

Develop the actual documents that will guide enterprise security compliance. Here are some examples:

3. Plan for implementation.

Determine the optimal order for the deployment of individual policies.

NOTE: Not an Info-Tech member? Register for a free trial to download up to three of the templates listed above.   Simply click one of the links to get started.

Share on FacebookShare on Google+Share on LinkedInTweet about this on Twitter