The Vaulting Approach to Securing Data
Companies today are eliminating traditional network boundaries and opening up their businesses to partners, suppliers, and customers to gain a competitive advantage. At the same time, they need to lock down and protect vital business information. So rather than taking a "locking down the perimeter" approach, Cyber-Ark Software (http://www.cyber-ark.com) has developed two software security solutions that leverage its patented Vaulting Technology to create safe havens (vaults) for securing and sharing vital company information. Network Vault provides an integrated, multilayer architecture to protect data such as critical documents and passwords within an enterprise. It integrates technologies such as VPN, firewall, file access control, encryption, and authentication to protect data both at rest and traveling across the network. Inter-Business Vault combines a set of Inter-Business Servers to let enterprises communicate and share information over the Internet as if they've deployed a shared WAN but without the effort and expense of actually doing so. The company recently unveiled One-Click Transfer, a new component for the Inter-Business Vault that automates the transfer of critical information to and from the electronic vault with the touch of a button.
File Sharing Via WAN Link
The storage market is replete with acronyms. I recently learned of one, Wide Area File Systems (WAFS), that's particularly interesting. WAFS describes a technology from Availl (http://www.availl.com) that lets users share files over WAN links. It uses byte-level differencing to replicate file shares across multiple sites using minimal bandwidth. Availl's solution differs from other file replication by placing a write-lock on open files across all sites. This technique eliminates file-synchronization problems that are typical of file-replication solutions. In addition, the Availl server can keep a copy of previously saved versions of files, offering continuous data protection at no extra cost.
Don't Let Virus Worries Delay Your 64-Bit Upgrade
I recently spoke with Andrew Lee, CTO of antivirus vendor ESET (http://www.esetsoftware.com) about how 64-bit computing affects NOD32, ESET's flagship antivirus and antispam product. Although most 32-bit software will run without modification on 64-bit Windows versions, antivirus software is an exception. Most antivirus software installs a driver, and 64-bit Windows doesn't support 32-bit drivers. NOD32 was no exception, but ESET has released an update to work with Microsoft's 64-bit kernel. NOD32 supports both Windows Server 2003 x64 Editions and Windows XP Professional x64 Edition. Lee said that McAfee, Symantec, and Trend Micro are offering 64-bit solutions for their enterprise customers and server products, but ESET is the first to announce a 64-bit product for all its home and corporate customers.
Assuring Security, Performance, and Compliance
In March 2005, NetIQ (http://www.netiq.com) conducted a survey of 600 IT pros that showed that more than half are affected by existing compliance regulations and that 97 percent are concerned about employees' access to sensitive corporate information. I recently spoke with Bob Tesh, senior manager of product marketing for NetIQ, about the direction that these results are taking the company. He said that in response to the survey results, NetIQ will release the NetIQ Security Compliance Suite in both standard and enterprise editions. Both versions provide log management, policy compliance, and configuration and vulnerability assessment functionality for Windows environments. The enterprise edition adds security monitoring of policy changes and suspicious network activity. The Security Compliance Suite falls right in line with NetIQ's new strategic approach, Knowledge-Based Service Assurance, which provides customers and their line of business (LOB) owners with the assurance that their enterprise is secure, performing optimally, and compliant with legal and corporate policies.
Divide and Conquer Security
Protecting corporate information is a vital function for today's organizations—and an increasingly difficult one, as network perimeter breaches become more common. Database encryption provides another layer of protection, and nCipher (http://www.ncipher.com) recently announced a new version of SecureDB, a database security solution that allows column-level encryption of sensitive information. SecureDB includes a policy-enforcement application and a database-analysis tool that's designed to selectively and efficiently apply this additional layer of security. SecureDB helps eliminate the "super-user" threat by dividing authority between security and access. For example, a database administrator can grant access to data but can't grant rights to decrypt sensitive data, whereas a security administrator can grant rights to decrypt sensitive data but can't grant access to data. In late 2004, nCipher added Oracle support to SecureDB, and this latest release adds support for Microsoft SQL Server and IBM DB2.
