True Value-Added IT Security Distributor starlinkme.net
Overview StarLink, a leading IT compliance and next-generation threat driven solutions provider, recognized as a “Trusted Security Advisor”, a True Value Added Distributor, and a market leader by more than 500 customers to secure critical enterprise assets and safeguard access to sensitive data in the most demanding datacenter environments. StarLink has helped enterprise organizations in the Government, Banking & Finance, Telco, Oil & Gas, Education and Healthcare sectors achieve and sustain compliance standards and optimally manage risk through full policy, procedure and controls lifecycle management. StarLink, founded in 2005, in Dubai, today has on-the-ground sales and technical presence with physical offices in 8 countries across the Middle East, Turkey and Africa to support its channel partners, and in turn its customers. StarLink offers four solutions which provide end-to-end security technology that address Next-Generation Threat challenges: • Access Control • Advanced Threat Protection • Vulnerability Management • Secure Mobility
Best Practices For Securing Access to Sensitive Data
Solutions
Access Control:
Where is my sensitive data? Compliance & Audit enables the organization to control access to sensitive data by understanding user privileges, securing privileged access and monitoring changes to directories, files, data repositories and databases, as well as, user activity. This in turn leads to alerts ensuring that sensitive data is only accessed by authorized users by providing comprehensive real-time visibility into all activities. Furthermore, encryption mechanisms are put in place to guarantee that sensitive data cannot be accessed by unauthorized users even if it inadvertently falls into the wrong hands. Finally the required processes and procedures to achieve continuous compliance are automated so that human error or risk of insider threats are minimized.
Advanced Threat Protection:
How can I protect my sensitive data? Advanced Threat Protection provides visibility into all relevant network traffic coming in and going out of the organization. This ensures that protection mechanisms are applied only where attacks can happen by analyzing the required traffic, web, email, file etc., to determine whether the traffic contains signatureless threats that attempt to communicate back to the command and control centers (CnCs) for data exfiltration, and to stop any such communication. Once malware does enter a corporate environment, it is crucial to gain security intelligence into where it attempts to travel within the corporate network and conduct network forensics to understand its reputation. Simultaneously, a platform needs to be in place to ensure that any unknown malware cannot execute on any IT-managed resource so as to avoid any adverse direct effects to the computing environment. Finally with effective, powerful, and easy-to-use endpoint forensics and incident response capabilities, modern malware can be seamlessly removed.
Solutions
Vulnerability Management: Is my sensitive data at risk?
Vulnerability Management continuously monitors the entire corporate network and generates lists of vulnerabilities and deep risk metrics prioritized by importance for the IT Security decision maker. To ensure that the vulnerabilities are in fact relevant and do exist in context for the organization, it is then critical to automate the penetration testing of each of the vulnerabilities so that the list can be narrowed down to what is truly important to look at right away. It is also crucial to automatically produce a visual network topology map in order to understand how vulnerabilities at the network level, due to security configuration not being compliant in some areas of the network, can affect other areas of the network. This enables organizations to create threat models to proactively understand where threats can come from. Finally, many modern threats today target applications in some way, whether it be internal or external facing applications, and therefore understanding and resolving application vulnerabilities while they are being developed, and prior to being deployed, is essential.
Secure Mobility:
How do I share my sensitive data? Secure Mobility enables organizations to put into effect their corporate data governance policies at the user level, so that each user is mandated to understand what data should be classified as sensitive, and what data should not be. Once collaboration on sensitive data is required, platforms are put into place to ensure complete control on files, emails and even text within documents, to ensure that sharing is done securely, both internal, as well as, external to an organization, so that data cannot be maliciously or mistakenly leaked. The secure file sharing platforms also provide mechanisms to seamlessly automate secure site-to-site and user-to-site transfers, as well as, to use email to securely send and receive large attachments without restrictions. Finally this invaluable sensitive data needs to be available today to the mission-critical workforce, 24x7 online, as well as offline, so portability is critical. Therefore secure information sharing would not be complete without the ability for trusted users to securely transport data, and even their entire workspace environment, on hardware-encrypted portable storage, with comprehensive management of this media.
IT & System Management, Network and Data Security
Real-Time Database Security: Auditing, and Monitoring software.dell.com
ibm.com/software/data/guardium
Dell Software helps customers take advantage of new technologies and address organizational challenges to grow their business and remain competitive. Scalable, integrated business and enterprise software solutions from Dell makes it easy for enterprises to secure and manage networks, applications, systems, endpoints, devices and data to help businesses deliver on the full promise of technology and help clients in every industry achieve better business outcomes.
More Global 1000 organizations trust IBM to secure their critical enterprise data than any other technology provider. The fact is, we provide the simplest, most robust solution for safeguarding financial and ERP information, customer and cardholder data, and intellectual property stored in your enterprise systems. Our enterprise security platform prevents unauthorized or suspicious activities by privileged insiders and potential hackers. It also monitors potential fraud by end-users of enterprise applications such as Oracle E-Business Suite, PeopleSoft, SAP and in-house systems.
Dell Software simplifies IT management, mitigates risk, and accelerates results through the following: Data Center and Cloud Management: Enables enterprise cloud management and app management across public, private and hybrid clouds, including active directory auditing, exchange auditing, SharePoint auditing, file server auditing, Windows Server migration and management, as well as,application performance management (APM).
At the same time, our solution optimizes operational efficiency with a scalable, multi-tier architecture that automates and centralizes compliance controls across your entire application and database infrastructure. But as remarkable as this solution is for what it does, it’s equally remarkable for what it doesn’t do. It has virtually zero impact on performance, does not require changes to your databases, and does not rely on native database logs or auditing utilities.
Information Management: Simplifies management of business intelligence, big data analytics, and databases on any technology platform including development and administration, productivity tools, as well as, database performance management.
InfoSphere Guardium is the only solution that addresses the entire database security and compliance lifecycle with a unified Web console, back-end data store and workflow automation system, enabling you to:
Mobile Workforce Management: Enables user mobility without sacrificing IT control with an end-toend framework including desktop virtualization.
• • • •
Security: Enhances IT security and reduces risks, network defense, remote access, email protection and endpoint control including identity and access management and privileged password management.
Dell™ SonicWALL™ Next-Generation Firewalls, delivers superior intrusion prevention, malware protection, application intelligence and control, real-time traffic visualization and inspection for SSL encrypted sessions at the gateway by tightly integrating a patented Reassembly-Free Deep Packet Inspection®1 engine with multi-core hardware. Essential to an intelligent and highly adaptive security system, Dell SonicWALL Next-Generation Firewalls scans every byte of every packet for the deepest level of network protection and, unlike competitive offerings, massively scales to extend state-of-the-art security to growing and distributed enterprise networks. Dell SonicWALL firewalls provide a comprehensive layer of defense by combining gateway content filtering, anti-spam, anti-virus, anti-spyware, intrusion prevention, and regain visibility into the network through application intelligence and visualization.
Locate and classify sensitive information in corporate databases. Assess database vulnerabilities and configuration flaws. Ensure configurations are locked down after recommended changes are implemented. Provide 100% visibility and granularity into all database transactions – across all platforms and protocols – with a secure, tamper-proof audit trail that supports separation of duties. Track activities on major file sharing platforms like Microsoft Share Point. Automate the entire compliance auditing process - including report distribution to oversight teams, sign-offs and escalations - with pre-configured reports for SOX, PCI DSS and data privacy.
• •
• • • • • • •
Prevent cyber attacks Monitor and block privileged users Detect application - layer fraud Enforce change controls Real-time alerts Control firecall IDs SEM Integration
Monitor and Enforce
Audit and Report
Critical Data Infrastructure • Find and classify sensitive data • Continuously update security policies • Discover embedded malware and logic bombs
Find and Classify
Assess and Harden
• • • • • • •
Automated and centralized controls Cross-DBMS audit repository Preconfigured policies / reports Sign-off management Entitlement reporting Minimal performance impact No database changes
• Assess static and behavioural database vulnerabilities • Configuration auditing • Preconfigured tests based on best practices standards (STIGS, CIS, CVE)
Enterprise Certificate Management and Auto-Provisioning
Multi-Factor Authentication, HSMs, and Data Encryption safenet-inc.com
venafi.com
SafeNet is a global leader in information security, protecting data at rest, data in motion, data in use, software and license management with the broadest range of security solutions in the world. The Company protects critical business data, communications, financial transactions, and digital identities through a full spectrum of encryption technologies.
Venafi Director Securing trust. Protecting keys and certificates.
SafeNet is the third largest information security company in the world, which brings to market integrated solutions required to solve customers’ increasing security challenges. The organization serves more than 25,000 corporate and government customers in 100 countries. SafeNet persistently protects your organization - from idea to action - by engineering solutions that adapt as your business evolves, giving you the confidence and agility you need to go farther, faster, smarter. These industry-leading encryption solutions equip you with the agility you need to adapt to change and act on opportunity. Application Protection: SafeNet ProtectApp provides policy-driven access, centralized management, and efficient encryption for sensitive, structured data stored in the application layer. Database Protection: SafeNet ProtectDB safeguards the sensitive corporate and customer information stored in across heterogeneous databases Disk and File Encryption: SafeNet produces the world’s highest rated and most cost-effective disk and file protection solutions. Network and WAN Encryption: Proven reliability, highest throughput, and lowest latency make SafeNet’s network security devices the ideal solution for protecting data in motion. Hardware Security Modules (HSMs): SafeNet Hardware Security Modules (HSMs) are the most secure and highest performance solution in the market for the provision of encryption, decryption, authentication and digital signature services. Multi-Factor Authentication: Authentication serves a vital function within any organization — securing access to corporate networks, protecting the identities of users, and ensuring that a user is who he claims to be. Yet the recent surge in high-profile security breaches, as well as evolving business environments that require entirely new considerations for access control - like SaaS applications and mobile device management – represents a shift in how trust and control is established and maintained.
Venafi Director prevents, detects, and remediates attacks and policy violations involving cryptographic keys and digital certificates - the foundation of trust for every enterprise. Forrester reports 44% of enterprises have fallen prey to attacks on keys and certificates and existing security systems “are not a substitute for securing keys and certificates that can provide an attacker trusted status that evades detection.” Venafi helps secure and protect keys and certificates by: •
Preventing attacks with automated discovery and intelligent policy enforcement
•
Detecting and reporting on anomalous activity that deviates from policies
•
Remediating anomalies by replacing keys and certificates and returning to a known good state
Venafi customers include the world’s most prestigious Global 2000 organizations in financial services, insurance, high tech, telecommunications, aerospace, healthcare and retail.
T he Smart Route to Visibility
Next Generation Malware, APT and Threat Protection
gigamon.com
fireeye.com
Gigamon® provides intelligent Traffic Visibility solutions for enterprises, data centers and service providers around the globe. Our technology empowers infrastructure architects, managers and operators with unmatched visibility into the traffic traversing both physical and virtual networks without affecting the performance or stability of the production environment. Through patented technologies, the Gigamon GigaVUE® portfolio of high availability and high density products intelligently delivers the appropriate network traffic to security, monitoring or management systems. The result is, companies have the ability to:
Like water, cybercrime moves effortlessly around obstacles. Since governments and enterprises have implemented stronger policy and signature-based protections for regulated data and endpoints, sophisticated criminal organizations have changed their tactics, using different tools and targeting intellectual property and other networked assets . Replacing mass-market malware, this next generation of threats is personalized and persistent. Threats are targeted, ever morphing, dynamic and zero-day. These carefully staged attacks look innocent as they walk by traditional firewall, IPS, anti-virus and Web gateways that rely on signatures and known patterns of misbehaviour. Once inside, malware phones home for instructions, which could be to steal data, infect other endpoints, allow reconnaissance, or lie dormant until the attacker is ready to strike. FireEye is the leading provider of next-generation threat protection focused on combating advanced malware, zero-day and targeted APT attacks. FireEye’s solutions supplement security defenses such as next generation and traditional Firewalls, IPS, AV and Web gateways, which can’t stop advanced malware. These technologies leave significant security holes in the majority of corporate networks. FireEye’s Malware Protection Systems feature both inbound and outbound protection and a signatureless analysis engine that utilizes the most sophisticated virtual execution engine in the world to stop advanced threats that attack over Web and email. Our customers include enterprises and mid-sized companies across every industry as well as Federal agencies. Based in Milpitas, California, FireEye is backed by premier financial partners.
Providing Secure Access & Complete Visibility to all your data anywhere, anytime, while lowering the total cost of network management without affecting the performance or stability of the production environment. Through patented technologies, the Gigamon GigaVUE® portfolio of high availability and high density products intelligently delivers the appropriate network traffic to security, monitoring or management systems. With over seven years’ experience designing and building intelligent traffic visibility products in the US, Gigamon serves the vertical market leaders of the Fortune 1000 and has an install base spanning 40 countries.
Today, security-conscious enterprises and Federal governments choose FireEye™ for industry leading protection against these next-generation threats. FireEye combats advanced malware, zero day and targeted APT attacks. FireEye’s appliances supplement traditional and next-generation firewalls, IPS, AV and web gateways, adding integrated inbound and outbound protection against today’s stealthy Web and email threats. “Some IPS/IDS/NGFW vendors are no better at handling evasions today than they were when they released their original products.” Advanced Evasion Techniques: Weapon of Mass Destruction or Absolute Dud?, Bob Walder, Gartner, 2011 “With FireEye, we can now see and stop the attacks targeting our in-house and remote users. It has been an eye-opener for us to be able to determine with accuracy the threats that are passing through the firewall, URL gateway, IPS and antivirus.” Director of Information and Data Security, Global 500 Financial Services firm.
Network Forensics and Security Intelligence
Application White Listing, Black Listing and Baselining
bluecoat.com
Blue Coat empowers enterprises to safely and quickly choose the best applications, services, devices, data sources and content, so they can create, communicate, collaborate, innovate, execute, compete and win in their markets. Security technology can focus on prevention and prohibition—and instill a culture of fear. Or it can center on possibilities, and help companies unleash their full business potential. Blue Coat offers more than the industry’s most advanced and sophisticated security technology. Blue Coat offers a whole new outlook on how security technology provides business value. It’s called Business Assurance Technology. And it’s delivered by Centers, a comprehensive array of technologies, products, services, and capabilities that give organizations total protection—and help them see and exploit new opportunities to reach full business potential. The Business Assurance Technology consist of Solutions Centers that enables enterprises to tightly align network investments with business requirements, speed decision-making and secure business applications for long-term competitive advantage.
bit9.com
Why Bit9? Traditional Security Solutions Cannot Protect Against todays advanced threats and malware. Today’s Cyberthreats Your number-one goal as an IT security professional is to protect your organization from advanced threats and malware. But with today’s evolving threat landscape and the security industry’s 20-year-old signature-based security tools, this is becoming increasingly harder to do. How do you stop Advanced Threats and Malware? By adopting the approach that thought-leaders recommend: Only allow software you trust to run in your environment—and deny everything else by default. That stops all forms of malware— including targeted, customized attacks specifically aimed at your organization that evade signature-based approaches. What makes Bit9 Unique?
Solution Centers:
Adopting a Trust-Based Approach has three simple requirements:
•
Security and Policy Enforcement Center: Delivers business continuity by protecting against threats and data loss
•
Mobility Empowerment Center: Extends protection and policy to users in any location on any device
• • •
•
Trusted Application Center: Enables organizations to safely deploy and consume all types of applications
•
Performance Center: Aligns IT infrastructure with business priorities to assure and accelerate user experience
•
Resolution Center: Enables organizations to identify and resolve the full scope of advanced targeted attacks
•
Advanced Threat Protection: See and block advanced threats as they happen, and continuously monitor for hidden threats that bypass your network security defenses.
Real-time visibility into every server, endpoint and fixed-function machine. Define your trust policies. Apply your trust policies.
Thought leaders agree on two simple points: 1.
Traditional security tools, especially anti-virus, are ineffective against today’s advanced threats.
2.
Trust-based security, which includes application control and whitelisting, is a requirement in today’s world of advanced threats.
How does Bit9 Work? Core Technologies • Trust • Real-time Sensor and Recorder • Bit9 Cloud Services Four Major Capabilities • Visibility • Detection • Protection • Forensics
Endpoint Forensics, Analytics and Incident Response guidancesoftware.com
Streamline Your E-Discovery Process with EnCase® eDiscovery Complete A market leader in e-discovery software, EnCase® eDiscovery Complete gives in-house counsel control and oversight of every phase of the electronic discovery process. This comprehensive and scalable solution for managing electronic evidence for litigation or investigative matters significantly reduces the risk and cost of e-discovery. From initiating legal hold and preservation to early case assessment (ECA), document review and production, EnCase® eDiscovery Complete combines the power of EnCase eDiscovery with the flexibility of CaseCentral cloud review to establish the ideal e-discovery environment for corporate legal departments. EnCase® Enterprise v7 Give your security specialists, investigators, computer incident-response teams, and litigation specialists everything they need to immediately and thoroughly search, collect, preserve, and analyze data from servers and workstations anywhere on your corporate network—without disrupting operations. Be confident in your findings using EnCase® Enterprise, the trusted and industry-leading digital forensics solution used by more than 60% of the Fortune 100 companies and by numerous government agencies. EnCase® Cybersecurity EnCase® Cybersecurity is the endpoint incident response and data auditing software solution designed to reduce costs and complexities associated with the incident response process and reduce the risk of exposing sensitive data to loss or theft. EnCase® Cybersecurity helps prioritize analysis of potentially infected systems, determine source and scope of an incident, identify potential data loss scenarios and minimize time to remediation. EnCase® Forensic v7 EnCase® Forensic, the industry-standard computer investigation solution, is for forensic practitioners who need to conduct efficient, forensically sound data collection and investigations using a repeatable and defensible process. The proven, powerful, and trusted EnCase® Forensic solution, lets examiners acquire data from a wide variety of devices, unearth potential evidence with disk level forensic analysis, and craft comprehensive reports on their findings, all while maintaining the integrity of their evidence. EnCase® Portable Powerful Triage and Collection EnCase® Portable is a powerful solution, delivered on a USB device, that allows forensic professionals and non-experts to quickly and easily triage and collect vital data in a forensically sound and courtproven manner.
Vulnerability Management and Security Benchmarking
tripwire.com
Tripwire is the leading provider of Information Risk & Security Performance Management solutions to more than 6,500 businesses and government agencies worldwide. Tripwire solutions enable enterprises of all sizes to 1) automate compliance and reduce risk, and 2) measure and compare the performance of their IT security program with their own goals and industry peers. Tripwire delivers an integrated and open solution connecting Tripwire and third-party security products to leverage all available information to protect IT assets and high value data. Tripwire offers the industry’s first security performance management application for CISOs - that gives CISOs a metrics language to communicate their company’s security performance just like the CFO describes financial performance. From vulnerability management to agentless compliance policy auditing and file integrity monitoring, Tripwire provides best-in-class products for reducing information risk and aligning security strategies with business initiatives. Tripwire delivers solutions for your business’ security and compliance needs – regardless of size or industry. How Tripwire secures your organization •
Configuration Policy Auditing shows compliance against internal or international policies/ baselines and alerts on deviations
•
Vulnerability Management prioritizes remediation of vulnerabilities across the entire technology stack
•
File Integrity Monitoring warns on unauthorized changes
•
Web Application Scanning finds flaws across your web sites
•
Security Performance Management consolidates and compares security metrics from your security solutions
Tripwire is headquartered in San Francisco, CA, with regional offices throughout the United States, London and Toronto.
Layer-3 Device Vulnerability Management
Vulnerability Aggregation, Penetration Testing and Validation coresecurity.com
redsealnetworks.com
Core Security is the leading provider of predictive security intelligence solutions for enterprises and government organizations. Built on the success of CORE Impact, the world’s leading penetration testing tool, we help more than 1,400 customers worldwide proactively identify critical risks and match them to unique business objectives, operational processes and regulatory mandates. Core Security partners with a variety of complementary technology vendors to provide prebuilt integration and interoperability. Our patented, proven, award-winning enterprise solutions are backed by more than 15 years of applied expertise from CoreLabs, the company’s innovative security research center.
RedSeal is security risk management solution that provides continuous monitoring of the access paths within both corporate and government network environments. It gathers the configurations of all the network devices: firewalls, routers, mobile device controllers and load balancers, building a virtual model of your network by analyzing how the rules on all of these devices work together to defend business assets. In turn, it can validate these access configurations against governmental and industry-driven regulations as well as internally defined security policies.
Core Security : The Power of Thinking Ahead
One of the main reasons why breaches continue to happen is that, it is very difficult to visualize and maintain an accurate and common view of the network across networks and security operations teams.
As the leading provider of predictive security intelligence solutions, CORE Security answers the call of organizations demanding a proactive approach to eliminating business risk. Our solutions empower customers to think ahead, take control of their security infrastructure, and predict and prevent IT security threats.
RedSeal allows organizations to: •
Pinpoint weaknesses and risks through complete end-to-end network visibility including mobile networks, with support for all network device and security software vendor solutions via a comprehensive partner ecosystem.
•
Improve productivity with automated, exposure-based remediation prioritization to mitigate cyber risk.
•
Maximize efficacy of existing security investments with predictive threat modeling and metrics for in-depth assurance and situational awareness.
•
Cut compliance costs with automated continuous audit and control monitoring of the entire network device infrastructure.
Organizations have to predict security threats – not just react to them Today, the majority of security spending is focused on solutions that take defensive or reactive approaches to threats. As a result, security teams are saddled with overwhelming amounts of disparate security data, tools that don’t communicate, and alerts that sound only after the damage has been done. Organizations that seek to survive and thrive must go on the offensive and predict and preempt threats before it’s too late. Core Insight Enterprise • • • • • •
Enterprise-class predictive security intelligence platform Business risk identification, validation and prioritization Continuous threat simulation Continuous, proactive threat simulation Dashboard view of an organization’s security risk profile Attack path discovery and remediation modeling
Core Impact Professional • • • •
Automated, on-demand penetration testing Vulnerability validation from all leading scanners Multi-threat surface investigation Regulatory compliance verification
Supplement Existing Network Infrastructure RedSeal delivers the industry’s most powerful network and security operational insights using patented network visualization and predictive threat modeling. The RedSeal 6 platform supplements traditional and next generation network infrastructure SIEM systems, and GRC platforms.
Dynamic and Static Application Vulnerability Testing
User-Centric Data Classification
rational.com
titus.com
IBM Rational AppScan can identify, prioritize, track and remediate critical security vulnerabilities throughout the application life cycle.
TITUS is one of the world’s most recognized data security and governance solution providers. Our products assist more than 2 million users in over 100 countries around the world to protect their sensitive information.
Many organizations depend on web-based software to run their business processes, conduct transactions and deliver increasingly sophisticated services to customers. Every application destined for online deployment should address security issues as an integral part of the software delivery process. Unfortunately, in the race to meet deadlines and stay ahead of the competition, many businesses fail to perform adequate security testing, and the resulting vulnerabilities provide ample opportunity for hackers to access or steal corporate or personal data placing the entire business at risk. The most efficient way to stay ahead of application security vulnerabilities is to build software securely, from the ground up. The challenge is that the majority of developers are not security experts, and secure coding is historically not identified as a priority relative to delivering functionality on time and on budget. As a result, web-based and non-web based applications alike continue to be deployed riddled with vulnerabilities ready for exploitation, easily risking sensitive data to a breach. The onerous task of vulnerability identification and remediation cannot be successfully addressed by limited IT security resources. So the best way to engage development in the process of application security is to provide them with tools that fit into their existing environment and workflow, and that generate results in a language they understand. The IBM Rational AppScan software portfolio enables organizations to embed application security testing throughout the development life cycle to help increase visibility and control while employing a risk mitigation strategy. From requirements, through design and code, security testing, and into production, Rational AppScan software helps to ensure that critical security vulnerabilities are identified, prioritized, tracked, and remediated across the application lifecycle. In short, Rational AppScan software helps you to design security into your application infrastructure.
Our Difference: Involving the User in Data Security and Governance A successful data security and governance strategy starts with ensuring that important data assets are formally managed and secured throughout the enterprise. Data security and governance becomes most effective when all employees are involved. Our Innovation: Ensure the Right Users Have Access to the Right Data TITUS solutions ensure that information is governed properly by clearly identifying the sensitivity of every piece of information. Once information is identified, organizations can control governance policy to automate data security and information management. With TITUS, information is clearly identified and easily protected, compliance mandates are being met and inadvertent data loss is radically reduced. TITUS solutions focus on: Data Classification – TITUS provides user-friendly solutions to classify information in order to prevent data loss, raise security awareness, and comply with regulations. Data Loss Prevention – TITUS makes users the first line of defense against data loss and leverages metadata to enhance existing security technologies. SharePoint Security – TITUS helps organizations ensure the right people have access to the right information in SharePoint. Data Security and Compliance – TITUS solutions address regulations, standards, government legislated directives, and internal security awareness policies such as ITAR, ISO 27001, NERC and many others.
Secure Information Sharing: Encryption and Rights Management booleserver.com
Boole Server is a secure, scalable system designed to safeguard any sensitive data, while allowing it to be shared with staff, partners and customers as and when needed. It ensures that data cannot be stolen or lost in transit or on the server, and that only authorized recipients can use, edit or view specific files. Each owner of a file can give authorization to specific groups or individual users, to view, print, copy or modify files. Authorization can also be limited by location or by time, allowing authorized users to access or view a file for a period of several weeks or just a few seconds. Boole Server keeps records of everything that happens to each file and the activity of each user, allowing organizations to run audits whenever they are required, for internal knowledge or for compliance needs. The technology components within Boole Server are: • • • •
2048-bit military-grade encryption (using a modified symmetric RC6 algorithm) Enterprise Rights Management (ERM/IRM/RMS)that extends beyond the corporate domain Advanced data-centric Data Loss Prevention(DLP) Real-time policy enforcement and comprehensive auditing
Boole Server is a secure and comprehensive platform designed to protect, share, store and control any sensitive data – wherever it is • • • •
Protect any type of file from unauthorised interceptions through military grade encryption (RC6 algorythm – 2048 bits) Shared at a solely amongst authorised users, both internal and external to the organization quickly and easily Store information in encrypted format wherever needed Control in realtime of all user and files activity: who accesses what, when and how
Secure Managed File Transfer and Large-File Email Bypass
ipswitch.com
MOVEit Managed File Transfer: Today’s businesses share more information electronically than ever before between their business partners, customers, and employees. Ipswitch’s MOVEit Managed File Transfer (MFT) System is the best way to reliably move that information in a timely, controlled, and secure manner to improve business productivity, meet SLAs and compliance requirements, and gain visibility and control of file movement. MOVEit File Transfer: MOVEit File Transfer server is the reliable and secure hub that IT needs to transfer the organization’s business files. With its broad protocol support, MOVEit File Transfer server connects with any system, server or client. Using the latest security technologies, it protects files both in transit and at rest. And as part of the MOVEit Managed File Transfer System, MOVEit File Transfer gives IT the visibility and control they need to confidently meet SLAs and compliance requirements. MOVEit Central: MOVEit Central enables you to easily automate your file-based workflows. MOVEit Central provides a simple but powerful user interface for defining business workflows that’s easy enough for anyone on your IT team to use because no scripting is required. The heart of MOVEit Central is a reliable workflow engine that ensures the predictable, secure delivery of your business files. Plus, a powerful centralized console ensures you’ll have visibility and control over all file movements. That is why hundreds of companies, including many in healthcare and finance, have turned to MOVEit Central to automate their file-based workflows and confidently meet their SLAs and compliance requirements. MOVEit Mobile: IT departments want to give users the ability to transfer work files using their mobile devices while keeping the enterprise security they rely on with MOVEit. They want to allow users to upload and download files from either iOS or Android phones and tablets. Most importantly, they want to extend the secure, compliant, file-based processes to people when they are mobile. MOVEit Mobile enables mobile workers to reliably and productively participate in file-based business process workflows, while providing IT the security, visibility and control required to confidently run their business and meet compliance requirements. MOVEit Ad Hoc: To get their work done employees are circumventing IT by turning to new, web-based consumer services to send and receive files, creating control, visibility, and security challenges for the business. MOVEit Ad Hoc Transfer offers employees and businesses a better alternative. For employees, MOVEit Ad Hoc Transfer enables easy transfer of files of any size using a familiar interface: either Microsoft Outlook or a web browser. For IT, MOVEit Ad Hoc Transfer provides the comfort of knowing sensitive business files are being sent and received through a secure, enterpriseclass Managed File Transfer system. Plus, the system relieves your email and storage systems from the burden of transferring and storing large files.
Encrypted and Biometric USBs, and Hard Drives
Secure Mobile Device Management mobileiron.com
ironkey.com
Workers demand flexibility, usability, and choice in the face of their escalating compliance and security needs. IT is caught in the middle trying to enable the workforce while avoiding the nightmares that come with security breakdowns. Imation’s solutions enable you to be confident that your organization has the right solutions in place to safeguard data for your road warriors, teleworkers and contractors. When you secure your mobile workforce, you can say YES! to letting employees work they way they want to work anywhere, anytime. Secure Data Persistent Protection For Sensitive Data Imation’s secure storage devices and media options combine data encryption and strong user authentication to give mobile workers secure and convenient access to their data. Cloud-based or on-premise advanced device management software lets you ensure security policies follow workers no matter where they go, while giving you the ability to remotely revoke access or disable devices that are lost or stolen. Choose the Imation secure mobile storage solution that best fits your needs, and keep data where it belongs. Secure Workspace Boot Windows Desktops From Secure USB Devices Your employees are mobile. Now, their Microsoft Windows® 7 work environment can be too. Imation’s portable USB desktops transform any computer into a trusted IT-managed workstation, so workers can take all their data, applications and systems with them, securely and reliably. Secure Identity Secure Storage + Secure Identity On A Single Managed Device Securing the digital identities of mobile employees, teleworkers and contractors is an essential part of a secure mobile storage implementation. Imation makes it easy by providing enterprise-class identity management capabilities on the world’s most secure USB storage devices. Featuring an on-board encryption engine that protects both identities and data, Imation Enterprise USB flash drives combine PKI crypto services, two-factor authentication and strong password management with military-grade mobile storage. Administering identity policies and other features is easy with the Imation™ Enterprise Management Service powered by IronKey™, the platform for centrally managing Imation Enterprise drives.
MobileIron solutions provide end-to-end security and management for apps, docs, and devices. Thousands of customers worldwide trust MobileIron solutions as the foundation of their mobile strategy. Utilizing MobileIron, IT can now establish a virtual perimeter to secure mobile delivery of business data and applications while preserving an excellent user experience, even on employeeowned smartphones and tablets. MobileIron offers a number of product bundles to enable you to effectively meet your Mobile IT requirements. Whether you currently want to start your mobile journey by securing devices in a BYOD initiative or whether you require a comprehensive mobile IT infrastructure capable of transforming your business into a Mobile First enterprise, MobileIron has the product to meet your requirements. MobileIron is available as both an on-premise system and as a cloud service through the MobileIron Connected Cloud. MobileIron Advanced Mobile Managment MobileIron Advanced Mobile Management is the foundation for your Mobile IT infrastructure. Comprised of MobileIron Atlas and Sentry, It contains all required functionality to 1) Manage mobile devices in a secure and scalable environment and 2) Deploy an enterprise mobile app storefront. All MobileIron solutions for Mobile Apps, Content, and Web Access build upon the Advanced Mobile Management Product. MobileIron Docs Bundle The Docs Bundle includes both MobileIron Advanced Mobile Management and Docs@Work. It builds upon the proven MobileIron MDM foundation to enable secure mobile access to corporate web content including Enterprise email attachments and documents stored in SharePoint environments. The Docs Bundle is an ideal solution for those organizations that want to empower their employees with secure mobile access to enterprise content. MobileIron Apps Bundle The Apps Bundle includes Apps@Work and Advanced Mobile Management. It provides a complete solution for enterprise mobile apps, securing both the app data on the device through AppConnect functionality, and data in motion, by leveraging AppTunnel. For those organizations that are fully embracing native mobile apps, the Apps Bundle is the choice.
IT Audit, Compliance, Risk Assessment and Managed Security Services
securelinkme.net
SecureLink is a regional security services provider based in Dubai, UAE catering to customers across the Middle East Region. The company’s 3-O delivery philosophy (OnLine, OnDemand and OnSite) harnesses the power of the Intelligence, Protection, and Validation platform making SecureLink approach security services differently – with a Data-Centric point-of-view, focusing on sensitive data to enable informed security decision-making, and in turn to effect measurable action. Delivery Philosophy • • •
OnLine OnDemand OnSite
Solutions: Intelligence
What is 800CYBER? 800CYBER is a unique combination of Managed Cyber Security Services that cover your security requirements and provide intelligence to be able to protect your infrastructure and monitor it 24/7; our core strength is our qualified security analysts and operations that will manage and monitor your environment round-the-clock while you concentrate on running your business. We deliver services based on high levels of security standards and best-practices, with many deliverables that you can customize and scope to match your business requirements in order to get the maximum value from your investment.
Why Managed Security Services?
A platform that combines and integrates security intelligence (SIEM) and enterprise governance, risk & compliance (eGRC) with deep analytic capabilities and real-time data feeds from hundreds of different sources to give organizations the ability to help proactively protect themselves from increasingly sophisticated and complex security threats and attacks. The platform arms organizations with deep insight into all aspects of enterprise-wide governance, risk, and compliance.
•
Protection
•
Provides in-depth security protection for user, data, application, network and endpoint functions through best-of-breed security solutions that helps organizations achieve reliable information security to protect assets with a Data-Centric point-of-view, focusing on sensitive data as it’s the most critical assets.
•
Validation Delivers a range of security services to simplify security management and to accelerate the speed of real-time protection against threats by detecting attacks, assessing vulnerabilities, and responding with effective remediation.
• •
Managed Services allow you to move business functions from the balance sheet to the income statement. Instead of high investments in soon-to-be-obsolete assets, you have ongoing operating expenses and business function that are always kept up-to-date. Security analysts watching your environment 24/7/365 Proactive response and alerting when security incidents appear on our monitoring systems and taking the right action on time. Management of your security devices such as firewalls, IPS systems and others based on ITIL standards. Ability to run operational activities such as security patching and configuration changes after your working hours.
Our Prestigious Customers
500+ Customers in The Middle East StarLink’s strong base of customers includes leading financial institutions, the largest telecommunications companies and high-profile government organizations. StarLink helps these organizations achieve and sustain compliance and optimally manage risks through full policy, procedure and controls lifecycle management. StarLink’s solution offerings are now installed in more than 500 data centers in the region, including 100 of the top regional banks and 15 of the region’s top Telcos. Our customers trust StarLink to secure their critical enterprise data and safeguard access to sensitive data in the most demanding datacenter environments in the region by monitoring, securing and auditing privileged user access to provide 100% visibility on all activities. Customer Testimonials: Saudi Hollandi Bank implements e-DMZ Security to manage privileged users password and monitor remote access activities “We chose the Password Auto Repository (PAR) and eGuardPost (eGP) from e-DMZ Security because it was uniquely designed to solve enterprise security and compliance issues associated with the management and control of shared privileged passwords such as root and administrator. The issue of Privileged Password Management and the unique features of PAR contribute directly to many specific PCI requirements,” said Ali Alotaibi, IT Security Manager, Saudi Hollandi Bank. National Bank of Kuwait Implements Guardium to Prevent Unauthorized Database Changes by “Super Users” “We chose Guardium because they have become the ‘gold standard’ for database security and monitoring,” said Tamer Gamali, Chief Information Security Officer (CISO), National Bank of Kuwait. “We needed tighter internal controls over our critical Oracle- and Microsoft SQL Server-based Financial Systems. We considered solutions based on native database auditing, but Guardium gives us automated, real-time security alerts along with full visibility into all transactions without impacting database performance. It also provides a scalable, crossDBMS audit architecture for handling the massive amounts of transactions in our large-scale heterogeneous data centers.” Abu Dhabi Commercial Bank Implements Guardium to Strengthen Database Controls “We were seeking a unified, cross-DBMS solution that delivers granular, real-time controls without the complexity, overhead and risk of native DBMS-resident auditing, and Guardium fulfilled all our requirements. Our goal is to ensure that critical information is stored securely through the adoption of best-of-breed technologies.” said Steve Dulvin, Head of IT Security at Abu Dhabi Commercial Bank.
Geographical Locations Regional Headquarters Office 4301 Mazaya Business Avenue – BB2, JLT Dubai, UAE P.O. Box 99580 T: +971 4 279 4000 | F: +971 4 447 3551 | info@starlinkme.net
Regional Offices New York City, USA 295 Madison Ave, 12th Floor, New York City, NY. 10017 T: +1 917 289 1114 | F: +1 917 289 2322 usa@starlinkme.net
Riyadh, KSA Office 202 Fahdah Center - Tahliah Street, Riyadh, KSA P.O. Box 295833 Zip code: 11351 T: +966 1 2177522, 2191952-3 | F: +966 1 2191926 ksa@starlinkme.net
Kuwait City, Kuwait Office 1408 Shayma Tower, Murgab Block 3, Plot 8A+8B, P. O.Box 5819, Safat 13059 Omar Ibn Al Khattab Street, Kuwait City, Kuwait T: +965 22271738 | F: +965 22271666 (Shared Fax) kuwait@starlinkme.net
Istanbul, Turkey Fatih Sultan Mehmet mah. Poligon cad. no: 8C, Buyaka2 Sitesi Kule-3 Daire no: 118 34771 Ümraniye, İstanbul, Turkey T: +90 216 510 6909 | F: 90 216 510 6908 turkey@starlinkme.net
Johannesburg, South Africa 1st Floor Palazzo Towers West, Montecasino, William Nicol Drive, Fourways Johannesburg, South Africa T: +27 83 615 4321 sa@starlinkme.net Manama, Bahrain T: +973 367 11990 bahrain@starlinkme.net Muscat, Oman T: +968 9 584 9513 oman@starlinkme.net Doha, Qatar T: + 974 3 398 4020 qatar@starlinkme.net
Office 4301 Mazaya Business Avenue – BB2, JLT Dubai, UAE P.O. Box 99580 T: +971 4 279 4000 | F: +971 4 447 3551 | info@starlinkme.net U S A
|
U A E
|
K S A
|
K U W A I T
|
B A H R A I N
|
Q A T A R
|
O M A N
|
T U R K E Y
|
S O U T H
A F R I C A