Cloakware Position Paper Reveals Crucial Password Security Measures for FISMA Compliance."Raising the Security Bar: Cloakware's Contribution to the Federal Information Security Management Act of 2002" Addresses Compliance Processes for Elevated Password Management VIENNA, Va. -- Cloakware Inc., a security solutions provider that makes security inseparable in·sep·a·ra·ble adj. 1. Impossible to separate or part: inseparable pieces of rock. 2. Very closely associated; constant: inseparable companions. from software, today announced the availability of its new position paper, Raising the Security Bar: Cloakware's Contribution to the Federal Information Security Management Act of 2002. In this paper, Cloakware identifies the importance of a comprehensive password management system for both elevated privileged accounts used by administrators and unattended applications in the data center and delivers a workable solution that complies with the Federal Information Security Management Act of 2002 (FISMA FISMA Federal Information Security Management Act of 2002 FISMA Federal Information System Management Act ). FISMA mandates that organizations bolster This article is about the pillow called a bolster. For other meanings of the word "bolster", see bolster (disambiguation). A bolster (etymology: Middle English, derived from Old English, and before that the Germanic word bulgstraz information security controls over resources that support federal operations and assets, including annual audits. Specifically, several sections in this legislation detail the requirements for data center password management. However, regular server password updates remain a weak point in many data centers because it is a manual, time-consuming, expensive process for IT departments. Without updates to the hundreds or thousands of unmanaged passwords in an organization, all data protected by those passwords is at risk. It is therefore crucial for organizations of all sizes to implement an organized system of password management because if left unchanged, these passwords pose a significant vulnerability to any IT department. In its position paper, Cloakware presents a solution on how to satisfy FISMA compliance requirements Compliance requirements are a series of directives established by United States Federal government agencies that summarize hundreds of Federal laws and regulations applicable to Federal assistance (also known as Federal aid or Federal funds). with a secure, automated au·to·mate v. au·to·mat·ed, au·to·mat·ing, au·to·mates v.tr. 1. To convert to automatic operation: automate a factory. 2. password management system. The key to an effective system should include steps towards both prevention and detection, including: * Eliminating the requirement to disclose application or server passwords to administrators, developers, partners and outsourcers; * Securely storing application and server passwords in an encrypted en·crypt tr.v. en·crypt·ed, en·crypt·ing, en·crypts 1. To put into code or cipher. 2. Computer Science , centralized cen·tral·ize v. cen·tral·ized, cen·tral·iz·ing, cen·tral·iz·es v.tr. 1. To draw into or toward a center; consolidate. 2. repository; * Minimizing the lifetime of critical, elevated-privileged passwords through regular password changes; * Controlling access by mapping acceptable password use policies to requesting administrators, servers and applications; * Providing strong authentication (1) Verifying the integrity of a transmitted message. See message integrity, e-mail authentication and MAC. (2) Verifying the identity of a user logging into a network. and authorization of administrators and applications for password retrieval requests; * Preventing software tampering tampering The adulteration of a thing. See Drug tampering. and reverse engineering attacks; and * Detecting customer application and password management software library tampering. "The yearly audits demanded by FISMA place increased emphasis and visibility on necessary improvements to the security of federal information systems," said Alec Main, Cloakware's CTO (Chief Technical Officer) The executive responsible for the technical direction of an organization. See CIO and salary survey. . "Federal organizations require solutions that meet the security and efficiency challenges of managing unattended and administrator passwords that contribute to quantifiable Quantifiable Can be expressed as a number. The results of quantifiable psychological tests can be translated into numerical values, or scores. Mentioned in: Psychological Tests and verifiable compliance. Cloakware offers organizations a useful and timely analysis for automating this critical process." To download Raising the Security Bar: Cloakware's Contribution to the Federal Information Security Management Act of 2002, visit the Cloakware web site at http://www.cloakware.com/whitepapers/013107/index.php. About Cloakware Cloakware is a security solutions provider that makes security inseparable from the software it protects. From applications and databases deep inside corporations, to consumer devices like music players, to military weapon systems, more and more software applications need to protect themselves from unauthorized user access and tampering. Only Cloakware's patented, layered, and compliance-driven approach to software self-protection delivers the trusted environment that the government, enterprise, and consumer markets require. As a result, Cloakware solutions are on more than 500 million devices, protecting the assets of some of the world's largest, most recognizable and technologically advanced companies. The company is headquartered in Vienna, Va., has offices in Ottawa, Canada and the UK, and regional sales offices throughout the US. |
|
||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion