PoliVec Applauds Emphasis on Policy as the Center of a Secure Enterprise as Outlined in Government's National Strategy to Secure Cyberspace.Business/Technology Editors MOUNTAIN VIEW, Calif.--(BUSINESS WIRE)--Nov. 19, 2002 Company Feedback Cites Automated Creation and Enforcement of Consistent Security Policies Among the Positives of White House Strategy To mark the close of the first 60-day comment period for the National Strategy to Secure Cyberspace In the United States government, the National Strategy to Secure Cyberspace, is a component of the larger National Strategy for Homeland Security. The National Strategy to Secure Cyberspace was drafted by the Department of Homeland Security in reaction to the September 11, 2001 , PoliVec, Inc., the trusted leader in security policy automation, today announced its support of elements of the strategy that promote the importance of written security policy within companies. The President's Critical Infrastructure Protection Department of Defense (DOD) program to identify and protect assets critical to the Defense Transportation System. Loss of a critical asset would result in failure to support the mission of a combatant commander. Board (PCIPB PCIPB President's Critical Infrastructure Protection Board (USA) ) introduced the comment period on September 18, 2002, when it released a draft of the National Strategy to Secure Cyberspace. The Board invited the National Infrastructure Advisory Committee, leaders from the concerned sectors of industry, academia, and state and local governments to submit their comments and advice to the strategy. According to according to prep. 1. As stated or indicated by; on the authority of: according to historians. 2. In keeping with: according to instructions. 3. the PCIPB, President Bush will review and approve the strategy over the next several months. PoliVec CEO (1) (Chief Executive Officer) The highest individual in command of an organization. Typically the president of the company, the CEO reports to the Chairman of the Board. Roberto Medrano said, "This strategy provides an excellent framework for outlining the priorities for large enterprises as they work to establish secure systems. Its emphasis on the need for enterprises to focus on putting policies, procedures and technologies in place to address such risks as insider threats and misconfigurations and to improve incident response matches up to the realities that we are seeing in the marketplace. PoliVec's customers rely on our policy automation solutions to prevent these risks and to enforce enterprise security through a holistic policy-based approach." Security-conscious companies are developing strategies for their corporate networks that are based on a set of written security policy standards. PoliVec's solutions provide these corporations with the missing link--automation--so that policy standards are not just established, but are implemented, audited, continuously monitored and enforced in real time. The security policy automation process, in part, addresses key concerns that the Administration highlighted in the draft of the National Strategy to Secure Cyberspace. PoliVec supports the following excerpts from the strategy that outline the PCIPB's recommendations for large enterprises: -- "Create a regular process to assess, remediate re·me·di·a·tion n. The act or process of correcting a fault or deficiency: remediation of a learning disability. re·me (sic Latin, In such manner; so; thus. A misspelled or incorrect word in a quotation followed by "[sic]" indicates that the error appeared in the original source. ), and monitor the vulnerabilities of the network; consider developing automated processes for vulnerability reporting, patching, and detecting insider threats." -- "Effectively mitigating the insider threat requires policies, practices and continued training. Three common policy areas which can reduce insider threat include: (1) access controls, (2) segregation of duties, and (3) effective policy enforcement." -- "Manage configuration to know exactly what hardware, operating systems Operating systems can be categorized by technology, ownership, licensing, working state, usage, and by many other characteristics. In practice, many of these groupings may overlap. and software are in use, including specific versions and patches applied." About PoliVec PoliVec is the trusted leader in security policy automation. PoliVec's innovative software enables companies to define, detect, deploy and document a consistent security policy across the enterprise. More than 80 customers have discovered that PoliVec delivers immediate security ROI (Return On Investment) The monetary benefits derived from having spent money on developing or revising a system. In the IT world, there are more ways to compute ROI than Carter has liver pills (and for those of you who never heard of that expression, it means a lot). by saving time, reducing system resources (1) In a computer system, system resources are the components that provide its inherent capabilities and contribute to its overall performance. System memory, cache memory, hard disk space, IRQs and DMA channels are examples. and offering unparalleled assurance for both internal and external audits. The PoliVec suite -- PoliVec Builder, PoliVec Scanner, and PoliVec Enforcer -- proactively detects and eliminates configuration vulnerabilities before they can be exploited. PoliVec continues to receive industry validation and recently won the 2002 "Best New Security Technology" award from SC Magazine. Headquartered in Mountain View, Calif., visit PoliVec at www.polivec.com. |
|
||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion