 |
|
| |
|
Security
Feature of the Month: |
|
| Citrix Password Manager - Single Password Sign On |
|
| ITMA Growing Strong in 2006 | |
| Microsoft Office Professional Cash Rebate | |
| CPR Learning Center News | |
Upcoming Events: |
|
| • | Wireless
Security Seminar |
| • | Online
Backup Solutions Seminar |
| • | Business
Continuity Seminar |
| • | GeekAid |
Phone Numbers: Grand
Rapids: Kalamazoo:
|
|
Security
Feature of the Month:
Protecting Sensitive Data
The recent rash of highly-publicized laptop thefts has
led to a corresponding increase in articles on what to do about sensitive
customer data on employee laptops. Many of these articles are too narrowly
focused and need to expand their scope to all removable media. Laptops
aren’t the only problem. Floppy disks, compact discs, memory cards,
external hard drives and even old backup tapes are all part of the problem
of sensitive customer data ending up in the wrong hands.
Experts suggest a variety of practices for restricting the use of such devices and limiting employee access to sensitive data, ranging from banning portable storage devices entirely to an increased focus on data encryption and digital rights management. An inexpensive option is the encryption capability that is included with Microsoft Windows 2000/XP, however there may be limitations for an enterprise solution that handles mission critical data. A data encryption policy needs to be combined with an access control policy. An effective design should allow for centralized management of encryption that enables the data owner, not the data user, to control data viewing. So far, only expensive third-party solutions are promising that.
If
you don’t already have removable media addressed in your security
policy, it’s easy to do so. The SANS Institute continues to maintain
its Security Policy Project at: http://www.sans.org/resources/policies.
They actually want you to take their sample policies and use them. The
State of Oklahoma has addressed removable media, remote access, disposal
of media and access control in their security policies at: http://divisions.okcareertech.org/sdcs/policies.
If you are a financial institution or medical facility subject to the
Gramm-Leach Bliley Act (GLBA) or Health Insurance Portability and Accountability
Act (HIPAA), CPR’s Director of Security - Scott Montgomery maintains
a library of security policies that specifically address their auditors’
requirements. Just remember that any security policy needs to be reviewed
by your legal counsel before being put into effect.
Security policies, however, are all subject to one thing: the human factor. Security policies will not protect the company if they are not followed. In the end, you have to trust your employees. In addition, background checks are an essential part of your hiring practices and follow up on continued background and credit checks of existing employees who handle sensitive data.
The solutions we may be headed toward are infrastructure changes. It may be too much to ask to keep your clients’ data secure while providing for all the demands of an increasingly mobile workforce. The most secure option may be keeping your companies or client’s data in a secure data center that is professionally maintained with all the backup, disaster recovery, remote monitoring and data security taken care of for you. This solution still offers the convenience of mobility with secure remote access that does not involve your clients’ data leaving the secure facility. For more on the advantages of using a secure data center or to have CPR's security experts assess your current security risks, contact your CPR Account Manager or info@cprgr.com.
Citrix
Password Manager – Single Password Sign On
The most efficient way to access all applications with a single password
Citrix Password Manager is the most secure, efficient and easy-to-deploy
enterprise single sign-on solution for accessing password-protected Windows,
Web and host-based applications. As a stand-alone solution or within the
Citrix Access Suite, Password Manager improves password security, makes
computing easy and can lower help desk support costs by 25%. Users authenticate
once with a single password, and Password Manager automates logons, policy
enforcement, and password changes, making connecting to applications easier,
faster and more secure.
To
learn more about Single Sign On and other Citrix Solutions such as Secure
Gateway and Secure Access Manager, click
here and a member of the CPR Team will contact you.
CPR continues to host the Michigan-based ITMA (Information Technology Management Association). ITMA is designed to put IT Executives face-to-face with industry experts and other IT department heads who are focused on the important issues of the time, such as Security, Disaster Recovery, Managed Services, Business Intelligence and Storage. Since January of 2004, ITMA has grown to 50+ member companies in West Michigan representing many industries, including manufacturing firms, financial, healthcare, government, education and services.
ITMA has a proactive mission to do one thing well: assist IT executives in doing their jobs better by providing access to knowledge, a local IT management peer group, and new ideas on IT management.
ITMA continues to bring value to its members by providing exclusive member services such as access to a “members-only database” – allowing individuals to contact members for assistance or a simple sounding board for IT projects, discounts and white papers from Info-Tech Research Group, access to industry analysts and special courses for IT personnel.
Monthly meetings are held at CPR, as well as specialized discussion groups. Company Sponsors of ITMA are Varnum Riddering Schmidt and Howlett, Hedrick Associates, Crowe Chizek, and CPR.
For
information on joining ITMA, contact Melissa
Engle at 616.575.8500 or visit www.itma.net.
If you are interested in attending the September ITMA Meeting –
IP Telephony as a guest, click
here.
Microsoft
Office Professional Cash Rebate
Up to $25,000 cash rebate on Microsoft Office Professional
2003
Purchase By: 9/30/2006
Redeem By: 10/31/2006
Product: Microsoft Office Professional 2003 Office SBE 2003 – purchased through the Small Business Desktop Platform SKU
Buy
Microsoft Office Professional 2003 through Microsoft Open License now
and receive a cash rebate of up to $125 per Office license. Get up to
$25,000 in total cash rebate value.
More info visit: https://www.microsoftincentives.com/OfficeOpenRebate/ or contact CPR’s Microsoft Licensing Champion by clicking here.
News from the CPR Learning Center
Debunking the Myths of Wireless Security
Tuesday, August 22, 2006
10:30am – 1:00pmLocation: CPR – Grand Rapids Office
CPR will explore wireless technologies and the fundamentals of securing your networks. Topics covered will include: benefits and standards, products and design, site surveys, installation, and security best practices.
To
learn more about Creating A Secure Wireless Network Lunch & Learn, click here. |
To
RSVP for Creating A Secure Wireless Network Lunch & Learn, click here. |
Online Backup Solutions Seminar
Planning, Preparing & Protecting your IT & Business Investments
Tuesday, September 12, 2006
8:30am – 10:30am Location: CPR – Grand Rapids Office
CPR will be hosting an informational seminar to share with you the latest in offsite online backup and other managed services. If you are struggling with "operational headaches" that come along with backup, lost data, long downtime during restore, and if you must deal with security and compliance issues, CPR's Protect service addresses these concerns. CPR's Managed Services Experts will review the business case for online backup and managed services including: monitoring, back up solutions, managing costs and planning for future growth.
To
learn more about the Online Backup Solutions Seminar, click
here. |
To
RSVP for the the Online Backup Solutions Seminar, click
here. |
Business Continuity Seminar: Building a Plan
Wednesday, September 20, 2006
8:00am – 10:30amLocation: Holiday Inn West – Kalamazoo
Business Continuity and Disaster Recovery are real concerns for most businesses. The process of assuring auditors, business owners and shareholders that you are taking the appropriate steps to plan and prepare for a business interruption can be difficult and costly.
What
procedures have you implemented? What plans do you have in place?
This information session will highlight the baseline information needed
to develop an effective business continuity plan. The approach presented
will assist attendees in prioritizing tasks based on several critical
factors, including regulatory requirements, cost, and operational effort.
To
learn more about the Business Continuity Seminar, click
here. |
To
RSVP for the the Business Continuity Seminar, click
here. |
GeekAid -
Supporting the West Michigan Center for Arts & Technology
Saturday,
August 19, 2006
3:00pm – 8:00pm
Location: Sparta Ampitheatre - Sparta, MI
Eclectic bandfest with an attitude and a cause, highlighting rising
Nashville star Travis Meadows. Sponsored by over 20 community-focused
West Michigan technology companies. For more information or to order
tickets, go to www.geekaidmich.com.
Cookin' for a Cure a Big Success
CPR Teammates raised $1,106 for team Koby’s Kruisers for the Juvenile
Diabetes Research Foundation. Thank you to our customers, teammates,
and partners for your participation and sponsorship. To learn more about
JDRF, click here.
If there's something you'd like to see in the next e.news, we'd like to know. Click on the following link to send us your suggestions:
info@cprgr.com.
Unsubscribe