Services
Security Management
Managing Access Rights and Security Policies
“One of the greatest administrative and security challenges within every IT and HR organization is provisioning – providing users with appropriate access to enterprise information and technology resources. This is especially true in today’s volatile business environment, where employee turnover, cost cutting and consolidation are all constant occurrences.”
According to a recent Forrester study, 80% of data security breaches involve insiders, employees or those with internal access to an organization, putting information at risk. The big challenge for companies today is to strike the right balance between providing workers with appropriate access and protecting sensitive information.
Each individual within a company needs to understand the role they play in maintaining security, and this is best achieved by publishing and strictly enforcing a security policy, a complex set of rules intended to protect a company’s technology resources and the data stored by those resources.
Designing, implementing and maintaining security policies are both time consuming and prone to ‘operator’ error.
Protect XP – CSP’s flagship product, which uses sophisticated modelling techniques to define and manage network-wide security policy on HP NonStop™ servers
Protect UX – simplifies the management of OSS security on HP NonStop™ servers, making it easy to browse and manage security settings
Authenticator – enhances system access protection by providing two-factor authentication on HP NonStop™ servers
Command Control and Audit
With the increased risk of security breaches involving employees, it is imperative that companies are able to control, not only programs that users have access to, but also to be able to ensure that no users are able to perform any privileged commands.
When a data breach is identified, every bit of information is necessary to identify what users were logged on, what programs they were accessing and even what commands they were issuing at the time of the breach. For this reason it is essential that detailed audit records are maintained and that the process of generating audit reports is both manageable and almost instantaneous.
- PassPort – offers sophisticated command control and audit of terminal sessions as defined by user profiles
Password Quality Management and Synchronisation
Because of the number of passwords that the average user has to remember (both at home and work), and especially for systems that get accessed infrequently, most consumers will, against the advice of security experts, use weak passwords, reuse one or two passwords for everything, write their passwords down, or even all of the above.
This places important company data at risk, and security administrators have no option but to enforce strong passwords. Unfortunately, users then tend to forget their passwords, and the need to have a security administrator reset numerous passwords, on numerous systems increases.
NetPass – an efficient time-saving tool that allows users and/or administrator to easily manage passwords on many nodes at once within their HP NonStop™ server environment.
Cross-Platform User Management
The main goal of an Identity Management system is to improve productivity and security without increasing the costs associated with managing of users, their identities and credentials across multiple platforms.
It is vital that Security Administrators are able to control who is accessing sensitive company data, when and from where they are accessing it. As the scope of access control continues to grow and span multiple platforms and/or applications, each system would more than likely be using different access control and user authentication methods.
A comprehensive Identity Management policy, as well as a comprehensive Identity Management application simplifies an organisations’ ability to manage access control on multiple platforms.
NIMS – brings the benefits of LDAP based Enterprise Identity Management to HP NonStop™ servers
Encryption
Encryption is the use of mathematical schemes and algorithms to scramble data into unreadable text, which can then be decoded / decrypted by an authorised person, provided they possess the associated key.
The best way to mitigate data breaches during a user’s session is by using a secure communication protocol to encrypt data between the user’s terminal and the server which contains the sensitive information that the user is accessing.
With the use of clear-text data streams for exchanging authentication and control information during a File Transfer Protocol (FTP) session, this has also become a frequent target for data breaches, warranting the need for companies to encrypt FTP data streams.
Client Shield – can be used to encrypt the Telnet data stream between any standard TN6530 emulator and the NonStop™ TELSERV process.
FTP Shield – an add-on to the standard FTP on HP NonStop™ servers, which wraps a Transport Layer Security (TLS) proxy around the FTP client or server.
Intrusion Detection & Prevention
Intrusion Detection is the act of monitoring systems for attempts to compromise integrity of system information. Manual intrusion detection could be the examining of logs for any evidence of suspicious activity or signs of intrusion.
Intrusion Prevention follows the same process of detection, but has the added ability to block / prevent the activity.
Alert-Plus® - A real-time intrusion detection tool that enables you to monitor your HP NonStop™ server, by using customised rules to evaluate events from the Safeguard audit trail and other sources, not only notifying you when any events of interest occur, but also allowing you the ability to block those attempts that can be deemed as inappropriate.