Whitepapers
The CIP Challenge: Securing Critical Cyber Assets in the Energy Industry
Energy companies have more to deal with than ever before including the concern that has increased throughout the industry about the security of energy companies’ infrastructure and assets. This concern led to the creation of North American Electric Reliability Corporation (NERC), who in turn developed the Critical Infrastructure Protection (CIP) regulations. While these regulations have been clearly defined, NERC has left it up to each energy company to determine how best to achieve them operationally. With companies required to be "substantially compliant" by mid-2008 and "fully compliant" by mid-2010, along with best practices for CIP compliance remaining unclear, many energy companies face the prospect of failed audits and substantial fines. This white paper, produced in consultation with Imprivata customers and energy industry pundits, discusses the key issues surrounding CIP compliance and offers guidance and recommendations on how Imprivata OneSign platform can effectively support and accelerate a successful CIP compliance program.
Compliance and Beyond: Toward a Consensus on Identity Management Best Practices
For more than a decade, government and industry bodies around the world have issued a growing number of regulations designed -- in whole or in part -- to ensure the security, integrity and confidentiality of personal and corporate data . Combined, these individual regulatory guidelines outline what constitutes best practices in identity management and IT security. This white paper explores these compliance-driven best practices, how Imprivata® OneSign® solutions support them, and how prioritizing their implementation makes good business sense beyond the fulfillment of compliance requirements.
Read now.
A More Secure Front Door: SSO & Strong Authentication
With the advent of more stringent government regulations, organizations are seeking ways to further strengthen IT security. Which authentication option is right for your organization? And how easily can it be integrated with your ESSO solution? These are just two of the many questions to consider as you evaluate strong authentication choices. This white paper explores these questions and addresses how organizations can secure network access without creating inconvenience for either IT staff or end users.
Read now.
A Pathway to PCI Compliance
In response to the increased threat of identity thefts and fraudulent credit card charges, governments around the world have been considering an array of new laws and regulations to systematically combat this problem. A key to success with any regulatory compliance effort is to accomplish measurable goals using policy and controls that are easy for the users to implement and accept. This paper will examine some of the requirements of the new standard and review identity and access management technology that can help organizations comply with these regulations in an efficient and cost-effective manner that is easy for users to embrace.
Read now.
Bridging the Great Divide: The Convergence of Physical and Logical Security
By integrating your physical and logical systems, you can increase the value of your building access badge, realize tighter enterprise security, and address regulatory compliance. In the past, this integration had been too expensive, difficult and disruptive to achieve. But all that has changed.
Read now.
Integrated Provisioning and SSO: Day One Employee Productivity and Increased Security
Today, the abundance of online information and enterprise applications available to employees improves productivity. However, facilitating fast and secure access to that information is a complex and daunting task. Read how you can enhance productivity with an integrated provisioning/SSO solution to generate and manage user credentials and access.
Read now.
The OneSign Guide to Thwarting Insider Threat
IT departments are becoming increasingly aware of the threats inside the firewall -- including those from contractors, recently dismissed employees and even cleaning staff. Download this whitepaper to learn about the effectiveness of the Imprivata OneSign platform for countering insider threat.
Read now.
Physical/Logical Security Convergence: What It Means, Why It's Needed and How to Get There
Today’s corporate security infrastructure is a patchwork. Most organizations maintain multiple, separate physical and IT security systems with no integration among them. This situation has become a growing liability as security concerns and the need to address privacy and regulatory compliance issues grow. This white paper discusses what convergence means for businesses, the business drivers for convergence, and the Open Security Exchange's Convergence Roadmap to help organizations plan for and achieve convergence.
Read now.
Truth & Fiction with Single Sign-On
Technology products always seem to come “out of the box” strong and then wither amidst strong scrutiny. This was the case with single sign-on (SSO). What is sometimes ignored, however, is that any product with a strong need will reinvent itself to address the problems it contains. It is time for individuals to evaluate (or re-evaluate) SSO for their enterprises. This paper describes interviews and research associated with the value of single sign-on. It discusses key myths that were associated with SSO in the past and no longer apply to today’s technology.
Read now.
The Value of Enterprise SSO to HIPAA Compliance
The HIPAA Act established formal regulations designed to protect the confidentiality and security of patient information. HIPAA security regulations require mechanisms for controlling access to patient data on healthcare providers’ information technology (IT) systems. Read how single sign-on solutions help healthcare organizations comply with HIPAA’s security requirements.
Read now.