Forrester

For Security & Risk Professionals

Client Inquiry:Is The USA Patriot Act A "No Go" For EU Companies That Want To Use US Cloud Services?

We plan to move our mailing and collaborative systems to the cloud where main actors are US companies and subject to the USA Patriot Act. How do European companies deal with this US law? Is the...

For Security & Risk Professionals

Client Inquiry:Records Definition And Retention Rules

What is the definition of a record according to federal guidelines? What are some business rules for record retention? Where are the guidelines located that we should follow?

For Security & Risk Professionals

Client Inquiry:What Is The State Of Governance, Risk, And Compliance In The Indian Market?

What is the size of the governance, risk, and compliance (GRC) market, and what is the market growth rate in India? Who are the major GRC vendors in India, and what are the areas of opportunity?

For Security & Risk Professionals

Client Inquiry:Protecting Mobile Users From Malicious Apps

What is the industry doing to safely and securely identify native applications so that they can they be trusted (i.e., mobile cert concepts, auth tokens, signatures, personalization keys, third-party...

For Security & Risk Professionals

Client Inquiry:What Are The Best Antivirus Products In The Market?

We're looking for some information about antivirus products. What's the best technology available in the market?

For Security & Risk Professionals

Client Inquiry:What's The Outlook On Smartphone Malware And Viruses?

We would like to know the current outlook of malware on smartphones and tablets. Should we recommend antivirus software for corporate-owned devices? Are organizations enforcing antivirus protection...

For Security & Risk Professionals

Client Inquiry:What Is The Pricing For Governance, Risk, And Compliance Platforms?

How are governance, risk, and compliance (GRC) platforms priced? What can I expect for implementation costs?

For Security & Risk Professionals

Client Inquiry:What Are Best Practices Around Administrative Access?

I'd like to better understand whether we are using current best practices around limiting administrative access to production systems. We currently use jump servers as gateways for administrators...

For Security & Risk Professionals

Client Inquiry:What Are Some Virtualization Security Best Practices?

Does Forrester still recommend the following for securing virtual environments? Enforce zone boundaries with separate hardware; hypervisor hosts should not take on network security functions such as...

For Security & Risk Professionals

Client Inquiry:What Best Practices Do Financial Services Companies Use To Achieve A Secure Online Environment?

What are financial services companies (in the US and abroad) doing in order to allow their customers a quick and convenient logon in a secure online environment? In addition, do many financial...

Client Inquiry:What Are Our Options For Software That Tracks Employee Gifts?

We're looking for software that assists with the management and auditing of gifts that our employees receive from customers and suppliers.

For Security & Risk Professionals

Client Inquiry:What Guidance Do You Have Regarding Device Security During International Travel?

We have a requirement to support business travelers who will be in other countries for weeks. We consider some of these countries to have higher cyber risks. What guidance, if any, do you have in...

For Security & Risk Professionals

Client Inquiry:What Are Our Options For USB And CD/DVD Device Control Software?

We have a product in place to provide control of the use of CD/DVD and USB devices by approved users on approved devices. This vendor went out of business. We're looking for a product that will...

For Vendor Strategy Professionals

Client Inquiry:Sustainability Practice Networking And Conferences

What would you recommend for us regarding our sustainability practice in terms of the following: conference forums to attend, conferences and forums to sponsor and/or speak at, thought leadership...

For Security & Risk Professionals

Client Inquiry:How Should We Implement Identity Management For External Customers With A Cloud Solution?

We are currently looking at implementing identity management for our external customers with a cloud-based solution. What are the risks associated with allowing write access to our Active Directory...

For Security & Risk Professionals

Client Inquiry:What Are Some Best Practices For Using Jump Servers?

Are there certain vendors/solutions/configurations that are considered best practices for jump servers? Are organizations relying entirely on authentication and authorization controls, without having...

For Security & Risk Professionals

Client Inquiry:Can You Use Intrusion Prevention Instead Of A Web Security Gateway?

Is it possible to use an intrusion prevention system (IPS) instead of using the full capabilities of a web security gateway (WSG)? What could an IPS provide for the web traffic beyond the WSG?

For Security & Risk Professionals

Client Inquiry:How Are Hospital Networks Protecting Themselves From Third-Party Devices?

We would like to know how hospitals are protecting themselves against clinical devices infecting their networks. We have many third-party-owned or -maintained devices, such as PACS, medical devices,...

Client Inquiry:Standard PCI Report Templates

Are there any standard PCI report templates for providing information to my QSA?

For Security & Risk Professionals

Client Inquiry:What Are Best Practices For Client (Endpoint) Software Security?

We are working to refine our software procurement processes to ensure cost control, streamline conformance to enterprise architecture road map, etc. I would like some thoughts on the following: What...

For Security & Risk Professionals

Client Inquiry:What Are Current Trends In Remote Access And SSL Functionality?

We are currently exploring all remote access options, particularly SSL functionality. What kind of trends are you are seeing in these areas?

For Security & Risk Professionals

Client Inquiry:How Do We Synchronize User Credentials Between Sites?

We have three stores where we store user credentials. We're looking for a solution to synchronize them, and we want to avoid having to write our own programs to do this. Are there commercial...

For Security & Risk Professionals

Client Inquiry:Tiered User Security Access

I'm working on a proposal for an enhanced security standard for the employees who work on matters of particular sensitivity. This would be a standard that could be "turned on" or "off" depending on...

For Security & Risk Professionals

Client Inquiry:What Are PCI And Patching Best Practices?

A Payment Card Industry (PCI) certified environment requires patching within 30 days of the patch's release, but what is common practice in a PCI shop?

For Security & Risk Professionals

Client Inquiry:Definition Of Advanced Persistent Threat

How does Forrester define Advanced Persistent Threat?