For Security & Risk Professionals

Market Overview: Network Access Control (NAC)

Evolving NAC Market Focuses On Features That Provide Operational Efficiency

by Usman Sindhu, November 3, 2009

Network access control (NAC) is high on the security professionals' wish list, but few are able to justify the business case for it. Complex deployments, too many architectural options, and a quickly changing vendor landscape have pushed most NAC deployments . . .

For Security & Risk Professionals

PCI X-Ray: File Integrity Monitoring

by John Kindervag, October 26, 2009

To effectively deal with the broad and complex requirements of Payment Card Industry (PCI) data security, you need to break the elements apart to provide enhanced clarity. We've designed the PCI X-Ray series to provide actionable information to help Forrester . . .

For Infrastructure & Operations Professionals

Twenty Mobile Device Management Best Practices

How To Improve Mobile Support For Your Anytime, Anywhere Workers

by Benjamin Gray, October 21, 2009

As workers become increasingly distributed and mobile, work will no longer be confined to always-connected devices. And as firms onboard this younger and more tech-savvy generation of employees (Millennials), who have loftier mobility expectations of . . .

For Security & Risk Professionals

Fear Of A Hyperjacked Planet

Hypervisor Security Flaws Get Press, But Operational Risks Matter More

by Andrew Jaquith, October 16, 2009

Asked to do more with less, CIOs are using virtualization to pack more services into fewer physical boxes, reduce energy consumption, and provide greater flexibility. But security and risk professionals worry that in the headlong rush to embrace virtualization, . . .

For Application Development & Program Management Professionals

Your Enterprise Database Security Strategy 2010

Stronger Measures Have Become Essential To Defend Against Growing Attacks

by Noel Yuhanna, September 28, 2009

With increasingly sophisticated attacks and rising internal data theft, database security merits a stronger focus that goes beyond traditional authentication, authorization, and access control (AAA). A single intrusion that compromises private data such . . .

For Security & Risk Professionals

Active Directory Q&A: Demand Rises

Directory Consolidation Saves On Administrative Costs, Eases Provisioning

by Andras Cser, August 11, 2009

For the past 10 years, Active Directory (AD) has remained the backbone of identity infrastructures. Organizations continue to struggle with consolidating AD domains across the enterprise and centralizing ownership for them. Business partners' information . . .

For Infrastructure & Operations Professionals

IT Compliance: From Painful To Pleasant

by Khalid Kark, July 31, 2009

With increasing workforce mobility and the extension of the business supply chain globally, organizations are struggling to keep up with increasing corporate and regulatory compliance requirements. Regulations such as the Health Insurance Portability . . .

For Security & Risk Professionals

Market Overview: Firewall Auditing Tools

by John Kindervag, July 30, 2009

In the battle to protect your organization's information and assets, firewalls are the first line of defense for preventing attacks against the network. And for the most part, they've succeeded at keeping the enemy at bay — that is, when the firewall . . .

For Infrastructure & Operations Professionals

Market Overview: Client Management Suites

Evolving Computing Market Shifts Focus To Security And Virtualization

by Natalie Lambert, July 29, 2009

Desktop operations managers are watching their computing environment change. There are now more types of devices and more varieties of operating systems entering the enterprise than ever before. This is leading to an architectural shift, one that moves . . .

For CIOs

Distributed Enterprise 2.0

CIOs In Consumer-Facing, Distributed Firms Can Capitalize On Cloud Computing

by George Lawrie, July 23, 2009

In a desperate effort to maintain the connection with fickle consumers, line-of-business executives and their allies in IT are conspiring to lower the IT drawbridge in order to deliver personalized customer experiences wherever and whenever consumers . . .

For Security & Risk Professionals

Best Practices: Implementing Strong Authentication In Your Enterprise

Kill Two Birds With One Token

by Bill Nagel, July 23, 2009

The adoption of strong multifactor authentication (MFA) is on the rise. It's often the first port of call on the journey to a fuller identity and access management implementation; MFA directly addresses the password problem, which is a well-known and . . .

For Security & Risk Professionals

Case Study: For Avaya, Customers Are Not A Token Consideration

A Plug-And-Go Smart Token Combines With PKI For Security And Auditability

by Bill Nagel, July 23, 2009

Rick Robinson at Avaya had a vision for a multifunctional second-factor authentication credential that would satisfy customer compliance requirements without significant adverse effects on his engineering and technical support staff. By testing how well . . .

For Security & Risk Professionals

TechRadar™ For Security & Risk Professionals: Network Threat Mitigation, Q3 2009

by John Kindervag, July 22, 2009

The news is filled with reports of networks attacks and stolen data. Consumers routinely undergo the stress of fraudulent charges or compromised credit cards. Terms such as "botnet" have become part of our vocabulary. As a result, security and risk professionals . . .

For Security & Risk Professionals

PCI X-Ray: Network Segmentation

by John Kindervag, July 17, 2009

To effectively deal with the broad and complex requirements of Payment Card Industry (PCI) data security, you need to break the elements apart to provide enhanced clarity. We've designed the PCI X-Ray series to provide actionable information to help Forrester . . .

For Infrastructure & Operations Professionals

Case Study: Aspirus Lowers IT Costs By Consolidating Client Security And Management

Single-Sourcing Client Security And Management Eases Desktop Management

by Natalie Lambert, July 16, 2009

Companies are constantly challenged by the ever-increasing number of tools needed to ensure the security of their PCs. Aspirus, a Wisconsin-based healthcare provider, found that too many best-of-breed tools were being used to secure and manage its PC . . .

For Enterprise Architecture Professionals

EA: Incorporate Enterprise Role Management Into Your Architecture Strategy

by Henry Peyret, July 15, 2009

Adoption of enterprise role management tools is increasing dramatically as a result of compliance and cost pressures. Enterprise role management tools simplify the provisioning and deprovisioning of employee and contractor access to resources, enabling . . .

For Vendor Strategy Professionals

Consumers Turn To Freeware As Their Security Worries Deepen

Consumers Are Getting More Security-Savvy, More Concerned, And Less Trusting

by Jonathan Penn, July 6, 2009

To understand the state of consumers' attitudes and behavior with regard to online security and privacy and how it is changing, Forrester recently surveyed more than 4,600 online adults in North America. We found that consumers' worries about malware, . . .

For Infrastructure & Operations Professionals

Identifying Components Of The Network Skills Gap

Identify Roles And Skills That Are Significantly Important For Successful Network Management

by Chris Silva, Usman Sindhu, June 12, 2009

Organizations are upgrading their infrastructure with technologies that improve network efficiency, performance, security, and management. As a result, IT ops pros' roles must also evolve in network, system, service, and operation management skills. These . . .

For Security & Risk Professionals

Market Overview: Security Information Management (SIM)

PCI Gives The SIM Market Its Second Wind, But The Field Will Thin Out In The Years Ahead

by John Kindervag, Andrew Jaquith, April 30, 2009

The security information management (SIM) market has undergone a dramatic transformation in the past five years. After growing to a respectable size in a short period in the early 2000s, the SIM market stagnated until the Payment Card Industry Data Security . . .

For Infrastructure & Operations Professionals

The Forrester Wave™: Mobile Device Management Solutions, Q2 2009

Sybase And RIM Lead, With Motorola, Good, And Microsoft Not Far Behind

by Benjamin Gray, April 27, 2009

In Forrester's 92-criteria evaluation of mobile device management vendors, we found that Research In Motion (RIM) and Sybase lead the pack with their superior mobile device configuration, management, and security capabilities and strongest market presence. . . .

For Vendor Strategy Professionals

Market Overview: IT Security In 2009

by Jonathan Penn, April 22, 2009

The big news for the IT security market in 2009 is that it will fare relatively well. Cost and justification pressures are exerting themselves, but through increasing business-level visibility led by data-breach headlines, security spend continues to . . .

For Infrastructure & Operations Professionals

Building Your Business' Mobile Strategy  (1.5 MB PPT)

by Benjamin Gray, April 13, 2009

The time is now for IT to get smarter about managing mobility, and firms must recognize the importance of device management and security.

For Security & Risk Professionals

Building The Proactive Case For Full Disk Encryption

Case Study: A Leading Hospitality And Gambling Firm Proactively Implements Full Disk Encryption

by Natalie Lambert, April 8, 2009

In today's economy of tighter budgets and increased scrutiny over requests for investment, security professionals are struggling to make the business case for full disk encryption (FDE). Unfortunately, despite highly publicized data leaks, the business . . .

For Security & Risk Professionals

If You Don't Have IPS, You Deserve To Be Hacked

by John Kindervag, April 8, 2009

In the beginning was the alert, but the alert drove everyone crazy so the IT staff quit looking at the logs. That long-gone era represents the glory days of intrusion detection systems (IDS). Clearly, the security industry has evolved beyond the time . . .

For Infrastructure & Operations Professionals

Case Study: A Leading Hospitality And Gambling Firm Proactively Implements Full Disk Encryption

by Natalie Lambert, April 7, 2009

Full disk encryption (FDE) is necessary in today's IT organization, and security professionals know this. However, problems arise when IT tries to convey this necessity to the business. Even with highly publicized data leaks, many decision-makers still . . .