CA on Security Management

What Part of DLP Should I Implement First?

David Miller — Mon, 29 Jun 2009 16:18:00 GMT

Data Loss Prevention (DLP) solutions secure a company’s sensitive data and critical digital assets on endpoints (desktops and laptops), the network, message servers, and even stored data. Comprehensive DLP solutions create a dilemma for organizations: what aspect of data loss do they address first? This query may seem commonplace. But because DLP identifies and controls highly...

Verified Identity Pass Goes Kaput - Where is the Data Now?

Merritt Maxim — Wed, 24 Jun 2009 16:15:00 GMT

On Monday, Verified Identity Pass announced that it will cease operation of its Clear program at 18 airports throughout the U.S. To the estimated 250,000 frequent fliers who had signed up for Clear Pass program and shelled out $200 annually for the privilege, this news was sudden and unexpected. The Clear program was one of three registered traveler programs that enabled...

Security Management in a Hybrid Application Deployment World

Matthew Gardiner — Tue, 23 Jun 2009 19:20:00 GMT

A recent Wall Street Journal article discussed the challenges and opportunities around the emerging business model of software vendors offering both "online applications" (SaaS) in addition to the traditional mode of providing software as on-premise applications. I am not going to wade into the merits of one approach of the other here, other than to say that some applications are...

Why CA Supports the Kantara Initiative

Matthew Gardiner — Wed, 17 Jun 2009 20:53:00 GMT

Over the past year or so, I have been CA's representative involved in the structuring and birth of the Kantara Initiative. Now that the Kantara Initative is officially launched, I thought it made sense to blog about why CA believes the creation of the Kantara Initiative is so important. In no particular order, here are my thoughts on "why Kantara." The challenges...

A Look Back at CA Expo France

Matthew Gardiner — Mon, 15 Jun 2009 17:47:00 GMT

I recently got back from a week in Paris. I know what you are thinking, "poor Matthew, having to spend a Spring week in Paris away from his family." For those who know me, you know that I lived in France previously and am pretty hooked on the country, thus the week wasn't exactly a hardship. But, I was actually there to work, with the week built around CA Expo France...

Emerging US Cybersecurity Legislation Worth Tracking

Merritt Maxim — Thu, 11 Jun 2009 20:56:00 GMT

Given that my CA colleague Tim Brown testified yesterday before the House Committee on Science and Technology on cybersecurity R&D, the US government and security are fresh on my mind. On May 29, 2009, President Obama gave a speech on his administration's intention to address cybersecurity (full text available here), including his intention to appoint a new cybersecurity coordinator...

On Cyber Security R&D, Education and the Proposed Czar

Tim Brown — Wed, 10 Jun 2009 18:45:00 GMT

Earlier today I had the opportunity to testify in Congress at a hearing on cyber security R&D. I appreciate that opportunity and am proud to have represented the views of CA, the Business Software Alliance (BSA) and industry in general in discussing cyber security research, development and education. You can read the testimony, but I thought I'd discuss here a few key...

Equifax as a Federated Identity Provider for Hire

Matthew Gardiner — Wed, 20 May 2009 16:43:00 GMT

You can think of the Internet identity problem from two perspectives, not only do you have to log-in to too many sites to conduct your daily Web activities, but on the flip-side, too many sites are put in the conflicting position of having to both verify your identity (before issuing you a credential) as well as to authenticate your credential every time you return. How and why is each and...

Facebook Federates – An Important Step for Consumer Federation

Matthew Gardiner — Tue, 19 May 2009 19:45:00 GMT

Yesterday Facebook developers posted a blog about Facebook's support for OpenID as a relying party http://developers.facebook.com/news.php?tab=blog. This is a great example of a consumer oriented use of identity federation and another sign that the concept of sharing of a user identity between separate domains is alive and well. However given the collision of consumer IT and...

The First Law of Data Loss Prevention?

Merritt Maxim — Fri, 15 May 2009 16:38:00 GMT

The leading headlines in this week's London newspapers have been about many UK politicians (including government ministers and Members of Parliament) charging taxpayers for a wide range of questionable work-related expenses (such as cleaning a moat). The growing scandal has caused the suspension of an ex-government minister as well as numerous politicians agreeing to pay back certain...

Privacy vs. Safety: Which is First Priority?

Merritt Maxim — Thu, 14 May 2009 15:44:00 GMT

Readers of this blog will note that I tend to find inspiration for blog topics in current events. Today is no different. While no one likes reading about accidents or near misses with commercial aircraft, I still feel impelled to pay attention the crash-related news. This week the NTSB has been holding hearings on the February 12, 2009, crash of Colgan Air Flight 3407 near Buffalo,...

Five Things that Stuck Out to Me at the European Identity Conference 2009

Matthew Gardiner — Tue, 12 May 2009 16:19:00 GMT

As promised in my last blog entry, here are my top 5 observations from last week's European Identity Conference 2009, put on by the Germany analyst firm Kuppinger Cole. The conference Web site is here - http://www.id-conf.com/eic2009 where you can find conference podcasts, Twitter postings and more. Lots of talk about Information Cards & User-Centric identity - Anyone who...

Five Things that Stuck Out to Me at RSA Conference 2009

Matthew Gardiner — Wed, 29 Apr 2009 15:17:00 GMT

I am just back from the RSA Conference in San Francisco. Here are 5 of the happenings that seemed most significant to me: Oracle purchases Sun -When I walked into the Moscone Center early Monday I was greeted with the news of Oracle's purchase of Sun Microsystems. Not that Sun's availability for corporate marriage was in doubt, but who would have guessed Oracle? I...

CA Security Management: Comprehensive and Integrated to Enable Lean IT

Merritt Maxim — Mon, 27 Apr 2009 03:39:00 GMT

Today, we are very pleased to introduce another guest blogger to the CA Security Management blog, Mr. Dave Hansen. Dave Hansen is Corporate Senior Vice President and General Manager of CA's Security Business Unit and just returned from the RSA Conference in San Francisco where he delivered a keynote on the transformation of identity management. Dave's post is listed...

Federal Government Cybersecurity Prominent at RSA 2009

Merritt Maxim — Thu, 23 Apr 2009 16:14:00 GMT

Today's posting is from CA colleague and guest blogger Phil Kenney from the CA Federal Team Melissa Hathaway's Keynote session yesterday at the RSA Conference www.rsaconference.com started off with a Mission Impossible based voice from above, asking her to consider an extremely important yet tremendously difficult task, ensuring the security of...