Cyber crime and physical crime from external and internal
sources is increasing everyday having potential to cause massive damage,
financially and potentially to human life. The threats range from simple thefts
to bio terror attacks and they can change every day. The problem is compounded
in enterprises where employee turnover is high and security awareness programs
are static and expensive to implement, monitor and measure. 45% of all security
breaches occur from within a company. Damage or threats to a company’s
resources from internal forces are considered to be more serious and dangerous
than those posed by external forces. In today’s business arena reports of such
attacks are growing day by day, despite astronomical investments made by
companies on security to safeguard business assets, due to lack of security
awareness amongst employees.
Solution
Security Awareness content must be dynamic. The themes should be
based on specific threats, severity of the threats, enterprise-specific
vulnerability, enterprise physical location, and enterprise business vertical.
Security awareness program must also be able to track the awareness level of
all employees and have the capability to identify, report and defend against
any known attacks on an enterprise.
|
Damage to a company's resources from internal forces continues to
rise each day.
|
FootPath launched SecureGURUTM to help enterprises
effectively communicate with enterprise security programs and reduce the
liability of the enterprise, while fully complying with laws passed by the US
Congress that will soon be required of financial services, health care, defense
and utility companies in the US. In addition to the technology to communicate,
track and prioritize security content, FootPath provides security training
content in the form of Flash presentations, screen savers, Intranet servers,
posters & flyers. FootPath’s interactive content team constantly develops
new content and provides it bundled with SecureGURUTM product.
|
SecureGURUTM helps enterprises effectively communicate enterprise
security programs
|
SecureGURUTM Enterprise Security Awareness Concept
FootPath’s Enterprise Security Group provides Security Awareness
Solutions for Enterprises, Security Audits, and Information Security
Architecture to Fortune-5000 companies with the main focus being:
Identification of the Threat - (How does one positively
identify?)
To combat a threat, employees must be trained to identify a threat. Therefore,
educating employees about all types of threats is the first and the most
crucial step an enterprise can take to combat security threats
Reporting a Threat - (Who to report?)
Your employees have identified the kind of threat! Is the threat from within
the enterprise or is it external? Do they know where and how it has to be
reported?
Defending against a Threat – (Emergency response, first-aid…)
Is your staff capable enough to handle a threat? Are your systems being
monitored by security software? Do your staffs know about the software?
|
|
Initiating a comprehensive Enterprise Security
Awareness program, proactively reduces or eliminates potential damages from an
attack.
|
SecureGURUTMSecurity Education Content
With the Government stepping up its emphasis on Information
Security and Privacy standards with recent U.S Legislation acts such as
Gramm-Leach-Bliley Act of 1999 and the Health Insurance Portability and
Accountability Act (HIPAA) of 1998, Footpath’s SecureGURUTMsolution
aims to proactively educate employees to improve enterprise threat and security
awareness with the education themes in compliance with these regulations.
FootPath Security Education themes are available on the following areas:
-
Identity Theft
-
Information Theft
-
Privacy Protection
-
Desktop Security
-
Virus & Worms Education
-
Social Attacks & Defense
-
Bio-terror Defense Education
-
Work Place Theft Prevention Education
-
PDA/Laptop Security
-
Wireless Security
-
HIPAA (scheduled 02/2003)
|
Advantages of SecureGURUTM Architecture
SecureGURUTM architecture has been designed keeping
in mind, all issues pertaining to the MIS department, network resources and
most frequently used features such as:
-
Minimal use of Internet bandwidth
to download/view the light-weight, Security Education Content .The content is
downloaded only once or whenever updated
-
Reduced or no Intranet traffic
as offline security education themes are played from each client machine
-
Lesser Connection time
as the Offline communication system (SecureGURU Screen Saver and SecureGURU
Advisor) dispenses with constant connection to the Internet
-
Least CPU utilization
enabling it to work on computers with minimal hardware resources.
-
SecureGURU Screen Savers make effective usage of
computer idle time by playing security education content thereby creating a
security aware environment
-
Scheduled delivery
of Security content through SecureGURU Live Update
-
Offline tracking with no load on network resources.
|
Tracking of Viewer ship
Track Security Education Training
SecureGURUTM Education content is both interactive and intelligent
(SecureGURUTM 3.0 and future releases). Each theme is engineered to
track and evaluate the progress of an employee’s security awareness. On having
completed viewing, the theme is automatically marked as read and the next
unread theme is brought up ready to be viewed.
Control Security Education
With server push technology (SecureGURUTM 3.0 and future releases),
SecureGURU Content Server can communicate "Urgent Threat Alerts" to all
SecureGURUTM Clients and evaluate each user as having acknowledged
or not acknowledged the alert. The client system remains locked as long as the
user has not acknowledged the alert.
|
|
With Server based push technology, top priority alerts
are communicated to all SecureGURUTM clients on the corporate LAN
|
SecureGURUTM Desktop Security and Breach Notification
One of the key issues addressed by SecureGURUTM is
Desktop Security. The SecureGURUTM Desktop Monitor automatically
monitors the locked workstation. On detection of an unauthorized
login, the SecureGURUTM Breach Notification System
automatically notifies the owner of the workstation over a pre-configured email
address or a mobile phone. SecureGURUTM Breach Notification System
can be configured to channel Breach Notification messages through the corporate
SMTP server on the company Intranet or a dedicated third-party SMTP server.
|
|
SecureGURU Breach Notification System alerts clients
of unwarranted breach attempts on workstations
|
In addition to the Breach Notification System, the Desktop
Monitor also features:
-
Capture and logging Breach information to dedicated log files
-
Automatic and configurable facility to Backup log files on the local computer
or over the Intranet
-
Automatic Event Log Backup, Clearing and Notification system
-
Automatic Live Update Scheduling
Click Here for the
brochure
To view Technical White Paper of SecureGURUTM specification in
details, click here
|