SAFECOM is the original user interface to Safeguard, the native HP NonStop™ server security program. Both were developed at a time when highly trained HP NonStop technical staff managed HP NonStop security exclusively. However, today’s security requirements are not only more complex and scrutinized, but security is often managed by an information security department whose staff rarely consists of single-platform experts. Instead they are information security specialists with responsibilities across many different computer platforms.
Why Safeguard PRO?
Safeguard PRO brings together all the capabilities of the XYGATE Safeguard enhancement modules to offer you a single source for achieving your Safeguard-related security requirements. A friendly and intuitive user interface adds to the ease of use and allows the Security Administrator, whose responsibilities can span several computer platforms, to take care of the HP NonStop platform with ease.
What Do I Get with Safeguard Pro?
The XYGATE Safeguard PRO package consists of 5 integrated modules, each addressing specific Safeguard security requirements. Every aspect of Safeguard Administration, Audit, Authorization, and Authentication (including interfacing to LDAP) is enhanced and made efficient with XYGATE Safeguard PRO.
XYPRO’s Safeguard PRO is an enhanced Safeguard manage¬ment, configuration and reporting package that extends the capabilities of Safeguard with unrivaled user authentication, password quality and object security power.
How Do I Learn More about Safeguard PRO?
Click here to learn more. You can download free product information and view a product demo.
Friday, August 27, 2010
Thursday, August 12, 2010
Donkey Rodeo SIG, London.
At the start of the recent BITUG (British Isles Tandem User Group) DR SIG in London, NTI’s Dave Ross asked the attendees to think about what the letters D.R. stood for, with prizes for the most creative suggestions. More on the results of that at the end.
As you’d expect from a DR SIG, the day was focused on Disaster Recovery or Data Replication as is becoming more commonly used, because of the multi-purpose uses for modern DR set-ups. The list of attendees was a little longer than usual, which I’m thinking is down to two possible reasons. The first could be that DR is a fairly hot topic and people want to keep up to speed. The second might have been NTI’s exclusive booking of a London Eye (huge Ferris wheel on the Thames) capsule for a post SIG hurrah. Either way, it was great to see a good turn-out.
By the end of the day, it was time for the D.R. Suggestions to be aired. Around ten made the final cut with Digital Renaissance being one, Demand Ransom was possibly another, but Deny Responsibility was deemed the winner! I can’t remember if the prize was a crisp £20 note or a Tandem T-Shirt, as there were a few mini competitions during the day. Either way, everyone went home happy, especially those with extra cash/clothing and those who got an invite to the post SIG London Eye trip.
The next BITUG SIG covers Migration and Solutions, 13th October.
www.bitug.com
Dan Lewis
XYPRO, Europe
As you’d expect from a DR SIG, the day was focused on Disaster Recovery or Data Replication as is becoming more commonly used, because of the multi-purpose uses for modern DR set-ups. The list of attendees was a little longer than usual, which I’m thinking is down to two possible reasons. The first could be that DR is a fairly hot topic and people want to keep up to speed. The second might have been NTI’s exclusive booking of a London Eye (huge Ferris wheel on the Thames) capsule for a post SIG hurrah. Either way, it was great to see a good turn-out.
By the end of the day, it was time for the D.R. Suggestions to be aired. Around ten made the final cut with Digital Renaissance being one, Demand Ransom was possibly another, but Deny Responsibility was deemed the winner! I can’t remember if the prize was a crisp £20 note or a Tandem T-Shirt, as there were a few mini competitions during the day. Either way, everyone went home happy, especially those with extra cash/clothing and those who got an invite to the post SIG London Eye trip.
The next BITUG SIG covers Migration and Solutions, 13th October.
www.bitug.com
Dan Lewis
XYPRO, Europe
Friday, August 6, 2010
XYPRO TECHNOLOGY CORPORATION joins PCI Security Standards Council as newest Participating Organization
XYPRO to participate in key standards setting body protecting payment cardholder data
FOR IMMEDIATE RELEASE
Simi Valley, CA/USA, August 6, 2010 —XYPRO Technology Corporation, a leading provider of data security software and services for HP NonStop Server environments, announced today that it has joined the PCI Security Standards Council as a new participating organization. As a Participating Organization, XYPRO will work with the Council to evolve the PCI Data Security Standard (DSS) and other payment card data protection standards.
The PCI DSS, endorsed by American Express, Discover Financial Services, JCB International, MasterCard Worldwide and Visa Inc., requires merchants and service providers that store, process or transmit customer payment card data to adhere to information security controls and processes that ensure data integrity. More information on the council and the standard can be found at www.pcisecuritystandards.org.
As a Participating Organization, XYPRO will now have access to the latest payment card security standards from the Council, be able to provide feedback on the standards and become part of a growing community that now includes more than 500 organizations. In an era of increasingly sophisticated attacks on systems, adhering to the PCI DSS represents an entity’s best protection against data criminals. By joining as a Participating Organization, XYPRO is adding its voice to the process.”
“The PCI Security Standards Council is committed to helping everyone involved in the payment chain protect consumer payment data,” said Bob Russo, General Manager of the PCI Security Standards Council. “By participating in the standards setting process, XYPRO demonstrates they are playing an active part in this important end goal.”
“XYPRO is dedicated to helping businesses achieve unified security and compliance within their HP NonStop server environments,” said Sheila Johnson, CEO at XYPRO. “We are extremely excited to participate in the PCI Security Standards Council, as it further demonstrates our mission and commitment to closing the security gap.”
About PCI Security Standards Council
The mission of the PCI Security Standards Council is to enhance payment account security by driving education and awareness of PCI security standards. For more information, please visit www.pcisecuritystandards.org
About XYPRO
XYPRO Technology offers more than 27 years of knowledge, experience and success in providing HP NonStop information systems tools and services. Businesses that manage and transport business-critical data turn to XYPRO for a variety of solutions. XYPRO helps businesses to better manage security risks, protect assets and gain a competitive edge through compliance while improving efficiency. www.xypro.com
# # #
Media contacts
XYPRO Technology PCI Security Standards Council
Lisa Partridge Ella Nevill
805-583-2874 781-876-6248
Lisa_P@xypro.com enevill@pcisecuritystandards.org
FOR IMMEDIATE RELEASE
Simi Valley, CA/USA, August 6, 2010 —XYPRO Technology Corporation, a leading provider of data security software and services for HP NonStop Server environments, announced today that it has joined the PCI Security Standards Council as a new participating organization. As a Participating Organization, XYPRO will work with the Council to evolve the PCI Data Security Standard (DSS) and other payment card data protection standards.
The PCI DSS, endorsed by American Express, Discover Financial Services, JCB International, MasterCard Worldwide and Visa Inc., requires merchants and service providers that store, process or transmit customer payment card data to adhere to information security controls and processes that ensure data integrity. More information on the council and the standard can be found at www.pcisecuritystandards.org.
As a Participating Organization, XYPRO will now have access to the latest payment card security standards from the Council, be able to provide feedback on the standards and become part of a growing community that now includes more than 500 organizations. In an era of increasingly sophisticated attacks on systems, adhering to the PCI DSS represents an entity’s best protection against data criminals. By joining as a Participating Organization, XYPRO is adding its voice to the process.”
“The PCI Security Standards Council is committed to helping everyone involved in the payment chain protect consumer payment data,” said Bob Russo, General Manager of the PCI Security Standards Council. “By participating in the standards setting process, XYPRO demonstrates they are playing an active part in this important end goal.”
“XYPRO is dedicated to helping businesses achieve unified security and compliance within their HP NonStop server environments,” said Sheila Johnson, CEO at XYPRO. “We are extremely excited to participate in the PCI Security Standards Council, as it further demonstrates our mission and commitment to closing the security gap.”
About PCI Security Standards Council
The mission of the PCI Security Standards Council is to enhance payment account security by driving education and awareness of PCI security standards. For more information, please visit www.pcisecuritystandards.org
About XYPRO
XYPRO Technology offers more than 27 years of knowledge, experience and success in providing HP NonStop information systems tools and services. Businesses that manage and transport business-critical data turn to XYPRO for a variety of solutions. XYPRO helps businesses to better manage security risks, protect assets and gain a competitive edge through compliance while improving efficiency. www.xypro.com
# # #
Media contacts
XYPRO Technology PCI Security Standards Council
Lisa Partridge Ella Nevill
805-583-2874 781-876-6248
Lisa_P@xypro.com enevill@pcisecuritystandards.org
Thursday, July 29, 2010
Security Breaches: Do Companies Need to See It Get Worse Before It Gets Better?
One would think that with all of today’s security standards and compliance requirements that data leaks and security breaches would be few and far between. Of course, one would be wrong to think that. Indeed, in the healthcare sector alone the numbers are staggering. In a recent report published by Healthcare Info Security the official federal list of major healthcare information breaches dating back to last September included 119 incidents affecting almost 5 million Americans. About 20 incidents were added to the list in the last 30 days.
The total of those affected by major breaches grew by approximately 1.5 million in the past month, primarily as a result of two large cases.
In one case, South Shore Hospital in South Weymouth, Mass. reported that unencrypted backup computer files containing personal, health and financial information on about 800,000 people may have been lost by a company that a Massachusetts Hospital hired to destroy the files. On the breach list, the business partner involved is identified as Iron Mountain Data Products Inc.
In the other case, WellPoint Inc., which owns Blue Cross and Blue Shield plans in 14 states, announced in late June that it was notifying 470,000 people who applied for individual health insurance coverage that their information may have been breached on a website.
Don’t Make the List
Organizations that suffer from security breaches can’t hide and pretend it didn’t happen. Under the Health Information Technology for Economic and Clinical Health Act's breach notification rule, which went into effect last September, breaches affecting more than 500 individuals must be reported to the Department of Health and Human Services' Office for Civil Rights and the news media as well as the individuals affected within 60 days. It’s definitely a list you don’t want to be on.
Get Informed & Get Secure with XYPRO
For more than 25 years, XYPRO has been helping businesses, including healthcare organizations secure their mission-critical systems and information. We help ensure that our customers never make lists like the ones mentioned above. You can learn more about how we do it from our webinar archive at www.xypro.com/webinars.
The total of those affected by major breaches grew by approximately 1.5 million in the past month, primarily as a result of two large cases.
In one case, South Shore Hospital in South Weymouth, Mass. reported that unencrypted backup computer files containing personal, health and financial information on about 800,000 people may have been lost by a company that a Massachusetts Hospital hired to destroy the files. On the breach list, the business partner involved is identified as Iron Mountain Data Products Inc.
In the other case, WellPoint Inc., which owns Blue Cross and Blue Shield plans in 14 states, announced in late June that it was notifying 470,000 people who applied for individual health insurance coverage that their information may have been breached on a website.
Don’t Make the List
Organizations that suffer from security breaches can’t hide and pretend it didn’t happen. Under the Health Information Technology for Economic and Clinical Health Act's breach notification rule, which went into effect last September, breaches affecting more than 500 individuals must be reported to the Department of Health and Human Services' Office for Civil Rights and the news media as well as the individuals affected within 60 days. It’s definitely a list you don’t want to be on.
Get Informed & Get Secure with XYPRO
For more than 25 years, XYPRO has been helping businesses, including healthcare organizations secure their mission-critical systems and information. We help ensure that our customers never make lists like the ones mentioned above. You can learn more about how we do it from our webinar archive at www.xypro.com/webinars.
Thursday, July 15, 2010
The Secret to Fitness...
I may have found the key to improving my overall health, when recently I had the good fortune of teaching a one-week XYGATE class for one of XYPRO's customers in Porto Alegri, which is the capital of Rio Grande do Sul and is Brazil's southernmost state. Porto Alegri is a pretty city, with tree-lined streets and colorful sunsets over Lake Guaíba.
The company, along with a number of other international high-tech businesses, including HP, leases buildings on the campus of the Pontifical Catholic University of Rio Grande do Sul (PUCRS). The companies agree to accept students for internships and on-the-job training. The companies pay rent, which supplements the university's income. In addition, all of the extra people on campus makes having a big variety of restaurants and other businesses, including a fairly large mall on campus, feasible. This is such a wonderful idea—I’m surprised more universities aren't doing it.
This was my first experience teaching where more than half of the students were watching via video conference from multiple time zones. However, the Brazilian folks were experts on setting everything up, and the class came off without any problems.
I also had my first taste of the yerba mate tea and saw how it is brewed. Perhaps that is the secret to their fitness! Some studies have shown that this tea has anti-obesity, cholesterol lowering and antioxidant properties. All I know is the vast majority of citizens appeared extremely fit regardless of age or gender. Well, I'll let you know how it goes in a few months...
Terri Hill
XYGATE Security Specialist
The company, along with a number of other international high-tech businesses, including HP, leases buildings on the campus of the Pontifical Catholic University of Rio Grande do Sul (PUCRS). The companies agree to accept students for internships and on-the-job training. The companies pay rent, which supplements the university's income. In addition, all of the extra people on campus makes having a big variety of restaurants and other businesses, including a fairly large mall on campus, feasible. This is such a wonderful idea—I’m surprised more universities aren't doing it.
This was my first experience teaching where more than half of the students were watching via video conference from multiple time zones. However, the Brazilian folks were experts on setting everything up, and the class came off without any problems.
I also had my first taste of the yerba mate tea and saw how it is brewed. Perhaps that is the secret to their fitness! Some studies have shown that this tea has anti-obesity, cholesterol lowering and antioxidant properties. All I know is the vast majority of citizens appeared extremely fit regardless of age or gender. Well, I'll let you know how it goes in a few months...
Terri Hill
XYGATE Security Specialist
Friday, July 9, 2010
XYGATE is Profiled in the Roadmap to the Megaplex
High-profile guide by Standish Group highlights XYGATE’s sophisticated security features
(July 8, 2010) Simi Valley, CA – XYPRO Technology Corporation, a leading provider of security software and services for HP NonStop™ Server environments, today announced that it has been included in the Standish Group’s Roadmap to the Megaplex. The guide offers timely information to help organizations maximize their current investment in HP NonStop server applications. The Roadmap to the Megaplex also offers return on investment scenarios and provides compelling reasons to modernize the NonStop applications and environment.
XYPRO’s security and access control suite, XYGATE, is highlighted in the Roadmap’s Security Modernization section. XYGATE is a comprehensive security, compliance, auditing and FIPS 140-2 validated encryption software solution for HP NonStop environments. Security modernization is the process of changing the traditional security and protection systems from passive to proactive. Government and industry regulations mandate much of this change. The Standish Group reports that 69 percent of organizations have an active and concentrated effort to meet regulatory compliance. Investment in security is minimal when compared to the financial penalties levied for non-compliance or the monetary impact of a breach.
The Roadmap to the Megaplex highlights XYGATE’s ability to greatly enhance an organization’s security environment and enable protection of their intellectual property and confidential information. “The security process is challenging and ever-evolving as organizations strive to protect our personal data, their corporate assets and meet regulatory compliance,” said Sheila Johnson, XYPRO CEO. “One way to make the process simpler is to deploy a centralized security management system with highly sophisticated security capabilities but that is straightforward to use, such as XYGATE.”
XYGATE’s implementation is simple and requires little training for the experienced NonStop security administrator. XYGATE’s intuitive wizards are designed to help security administrators set up rules and roles quickly. The XYGATE suite has been efficiently designed to meet organizations’ goals to protect data and improve productivity while achieving granular security, audit and compliance mandates.
“The Roadmap to the Megaplex is a critical document for organizations seeking to maximize their investments in NonStop applications,” said Lisa Partridge, XYPRO Vice President. “We are thrilled that XYGATE’s rich security, audit and compliance features have been profiled as an avenue for organizations to enhance and protect their HP NonStop server environment.”
About XYPRO
XYPRO Technology offers more than 27 years of knowledge, experience and success in providing HP NonStop information systems tools and services. Businesses that manage and transport business-critical data turn to XYPRO for a variety of solutions. XYPRO helps businesses to better manage security risks, protect assets and gain a competitive edge through improved efficiency. www.xypro.com
About the Standish Group
The Standish Group is based in Boston, Massachusetts and is the Information Technology leader in project and value performance. We are a group of highly dedicated professionals with years of practical experience in assessing risk, cost, return and value for Information Technology (IT) Investments.
www.standishgroup.com
(July 8, 2010) Simi Valley, CA – XYPRO Technology Corporation, a leading provider of security software and services for HP NonStop™ Server environments, today announced that it has been included in the Standish Group’s Roadmap to the Megaplex. The guide offers timely information to help organizations maximize their current investment in HP NonStop server applications. The Roadmap to the Megaplex also offers return on investment scenarios and provides compelling reasons to modernize the NonStop applications and environment.
XYPRO’s security and access control suite, XYGATE, is highlighted in the Roadmap’s Security Modernization section. XYGATE is a comprehensive security, compliance, auditing and FIPS 140-2 validated encryption software solution for HP NonStop environments. Security modernization is the process of changing the traditional security and protection systems from passive to proactive. Government and industry regulations mandate much of this change. The Standish Group reports that 69 percent of organizations have an active and concentrated effort to meet regulatory compliance. Investment in security is minimal when compared to the financial penalties levied for non-compliance or the monetary impact of a breach.
The Roadmap to the Megaplex highlights XYGATE’s ability to greatly enhance an organization’s security environment and enable protection of their intellectual property and confidential information. “The security process is challenging and ever-evolving as organizations strive to protect our personal data, their corporate assets and meet regulatory compliance,” said Sheila Johnson, XYPRO CEO. “One way to make the process simpler is to deploy a centralized security management system with highly sophisticated security capabilities but that is straightforward to use, such as XYGATE.”
XYGATE’s implementation is simple and requires little training for the experienced NonStop security administrator. XYGATE’s intuitive wizards are designed to help security administrators set up rules and roles quickly. The XYGATE suite has been efficiently designed to meet organizations’ goals to protect data and improve productivity while achieving granular security, audit and compliance mandates.
“The Roadmap to the Megaplex is a critical document for organizations seeking to maximize their investments in NonStop applications,” said Lisa Partridge, XYPRO Vice President. “We are thrilled that XYGATE’s rich security, audit and compliance features have been profiled as an avenue for organizations to enhance and protect their HP NonStop server environment.”
About XYPRO
XYPRO Technology offers more than 27 years of knowledge, experience and success in providing HP NonStop information systems tools and services. Businesses that manage and transport business-critical data turn to XYPRO for a variety of solutions. XYPRO helps businesses to better manage security risks, protect assets and gain a competitive edge through improved efficiency. www.xypro.com
About the Standish Group
The Standish Group is based in Boston, Massachusetts and is the Information Technology leader in project and value performance. We are a group of highly dedicated professionals with years of practical experience in assessing risk, cost, return and value for Information Technology (IT) Investments.
www.standishgroup.com
Tuesday, June 22, 2010
Viking Longtrip
Three days at the end of May saw Sean Bicknell and I head to the ninth annual VNUG (Viking NonStop User Group) conference held this year at Gällöfsta Manor, about half an hour north of Stockholm.
Day one was either an education day, or a golf tournament. I was looking forward to a round of golf, but striking British Airways cabin staff had other ideas. Our rescheduled flight meant I’ll have to wait until next year to play my first golf in Sweden. At least with an extra year to practice I’ll increase my chances of not coming last!
The real business began on the morning of day two. Around 10 vendors set up their booths and a range of HP updates, vendor pitches and user presentations kicked off at 9.30am. Our presentation was originally scheduled to be the final one of the event on day three, but a last-minute cancellation by one of the speakers meant we were moved to the afternoon of day two – no complaints there.
For XYPRO’s 20 minute slot we took a look at a few of the PCI-DSS requirements which can’t be met on a NonStop with native software. This scenario applies to far more requirements than we had time to cover, but it was more than enough time to take a high-level look at three of the key PCI-DSS related tools we have to offer.
The first was XUA (XYGATE User Authentication) which provides logon controls via IP address, thus ticking the PDC-DSS 1.3.2 box: Limit inbound Internet traffic to IP addresses within the DMZ. XUA also provides far more functionality with the likes of LDAP-integrated Single Sign On, granular log-on control, time-related log-on restriction, full audit and more – not only providing extra uses, but also covering other PCI-DSS requirements including (but not limited to) 7.2, 8.1 and 8.5.13.
Following the theme of using one XYGATE solution to crack several different PCI-DSS nuts, were XSW (XYGATE Security Compliance Wizard) which is by far the best file-integrity/change-detection tool on the market and XMA (XYGATE Merged Audit) which chiefly consolidates and exports NonStop audit data and provides real-time alerts. XSW and XMA apply to a long list of PCI requirements, so if you’re just starting a PCI project, be sure to take a look sooner rather than later.
PCI-DSS is a fairly hot topic in Europe right now and Sean and I thought his presentation was well received at the time. Those thoughts were backed up a few days after the event, when the delegate feedback forms were returned, showing the XYPRO presentation to have scored the highest of the event – no mean feat when HP’s Mittal Parekh is in town – the man is so passionate he could talk about a paint drying process and I’d still be riveted!
It’s a VNUG tradition to have some sort of group activity on the evening of day two. This year’s was kept under secret until they’d got everyone herded into a large empty conference room: line dancing! I won’t deny that my heart sank when they first announced it, but I don’t mind admitting it was actually great fun – never thought I’d find myself saying that! I’ll also admit that it’s far more difficult than it looks!
The event drew to a close at around 3.30pm on day three, giving us time to reflect on a well attended and very friendly VNUG event. Our thanks to Tommy and the rest of the VNUG board for putting on another great conference. With 2011 being the tenth anniversary, they’ve promised us an even more memorable event next year – we’re looking forward to it already.
www.vnug.biz
http://blog.xypro.com/
Dan Lewis
XYPRO European Marketing Manager
Register today for the Global HP NonStop Symposium & Expo, 26-29th September - www.NonStopSymposium.com
Day one was either an education day, or a golf tournament. I was looking forward to a round of golf, but striking British Airways cabin staff had other ideas. Our rescheduled flight meant I’ll have to wait until next year to play my first golf in Sweden. At least with an extra year to practice I’ll increase my chances of not coming last!
The real business began on the morning of day two. Around 10 vendors set up their booths and a range of HP updates, vendor pitches and user presentations kicked off at 9.30am. Our presentation was originally scheduled to be the final one of the event on day three, but a last-minute cancellation by one of the speakers meant we were moved to the afternoon of day two – no complaints there.
For XYPRO’s 20 minute slot we took a look at a few of the PCI-DSS requirements which can’t be met on a NonStop with native software. This scenario applies to far more requirements than we had time to cover, but it was more than enough time to take a high-level look at three of the key PCI-DSS related tools we have to offer.
The first was XUA (XYGATE User Authentication) which provides logon controls via IP address, thus ticking the PDC-DSS 1.3.2 box: Limit inbound Internet traffic to IP addresses within the DMZ. XUA also provides far more functionality with the likes of LDAP-integrated Single Sign On, granular log-on control, time-related log-on restriction, full audit and more – not only providing extra uses, but also covering other PCI-DSS requirements including (but not limited to) 7.2, 8.1 and 8.5.13.
Following the theme of using one XYGATE solution to crack several different PCI-DSS nuts, were XSW (XYGATE Security Compliance Wizard) which is by far the best file-integrity/change-detection tool on the market and XMA (XYGATE Merged Audit) which chiefly consolidates and exports NonStop audit data and provides real-time alerts. XSW and XMA apply to a long list of PCI requirements, so if you’re just starting a PCI project, be sure to take a look sooner rather than later.
PCI-DSS is a fairly hot topic in Europe right now and Sean and I thought his presentation was well received at the time. Those thoughts were backed up a few days after the event, when the delegate feedback forms were returned, showing the XYPRO presentation to have scored the highest of the event – no mean feat when HP’s Mittal Parekh is in town – the man is so passionate he could talk about a paint drying process and I’d still be riveted!
It’s a VNUG tradition to have some sort of group activity on the evening of day two. This year’s was kept under secret until they’d got everyone herded into a large empty conference room: line dancing! I won’t deny that my heart sank when they first announced it, but I don’t mind admitting it was actually great fun – never thought I’d find myself saying that! I’ll also admit that it’s far more difficult than it looks!
The event drew to a close at around 3.30pm on day three, giving us time to reflect on a well attended and very friendly VNUG event. Our thanks to Tommy and the rest of the VNUG board for putting on another great conference. With 2011 being the tenth anniversary, they’ve promised us an even more memorable event next year – we’re looking forward to it already.
www.vnug.biz
http://blog.xypro.com/
Dan Lewis
XYPRO European Marketing Manager
Register today for the Global HP NonStop Symposium & Expo, 26-29th September - www.NonStopSymposium.com
Subscribe to:
Comments (Atom)
Posts
