SlideShare a Scribd company logo

Security Strategies for Success

•
•
Citrix
Citrix

In this exclusive Security Leadership Series eBook, Citrix chief information security officer Stan Black and chief security strategist Kurt Roemer share best practices for leading meaningful security discussions with the board of directors; engaging end users to protect business information; and meeting security-related compliance requirements.

Technology
1 of 9
Download to read offline
Are you protecting the information that matters most? SECURITY LEADERSHIP SERIES: Security Strategies for Success
TABLE OF CONTENTS 4 SECRETS TO MEANINGFUL SECURITY DISCUSSIONS WITH THE BOARD OF DIRECTORS PAGE 4 5 BEST PRACTICES TO MAKE SECURITY EVERYONE’S BUSINESS PAGE 6 3 STRATEGIES TO MANAGE COMPLIANCE MANDATES PAGE 8
To find out more, please visit www.citrix.com/secure SECURITY HAS NEVER BEEN SO CHALLENGING. Trends such as mobility, bring-your-own device and cloud computing mean that more people are accessing sensitive business information from more places and in more ways than ever before. For IT, the challenge is to protect this information from loss, theft and increasingly sophisticated threats while addressing privacy, compliance and risk management mandates. Solid security strategies must include smart policies, rigorous enforcement and deep monitoring/reporting, as well as provide people with the level of access to business resources that they need to get their work done. Citrix, a recognized leader for its contributions to the advancement of information security, can help you take a “protect what matters” approach to security and risk management that’s right for your organization. Citrix gives business powerful ways to address key security and compliance priorities by ensuring the right level of secure access for every individual and situation. As business moves across locations, networks and devices, IT has the visibility and control it needs to protect and guard sensitive information assets without having to compromise workforce and end user mobility, freedom or productivity. Complemented by industry-leading security partners, Citrix offers secure-by-design solutions to help you protect the information that matters most to your business. In this exclusive Security Leadership Series eBook, Citrix chief information security officer Stan Black and chief security strategist Kurt Roemer share best practices for: n Leading meaningful security discussions with the board of directors n Engaging end users to protect business information n Meeting security-related compliance requirements For IT leaders, these security strategies for success are essential reading. Get started today. INTRODUCTION
SECRETS TO MEANINGFUL SECURITY DISCUSSIONS WITH THE BOARD OF DIRECTORS Security was once the exclusive province of IT departments. These days, with increasingly sophisticated threats prolif- erating across geographic boundaries, cloud computing, mobility, and everything “bring your own,” security has finally won the ultimate badge of corporate honor: a seat at the board of directors. “Security has evolved from a technical issue into a broader issue of intense business interest to corporate boards,” says Kurt Roemer, chief security strategist at Citrix. That heightened interest is hardly surprising given the seri- ousness of security-related risks, which include exposure of sensitive information, damage to your company’s repu- tation, and—most important of all—serious harm to the bottom line. For IT leaders, the upshot is more frequent boardroom discussions about the core pillars of any solid security plan: policies, enforcement mechanisms, and monitoring/reporting. To lead those meetings successfully, follow these best practices: 1. Speak the language of the boardroom Board members discuss business issues in business language rather than technical terms. Follow suit in board meetings by focusing on critical threats, the material risks they pose, the best options for mitigating them, and breach preparedness. Be concise when discussing those topics, and avoid conjecture. Board members are interested strictly in facts. Use clear, easily understood charts and diagrams as well to illustrate important issues like your company’s current security posture and future goals. “That way you can show the board exactly where you are, where you’re going, and how you’ll get there,” says Stan Black, chief information security officer at Citrix. Be prepared for plenty of questions, too. Board members will want to know how your organization stacks up against peers in your industry, for instance. Crisp, informative, and SECURITY STRATEGIES FOR SUCCESS “Security has evolved from a technical issue into a broader issue of intense business interest to corporate boards.” —KURT ROEMER CHIEF SECURITY STRATEGIST CITRIX Corporate boards are more interested in security than ever before. Here’s how to engage them in a strategic dialogue about a topic with bottom-line implications. 4
thoroughly researched answers will reassure them that your strategies are sound. 2. Explain the core elements of your risk mitigation efforts Well-designed risk mitigation strategies are also reassuring. Such strategies should take a “protect what matters” approach to safeguarding your company’s most important, vulnerable, and heavily regulated data. The board will want to know how you prioritized sensitive data, so describe the process you used. In addition, guide them through: n Your policies for handling business information, in the cloud as well as on company-owned and personally owned devices both inside and outside the office n How you enforce those policies and train employees to follow them n How you prevent the loss of essential data In particular, make certain board members understand that persons like themselves with access to an organization’s most sensitive information are high-value targets who must be especially diligent about following security policies. Be sure to update the board about any changes in your compa- ny’s governance obligations too, as well as the steps you’re taking in response. Of course, new and emerging threats pose dangers no matter how good your mitigation strategy is, so deploy secu- rity technologies in layers that account for your network and your users, as well as their apps, data, and storage. 3. Describe your breach preparedness and incident response plan Even the best security measures can fall prey to attacks, so show board members you’re ready by explaining your inci- dent response plan, including who’s on the response team, who’s authorized to mobilize it, and under what conditions. Describe your internal and external communication plan as well, and discuss your disclosure triggers for security incidents. Some disclosure thresholds are defined by law, but others rely on discretion, and board members should provide direction on how descriptive they need to be. Should a breach occur, brief the board promptly about what happened, the potential impact on your company and your customers, how long it will take you to fix the problem, and what you’re doing to prevent repeat occurrences. Provide regular updates too, and set a clear schedule for when board members can expect your next report. 4. Use meaningful security metrics to measure success Most boards wish to monitor security readiness on an ongoing basis. A security dashboard will provide them quick access to the most relevant information. “The dashboard provides context to security risks and enables the board to oversee the reduction in critical expo- sures,” Black says. Use metrics that are easy for board members to understand and relevant to their concerns, such as threats identified, time to response, end-user devices lost, and audit results. In addition, revisit your metrics periodically, adapt them to your company’s evolving threat landscape, and inform the board about any major changes to your architecture, tech- nologies, and strategy. Presenting to the board of directors may be a new experi- ence for some in IT, but it doesn’t have to be a difficult one. With the help of the guidelines above, board meetings can be an opportunity to engage your company’s most senior leaders in a strategic dialogue not only about security, but about mobility, cloud computing, and the evolution of the workplace. n To find out more, please visit www.citrix.com/secure SECURITY STRATEGIES FOR SUCCESS Security is of greater interest to corporate boards than ever before, and technology plays a central part in any effective security strategy. Citrix ensures security and compliance for critical business information while empowering your workforce to work anywhere, anytime, on any device. Citrix XenDesktop allows companies to publish Windows apps and desktops in the data center, where IT can maintain central- ized data protection, compliance, access control, and user administration. Citrix XenMobile provides rich enterprise mobility management capabilities, including identity-based provisioning and control of apps, data, and devices. Citrix ShareFile enables employees to share data securely with anyone and sync data across all of their devices. Citrix NetScaler adds a unified manage- ment framework that lets IT secure, control, and optimize access to apps, desktops, and services on any device. Citrix solutions are “secure by design” systems carefully architected to minimize vulnerabilities and are complemented by state-of-the-art offerings from industry-leading security partners. The end result is a comprehensive platform for protecting information that gives security-conscious board members lasting peace of mind. HOW CITRIX CAN HELP
BEST PRACTICES TO MAKE SECURITY EVERYONE’S BUSINESS Menaced by an ever-expanding array of increasingly potent threats, today’s highly mobile employees are front- line participants in the struggle to secure the enterprise. So while solid security strategies must include smart policies, rigorous enforcement, and deep monitoring/ reporting, they must also reflect the needs and habits of the company’s users. “End users are ultimately where security succeeds or fails,” says Kurt Roemer, chief security strategist at Citrix. Unfortunately, keeping employees both safe and satisfied isn’t easy. Employees want anywhere, anytime access to information from any device without cumbersome secu- rity protections slowing them down. Business managers want to safeguard important information without inhibiting growth, innovation, and competitiveness. IT departments want to keep everyone productive while recognizing that employees and their devices are often the weak links in the security chain. To balance those competing interests, security leaders should follow these best practices: 1. Educate users An informed, security-conscious workforce is every compa- ny’s first line of defense against security threats, so teaching people how to work safely from any location on any device must be a top priority. Simply preaching best practices is a recipe for failure. Take the time to understand who your users are, what they do, and what they need. Then explain your company’s security policies to them in terms that are easily understood and relevant to their role. “Relevance is key,” Roemer says. “Everything you present should be specific to a person’s function rather than one- size-fits-all.” It should also be personal, Stan Black, chief information security officer at Citrix adds. For example, in addition to work-related security training, Citrix gives its employees advice on topics like securing a home wireless network and helping their kids use the Internet safely. “We try to tie all our education efforts to the full lifecycle of SECURITY STRATEGIES FOR SUCCESS “When policies are developed collaboratively across the company, and security awareness is woven into the culture, violations are infrequent.” — STAN BLACK CHIEF INFORMATION SECURITY OFFICER CITRIX Employees are one of your greatest risks to information security. Use these five proven techniques to strengthen your security strategy and protect your business. 5
security, not just what people do at the office,” Black says. That makes security training more valuable for employees while also protecting sensitive data from poorly secured personal hardware. 2. Engage with line-of-business organizations Close working relationships between IT executives and line-of-business managers are an essential ingredient for effective security. Meeting regularly with business deci- sion makers empowers security leaders to build appro- priate safeguards into new business initiatives right from the beginning. It also gives them an indispensable, up-close perspective on a business group’s unique risks and requirements. “You’ll learn more about operational processes and poten- tial dangers that you’d never know about otherwise,” Black says. “You can then incorporate those insights into your security plans and make them even richer.” 3. Take a modern and mobile look at security policies As critical as it is, training alone doesn’t ensure strong security. Many of the devices, networks, and storage systems employees rely on these days are outside of IT control. “IT needs to update traditional security policies for the new mobile and cloud services reality,” Roemer observes. Start by thinking through how strictly you want to limit access to your company’s data based on where an employee is located and what kind of device they’re using. Most companies adopt graduated policies that protect sensitive information more carefully than public informa- tion and provide less access from consumer-grade and “bring your own devices” (BYOD) than from more thor- oughly “locked down” enterprise-grade devices. Then revise your security policies to reflect risks like storing business data on personally owned devices, posting pass- words on a computer monitor, or using a USB storage device you found on the floor. 4. Enforce policies fairly and consistently Security policies can lose value over time if users don’t believe violating them has consequences—or worse yet, if they believe bypassing them improves productivity. Poli- cies must be maintained and kept current with the busi- ness. Security leaders must therefore enforce policies fairly and consistently. “When policies are developed collaboratively across the company, and security awareness is woven into the culture, violations are infrequent,” Black says. 5. Automate security seamlessly To further reduce policy violations, use security software to automate policy enforcement. For example, many security solutions can implement desired behaviors—like encrypting business data on mobile devices—by default. They can also build tighter security into core elements of the user experi- ence by automatically preventing employees from running unauthorized apps over the company network or limiting which apps people can open email attachments with, for example. Other solutions provide logging and reporting functionality that can help you prove to auditors that you’ve applied appropriate policies scrupulously. Even so, software is ultimately just one piece of the security puzzle. “To really protect the company you have to get to know your line-of-business groups and your end users,” Roemer says. Ultimately, the best security strategies are as much about people as technology. n SECURITY STRATEGIES FOR SUCCESS Freedom of choice will rapidly drive bring-your-own device (BYOD) to become mainstream in most organizations. This is transforming both the way people work — bringing productivity, collaboration and mobility to everything they do — and how IT delivers business apps and data to them. The best BYOD approach combines a well-defined and enforceable policy with a secure technology foundation. A formal policy should address who is eligible, which devices are allowed and what services will be available. It should also address who is financially responsible for what and how acceptable use policy applies. With Citrix, IT can simplify management and reduce costs while empowering people to work easily, securely and seamlessly across any type of device, regardless of ownership. By leveraging the ability to granularly manage data and applications, sensitive business information can be securely accessed on personally-owned devices. IT gains identity-based provisioning and control of data, apps and devices to protect information from loss and theft while addressing privacy, compliance and risk management mandates. MAKE BYOD SIMPLE AND SECURE WITH CITRIX To find out more, please visit www.citrix.com/secure
STRATEGIES TO MANAGE COMPLIANCE MANDATES Here’s good news for security leaders: If you’ve established sound policies, enforce them rigorously, and thoroughly monitor and report security effectiveness, you’re well on your way to protecting your company from today’s growing swarm of increasingly potent threats. Now here’s the bad news: More and more auditors, regulators, partners, and customers are demanding defensible proof of that fact. “Globally, there are over 300 security and privacy-related standards, regulations, and laws with over 3,500 specific controls, with more coming all the time,” says Stan Black, chief information security officer at Citrix. “The people responsible for those rules want evidence that you’re in compliance.” The consequences for disappointing auditors and regulators can be severe. Failure to comply with today’s ever-expanding thicket of security-related compliance requirements can result in fines and penalties, outraged customers, loss of sensitive data, increased scrutiny from regulators, and costly damage to your organization’s brand and reputation. Not surprisingly, then, compliance has become a topic of intense interest to senior executives and board members. To bolster their confidence that your company meets all of its requirements—and can defensively prove it—follow these best practices: 1. Enable access while protecting information Adopting a comprehensive approach to identity and access management, combined with an intense focus on sensi- tive data and relevant reporting and metrics is an impor- tant balance. Policies should specify granular data access privileges based on where employees are located, what network they’re on, and which device they’re using, with additional controls commensurate with risk. For example, access should be further scrutinized when utilizing a personally owned smartphone over a public network, than when using a company-owned laptop at the office. Job role is another important variable. “You should grant access only to people who have a need to know for their role and function,” advises Kurt Roemer, chief security strategist at Citrix. Role-specific training and automated role-based access control will ensure employees under- stand your policies and follow them. You should also diligently enforce your policies with the SECURITY STRATEGIES FOR SUCCESS “Most companies have between three and five different types of data classifications, ranging from public to top secret.” — STAN BLACK CHIEF INFORMATION SECURITY OFFICER CITRIX Meeting security-related compliance requirements is an increasingly complex job. Focus on these three strategies to easily manage compliance. 3
help of a robust security architecture. For example, data- focused security measures help protect data “in transit” across public and private networks, “at rest” in cloud-based or on-site storage, and “in use” on end-user devices. It also manages device security and other assets employees use to access information, builds tighter security controls into the company’s applications and networks, and manages those controls both centrally and when management responsibili- ties are distributed. 2. Control sensitive data Most security mandates apply chiefly to personally iden- tifiable information, healthcare records, payment transac- tions, and other classified data. To comply with mandates, you must first identify sensitive data by creating a clas- sification model for the various kinds of information your company creates, transmits, and stores. “Most companies have between three and five different types of data classifications, ranging from public to top secret,” Black says. Next, make data classification assignments and prioritiza- tions. To ensure the right data ends up in the right categories, involve a wide cross-section of stakeholders in this process, including representatives from your business groups, legal department, and operational functions. Now you’re ready to implement policies and enforcement mechanisms for securing data based on how sensitive it is, where it’s stored, and where it’s being accessed. For example, you might choose to control public data minimally regardless of user, network, and device, but limit access to confidential information on “bring your own” and consumer hardware. Always apply your strictest controls to your most sensitive data. “It makes sense to deny access to sensitive data altogether on devices and networks that can’t be veri- fied as appropriately secured,” Roemer says. Once again, security solutions can help you enforce classification-based policies automatically. 3. Audit, measure, and demonstrate compliance Comprehensive security reporting is always important, but especially critical when it comes to compliance. “Auditors and others want to see clear evidence that you did what you said you would,” Black says. Satisfying those demands takes systematic logging, reporting, and auditing processes thorough enough to track when specific users access specific apps and data, and flexible enough to address new regulations and stan- dards as they emerge. Create a reporting dashboard as well where authorized managers can see the latest compliance goals and results. “Otherwise you’ll be pushing around spreadsheets that are out of date before anyone even gets them,” Black notes. Should an audit uncover gaps in your compliance measures, take a cradle-to-grave approach to resolving them by centrally tracking issues from detection to closure. Treat the people who found those issues as colleagues rather than adversaries. Internal auditors can help you eliminate risks and justify additional security investments. External auditors can provide valuable, unbiased feedback on your compliance regime. Consulting with peers is often similarly helpful. Executives in your field may be reluctant to speak freely, but security leaders in other industries are often willing to exchange useful insights if everyone commits to nondisclosure agree- ments in advance. Opportunities like this make clear that, for all its difficulties, compliance can pay real dividends. “Quite honestly, the reason most of these laws and standards exist is because businesses have struggled to understand and deliver a ‘best practice,’” Black says. Meeting today’s constantly shifting compliance require- ments is an excellent way to test your defenses regularly and keep them aligned with the business need for security. n SECURITY STRATEGIES FOR SUCCESS IT has to maintain compliance and protect sensitive information wherever and however it’s used and stored — even when business and personal apps live side-by-side on the same mobile device. Developing a truly comprehensive and security- conscious mobility strategy is now a top priority for every organization. To protect what matters most for your organization, choose mobility management and app delivery models that make the most sense for your business and your mobile use cases. Also collaborate with users to develop a mobility strategy so you can better meet their needs while gaining a valuable opportunity to set expectations, automate outcomes, be clear about ownership, and make sure that people understand IT’s own requirements to ensure compliance. Citrix provides a complete solution to enable secure enterprise mobility with a simple, convenient user experience your work- force demands. Incorporating complete technologies for MDM, MAM, containerization, application and desktop virtualization, and networking, the end-to-end solution allows ample flexibility to support your organization’s secure mobility requirements. EMBRACE MOBILITY SECURELY WITH CITRIX To find out more, please visit www.citrix.com/secure

Recommended

3 Ways Companies Are Slashing IT Costs with VDI
3 Ways Companies Are Slashing IT Costs with VDI3 Ways Companies Are Slashing IT Costs with VDI
3 Ways Companies Are Slashing IT Costs with VDICitrix
 
Top 3 Reasons to Deliver Web Apps with Application Virtualization
Top 3 Reasons to Deliver Web Apps with Application VirtualizationTop 3 Reasons to Deliver Web Apps with Application Virtualization
Top 3 Reasons to Deliver Web Apps with Application VirtualizationCitrix
 
10 Reasons to Strengthen Security with App & Desktop Virtualization
10 Reasons to Strengthen Security with App & Desktop Virtualization10 Reasons to Strengthen Security with App & Desktop Virtualization
10 Reasons to Strengthen Security with App & Desktop VirtualizationCitrix
 
Desktop Virtualization: Reduce Costs, Improve Efficiencies with Proven VDI So...
Desktop Virtualization: Reduce Costs, Improve Efficiencies with Proven VDI So...Desktop Virtualization: Reduce Costs, Improve Efficiencies with Proven VDI So...
Desktop Virtualization: Reduce Costs, Improve Efficiencies with Proven VDI So...Citrix
 
Manage risk by protecting apps, data and usage
Manage risk by protecting apps, data and usageManage risk by protecting apps, data and usage
Manage risk by protecting apps, data and usageCitrix
 
Windows Apps on Chromebooks: Deliver a Seamless Experience
Windows Apps on Chromebooks: Deliver a Seamless ExperienceWindows Apps on Chromebooks: Deliver a Seamless Experience
Windows Apps on Chromebooks: Deliver a Seamless ExperienceCitrix
 
The Total Economic Impact of Citrix XenApp
The Total Economic Impact of Citrix XenAppThe Total Economic Impact of Citrix XenApp
The Total Economic Impact of Citrix XenAppCitrix
 
Unified Endpoint Management: Security & Productivity for the Mobile Enterprise
Unified Endpoint Management: Security & Productivity for the Mobile EnterpriseUnified Endpoint Management: Security & Productivity for the Mobile Enterprise
Unified Endpoint Management: Security & Productivity for the Mobile EnterpriseCitrix
 

Recommended

3 Ways Companies Are Slashing IT Costs with VDI
3 Ways Companies Are Slashing IT Costs with VDI3 Ways Companies Are Slashing IT Costs with VDI
3 Ways Companies Are Slashing IT Costs with VDICitrix
 
Top 3 Reasons to Deliver Web Apps with Application Virtualization
Top 3 Reasons to Deliver Web Apps with Application VirtualizationTop 3 Reasons to Deliver Web Apps with Application Virtualization
Top 3 Reasons to Deliver Web Apps with Application VirtualizationCitrix
 
10 Reasons to Strengthen Security with App & Desktop Virtualization
10 Reasons to Strengthen Security with App & Desktop Virtualization10 Reasons to Strengthen Security with App & Desktop Virtualization
10 Reasons to Strengthen Security with App & Desktop VirtualizationCitrix
 
Desktop Virtualization: Reduce Costs, Improve Efficiencies with Proven VDI So...
Desktop Virtualization: Reduce Costs, Improve Efficiencies with Proven VDI So...Desktop Virtualization: Reduce Costs, Improve Efficiencies with Proven VDI So...
Desktop Virtualization: Reduce Costs, Improve Efficiencies with Proven VDI So...Citrix
 
Manage risk by protecting apps, data and usage
Manage risk by protecting apps, data and usageManage risk by protecting apps, data and usage
Manage risk by protecting apps, data and usageCitrix
 
Windows Apps on Chromebooks: Deliver a Seamless Experience
Windows Apps on Chromebooks: Deliver a Seamless ExperienceWindows Apps on Chromebooks: Deliver a Seamless Experience
Windows Apps on Chromebooks: Deliver a Seamless ExperienceCitrix
 
The Total Economic Impact of Citrix XenApp
The Total Economic Impact of Citrix XenAppThe Total Economic Impact of Citrix XenApp
The Total Economic Impact of Citrix XenAppCitrix
 
Unified Endpoint Management: Security & Productivity for the Mobile Enterprise
Unified Endpoint Management: Security & Productivity for the Mobile EnterpriseUnified Endpoint Management: Security & Productivity for the Mobile Enterprise
Unified Endpoint Management: Security & Productivity for the Mobile EnterpriseCitrix
 
Life in the Digital Workspace
Life in the Digital WorkspaceLife in the Digital Workspace
Life in the Digital WorkspaceCitrix
 
Redefining Business Mobility and Customer Experience
Redefining Business Mobility and Customer ExperienceRedefining Business Mobility and Customer Experience
Redefining Business Mobility and Customer ExperienceCitrix
 
Secure Remote Browser
Secure Remote BrowserSecure Remote Browser
Secure Remote BrowserCitrix
 
Enterprise Case Study: Enabling a More Mobile Way of Working
Enterprise Case Study: Enabling a More Mobile Way of Working Enterprise Case Study: Enabling a More Mobile Way of Working
Enterprise Case Study: Enabling a More Mobile Way of Working Citrix
 
Transforming Business with Citrix: Customers Share Their Stories.
Transforming Business with Citrix: Customers Share Their Stories.Transforming Business with Citrix: Customers Share Their Stories.
Transforming Business with Citrix: Customers Share Their Stories.Citrix
 
Comparing traditional workspaces to digital workspaces
Comparing traditional workspaces to digital workspacesComparing traditional workspaces to digital workspaces
Comparing traditional workspaces to digital workspacesCitrix
 
Manage Risk By Protecting the Apps and Data Infographic
Manage Risk By Protecting the Apps and Data InfographicManage Risk By Protecting the Apps and Data Infographic
Manage Risk By Protecting the Apps and Data InfographicCitrix
 
Mobile Workspaces Go Where You Go [Infographic]
Mobile Workspaces Go Where You Go [Infographic]Mobile Workspaces Go Where You Go [Infographic]
Mobile Workspaces Go Where You Go [Infographic]Citrix
 
EMEA10: Trepidation in Moving to the Cloud
EMEA10: Trepidation in Moving to the CloudEMEA10: Trepidation in Moving to the Cloud
EMEA10: Trepidation in Moving to the CloudCompTIA UK
 
En msft-scrty-cntnt-e book-protectyourdata
En msft-scrty-cntnt-e book-protectyourdataEn msft-scrty-cntnt-e book-protectyourdata
En msft-scrty-cntnt-e book-protectyourdataOnline Business
 
Cloud is not an option, but is security?
Cloud is not an option, but is security?Cloud is not an option, but is security?
Cloud is not an option, but is security?Jody Keyser
 
Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...
Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...
Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...HyTrust
 
2017-10-05 Mitigating Cybersecurity and Cyber Fraud risk in Your Organization
2017-10-05 Mitigating Cybersecurity and Cyber Fraud risk in Your Organization2017-10-05 Mitigating Cybersecurity and Cyber Fraud risk in Your Organization
2017-10-05 Mitigating Cybersecurity and Cyber Fraud risk in Your OrganizationRaffa Learning Community
 
Big data and analytics
Big data and analytics Big data and analytics
Big data and analytics Freeform Dynamics
 
Product Assessment and Consulting Offerings
Product Assessment and Consulting OfferingsProduct Assessment and Consulting Offerings
Product Assessment and Consulting OfferingsHappiest Minds Technologies
 
Cloud security with Sage Construction Anywhere
Cloud security with Sage Construction AnywhereCloud security with Sage Construction Anywhere
Cloud security with Sage Construction AnywhereSage Construction and Real Estate
 
Are Your PCs and Laptops Recovery and Discovery Ready?
Are Your PCs and Laptops Recovery and Discovery Ready?Are Your PCs and Laptops Recovery and Discovery Ready?
Are Your PCs and Laptops Recovery and Discovery Ready?Iron Mountain
 
GUIDE TO KEEP YOUR END-USERS CONNECTED TO THE DIGITAL WORKPLACE DURING DISRUP...
GUIDE TO KEEP YOUR END-USERS CONNECTED TO THE DIGITAL WORKPLACE DURING DISRUP...GUIDE TO KEEP YOUR END-USERS CONNECTED TO THE DIGITAL WORKPLACE DURING DISRUP...
GUIDE TO KEEP YOUR END-USERS CONNECTED TO THE DIGITAL WORKPLACE DURING DISRUP...Happiest Minds Technologies
 
4.5.cloud security
4.5.cloud security4.5.cloud security
4.5.cloud securityDrRajapraveenkN
 
Enterprise Digital Assistants: How they can support you in your Credit, Colle...
Enterprise Digital Assistants: How they can support you in your Credit, Colle...Enterprise Digital Assistants: How they can support you in your Credit, Colle...
Enterprise Digital Assistants: How they can support you in your Credit, Colle...emagia
 
Mongodb
MongodbMongodb
MongodbThiago Veiga
 
AWS Summit Auckland 2014 | Why Scale Matters and How the Cloud Really is Diff...
AWS Summit Auckland 2014 | Why Scale Matters and How the Cloud Really is Diff...AWS Summit Auckland 2014 | Why Scale Matters and How the Cloud Really is Diff...
AWS Summit Auckland 2014 | Why Scale Matters and How the Cloud Really is Diff...Amazon Web Services
 

More Related Content

What's hot

Life in the Digital Workspace
Life in the Digital WorkspaceLife in the Digital Workspace
Life in the Digital WorkspaceCitrix
 
Redefining Business Mobility and Customer Experience
Redefining Business Mobility and Customer ExperienceRedefining Business Mobility and Customer Experience
Redefining Business Mobility and Customer ExperienceCitrix
 
Secure Remote Browser
Secure Remote BrowserSecure Remote Browser
Secure Remote BrowserCitrix
 
Enterprise Case Study: Enabling a More Mobile Way of Working
Enterprise Case Study: Enabling a More Mobile Way of Working Enterprise Case Study: Enabling a More Mobile Way of Working
Enterprise Case Study: Enabling a More Mobile Way of Working Citrix
 
Transforming Business with Citrix: Customers Share Their Stories.
Transforming Business with Citrix: Customers Share Their Stories.Transforming Business with Citrix: Customers Share Their Stories.
Transforming Business with Citrix: Customers Share Their Stories.Citrix
 
Comparing traditional workspaces to digital workspaces
Comparing traditional workspaces to digital workspacesComparing traditional workspaces to digital workspaces
Comparing traditional workspaces to digital workspacesCitrix
 
Manage Risk By Protecting the Apps and Data Infographic
Manage Risk By Protecting the Apps and Data InfographicManage Risk By Protecting the Apps and Data Infographic
Manage Risk By Protecting the Apps and Data InfographicCitrix
 
Mobile Workspaces Go Where You Go [Infographic]
Mobile Workspaces Go Where You Go [Infographic]Mobile Workspaces Go Where You Go [Infographic]
Mobile Workspaces Go Where You Go [Infographic]Citrix
 
EMEA10: Trepidation in Moving to the Cloud
EMEA10: Trepidation in Moving to the CloudEMEA10: Trepidation in Moving to the Cloud
EMEA10: Trepidation in Moving to the CloudCompTIA UK
 
En msft-scrty-cntnt-e book-protectyourdata
En msft-scrty-cntnt-e book-protectyourdataEn msft-scrty-cntnt-e book-protectyourdata
En msft-scrty-cntnt-e book-protectyourdataOnline Business
 
Cloud is not an option, but is security?
Cloud is not an option, but is security?Cloud is not an option, but is security?
Cloud is not an option, but is security?Jody Keyser
 
Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...
Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...
Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...HyTrust
 
2017-10-05 Mitigating Cybersecurity and Cyber Fraud risk in Your Organization
2017-10-05 Mitigating Cybersecurity and Cyber Fraud risk in Your Organization2017-10-05 Mitigating Cybersecurity and Cyber Fraud risk in Your Organization
2017-10-05 Mitigating Cybersecurity and Cyber Fraud risk in Your OrganizationRaffa Learning Community
 
Big data and analytics
Big data and analytics Big data and analytics
Big data and analytics Freeform Dynamics
 
Product Assessment and Consulting Offerings
Product Assessment and Consulting OfferingsProduct Assessment and Consulting Offerings
Product Assessment and Consulting OfferingsHappiest Minds Technologies
 
Are Your PCs and Laptops Recovery and Discovery Ready?
Are Your PCs and Laptops Recovery and Discovery Ready?Are Your PCs and Laptops Recovery and Discovery Ready?
Are Your PCs and Laptops Recovery and Discovery Ready?Iron Mountain
 
GUIDE TO KEEP YOUR END-USERS CONNECTED TO THE DIGITAL WORKPLACE DURING DISRUP...
GUIDE TO KEEP YOUR END-USERS CONNECTED TO THE DIGITAL WORKPLACE DURING DISRUP...GUIDE TO KEEP YOUR END-USERS CONNECTED TO THE DIGITAL WORKPLACE DURING DISRUP...
GUIDE TO KEEP YOUR END-USERS CONNECTED TO THE DIGITAL WORKPLACE DURING DISRUP...Happiest Minds Technologies
 
4.5.cloud security
4.5.cloud security4.5.cloud security
4.5.cloud securityDrRajapraveenkN
 
Enterprise Digital Assistants: How they can support you in your Credit, Colle...
Enterprise Digital Assistants: How they can support you in your Credit, Colle...Enterprise Digital Assistants: How they can support you in your Credit, Colle...
Enterprise Digital Assistants: How they can support you in your Credit, Colle...emagia
 

What's hot (20)

Life in the Digital Workspace
Life in the Digital WorkspaceLife in the Digital Workspace
Life in the Digital Workspace
 
Redefining Business Mobility and Customer Experience
Redefining Business Mobility and Customer ExperienceRedefining Business Mobility and Customer Experience
Redefining Business Mobility and Customer Experience
 
Secure Remote Browser
Secure Remote BrowserSecure Remote Browser
Secure Remote Browser
 
Enterprise Case Study: Enabling a More Mobile Way of Working
Enterprise Case Study: Enabling a More Mobile Way of Working Enterprise Case Study: Enabling a More Mobile Way of Working
Enterprise Case Study: Enabling a More Mobile Way of Working
 
Transforming Business with Citrix: Customers Share Their Stories.
Transforming Business with Citrix: Customers Share Their Stories.Transforming Business with Citrix: Customers Share Their Stories.
Transforming Business with Citrix: Customers Share Their Stories.
 
Comparing traditional workspaces to digital workspaces
Comparing traditional workspaces to digital workspacesComparing traditional workspaces to digital workspaces
Comparing traditional workspaces to digital workspaces
 
Manage Risk By Protecting the Apps and Data Infographic
Manage Risk By Protecting the Apps and Data InfographicManage Risk By Protecting the Apps and Data Infographic
Manage Risk By Protecting the Apps and Data Infographic
 
Mobile Workspaces Go Where You Go [Infographic]
Mobile Workspaces Go Where You Go [Infographic]Mobile Workspaces Go Where You Go [Infographic]
Mobile Workspaces Go Where You Go [Infographic]
 
EMEA10: Trepidation in Moving to the Cloud
EMEA10: Trepidation in Moving to the CloudEMEA10: Trepidation in Moving to the Cloud
EMEA10: Trepidation in Moving to the Cloud
 
En msft-scrty-cntnt-e book-protectyourdata
En msft-scrty-cntnt-e book-protectyourdataEn msft-scrty-cntnt-e book-protectyourdata
En msft-scrty-cntnt-e book-protectyourdata
 
Cloud is not an option, but is security?
Cloud is not an option, but is security?Cloud is not an option, but is security?
Cloud is not an option, but is security?
 
Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...
Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...
Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...
 
2017-10-05 Mitigating Cybersecurity and Cyber Fraud risk in Your Organization
2017-10-05 Mitigating Cybersecurity and Cyber Fraud risk in Your Organization2017-10-05 Mitigating Cybersecurity and Cyber Fraud risk in Your Organization
2017-10-05 Mitigating Cybersecurity and Cyber Fraud risk in Your Organization
 
Big data and analytics
Big data and analytics Big data and analytics
Big data and analytics
 
Product Assessment and Consulting Offerings
Product Assessment and Consulting OfferingsProduct Assessment and Consulting Offerings
Product Assessment and Consulting Offerings
 
Cloud security with Sage Construction Anywhere
Cloud security with Sage Construction AnywhereCloud security with Sage Construction Anywhere
Cloud security with Sage Construction Anywhere
 
Are Your PCs and Laptops Recovery and Discovery Ready?
Are Your PCs and Laptops Recovery and Discovery Ready?Are Your PCs and Laptops Recovery and Discovery Ready?
Are Your PCs and Laptops Recovery and Discovery Ready?
 
GUIDE TO KEEP YOUR END-USERS CONNECTED TO THE DIGITAL WORKPLACE DURING DISRUP...
GUIDE TO KEEP YOUR END-USERS CONNECTED TO THE DIGITAL WORKPLACE DURING DISRUP...GUIDE TO KEEP YOUR END-USERS CONNECTED TO THE DIGITAL WORKPLACE DURING DISRUP...
GUIDE TO KEEP YOUR END-USERS CONNECTED TO THE DIGITAL WORKPLACE DURING DISRUP...
 
4.5.cloud security
4.5.cloud security4.5.cloud security
4.5.cloud security
 
Enterprise Digital Assistants: How they can support you in your Credit, Colle...
Enterprise Digital Assistants: How they can support you in your Credit, Colle...Enterprise Digital Assistants: How they can support you in your Credit, Colle...
Enterprise Digital Assistants: How they can support you in your Credit, Colle...
 

Viewers also liked

AWS Summit Auckland 2014 | Why Scale Matters and How the Cloud Really is Diff...
AWS Summit Auckland 2014 | Why Scale Matters and How the Cloud Really is Diff...AWS Summit Auckland 2014 | Why Scale Matters and How the Cloud Really is Diff...
AWS Summit Auckland 2014 | Why Scale Matters and How the Cloud Really is Diff...Amazon Web Services
 
From Prosperity to Extinction: A Tale of Blockbuster Proportions
From Prosperity to Extinction: A Tale of Blockbuster ProportionsFrom Prosperity to Extinction: A Tale of Blockbuster Proportions
From Prosperity to Extinction: A Tale of Blockbuster ProportionsSoftchoice Corporation
 
ESPC14 - T23 - SharePoint Online vs On-Premises vs Hosted - Making the Right ...
ESPC14 - T23 - SharePoint Online vs On-Premises vs Hosted - Making the Right ...ESPC14 - T23 - SharePoint Online vs On-Premises vs Hosted - Making the Right ...
ESPC14 - T23 - SharePoint Online vs On-Premises vs Hosted - Making the Right ...Rene Modery
 
AdTech & MarTech Barometer - 2015 Market Review
AdTech & MarTech Barometer - 2015 Market ReviewAdTech & MarTech Barometer - 2015 Market Review
AdTech & MarTech Barometer - 2015 Market Reviewresultsig
 
Nghi dinh 63_2014_nd-cp
Nghi dinh 63_2014_nd-cpNghi dinh 63_2014_nd-cp
Nghi dinh 63_2014_nd-cpTtx Love
 
I T.A.K.E. talk: "When DDD meets FP, good things happen"
I T.A.K.E. talk: "When DDD meets FP, good things happen"I T.A.K.E. talk: "When DDD meets FP, good things happen"
I T.A.K.E. talk: "When DDD meets FP, good things happen"Cyrille Martraire
 
Webinar: Data Streaming with Apache Kafka & MongoDB
Webinar: Data Streaming with Apache Kafka & MongoDBWebinar: Data Streaming with Apache Kafka & MongoDB
Webinar: Data Streaming with Apache Kafka & MongoDBMongoDB
 
Highlights from 2015 Citrix Customer Case Studies
Highlights from 2015 Citrix Customer Case StudiesHighlights from 2015 Citrix Customer Case Studies
Highlights from 2015 Citrix Customer Case StudiesCitrix
 
Business intelligence: making more informed decisions - Jisc Digifest 2016
Business intelligence: making more informed decisions - Jisc Digifest 2016Business intelligence: making more informed decisions - Jisc Digifest 2016
Business intelligence: making more informed decisions - Jisc Digifest 2016Jisc
 
Box of Broadcasts - enhance learning with TV and radio content
Box of Broadcasts - enhance learning with TV and radio contentBox of Broadcasts - enhance learning with TV and radio content
Box of Broadcasts - enhance learning with TV and radio contentJisc
 
Softchoice Discovery Series: Cloud Cost Governance
Softchoice Discovery Series: Cloud Cost GovernanceSoftchoice Discovery Series: Cloud Cost Governance
Softchoice Discovery Series: Cloud Cost GovernanceSoftchoice Corporation
 

Viewers also liked (13)

Mongodb
MongodbMongodb
Mongodb
 
AWS Summit Auckland 2014 | Why Scale Matters and How the Cloud Really is Diff...
AWS Summit Auckland 2014 | Why Scale Matters and How the Cloud Really is Diff...AWS Summit Auckland 2014 | Why Scale Matters and How the Cloud Really is Diff...
AWS Summit Auckland 2014 | Why Scale Matters and How the Cloud Really is Diff...
 
From Prosperity to Extinction: A Tale of Blockbuster Proportions
From Prosperity to Extinction: A Tale of Blockbuster ProportionsFrom Prosperity to Extinction: A Tale of Blockbuster Proportions
From Prosperity to Extinction: A Tale of Blockbuster Proportions
 
U boot
U bootU boot
U boot
 
ESPC14 - T23 - SharePoint Online vs On-Premises vs Hosted - Making the Right ...
ESPC14 - T23 - SharePoint Online vs On-Premises vs Hosted - Making the Right ...ESPC14 - T23 - SharePoint Online vs On-Premises vs Hosted - Making the Right ...
ESPC14 - T23 - SharePoint Online vs On-Premises vs Hosted - Making the Right ...
 
AdTech & MarTech Barometer - 2015 Market Review
AdTech & MarTech Barometer - 2015 Market ReviewAdTech & MarTech Barometer - 2015 Market Review
AdTech & MarTech Barometer - 2015 Market Review
 
Nghi dinh 63_2014_nd-cp
Nghi dinh 63_2014_nd-cpNghi dinh 63_2014_nd-cp
Nghi dinh 63_2014_nd-cp
 
I T.A.K.E. talk: "When DDD meets FP, good things happen"
I T.A.K.E. talk: "When DDD meets FP, good things happen"I T.A.K.E. talk: "When DDD meets FP, good things happen"
I T.A.K.E. talk: "When DDD meets FP, good things happen"
 
Webinar: Data Streaming with Apache Kafka & MongoDB
Webinar: Data Streaming with Apache Kafka & MongoDBWebinar: Data Streaming with Apache Kafka & MongoDB
Webinar: Data Streaming with Apache Kafka & MongoDB
 
Highlights from 2015 Citrix Customer Case Studies
Highlights from 2015 Citrix Customer Case StudiesHighlights from 2015 Citrix Customer Case Studies
Highlights from 2015 Citrix Customer Case Studies
 
Business intelligence: making more informed decisions - Jisc Digifest 2016
Business intelligence: making more informed decisions - Jisc Digifest 2016Business intelligence: making more informed decisions - Jisc Digifest 2016
Business intelligence: making more informed decisions - Jisc Digifest 2016
 
Box of Broadcasts - enhance learning with TV and radio content
Box of Broadcasts - enhance learning with TV and radio contentBox of Broadcasts - enhance learning with TV and radio content
Box of Broadcasts - enhance learning with TV and radio content
 
Softchoice Discovery Series: Cloud Cost Governance
Softchoice Discovery Series: Cloud Cost GovernanceSoftchoice Discovery Series: Cloud Cost Governance
Softchoice Discovery Series: Cloud Cost Governance
 

Similar to Security Strategies for Success

ISACA New York Metro, Developing, Deploying and Managing a Risk-Adjusted Data...
ISACA New York Metro, Developing, Deploying and Managing a Risk-Adjusted Data...ISACA New York Metro, Developing, Deploying and Managing a Risk-Adjusted Data...
ISACA New York Metro, Developing, Deploying and Managing a Risk-Adjusted Data...Ulf Mattsson
 
New technologies - Amer Haza'a
New technologies - Amer Haza'aNew technologies - Amer Haza'a
New technologies - Amer Haza'aFahmi Albaheth
 
Cyber-Security-Whitepaper.pdf
Cyber-Security-Whitepaper.pdfCyber-Security-Whitepaper.pdf
Cyber-Security-Whitepaper.pdfAnil
 
Cyber-Security-Whitepaper.pdf
Cyber-Security-Whitepaper.pdfCyber-Security-Whitepaper.pdf
Cyber-Security-Whitepaper.pdfAnil
 
What CIOs Need To Tell Their Boards About Cyber Security
What CIOs Need To Tell Their Boards About Cyber SecurityWhat CIOs Need To Tell Their Boards About Cyber Security
What CIOs Need To Tell Their Boards About Cyber SecurityKaryl Scott
 
Fundamentals of-information-security
Fundamentals of-information-security Fundamentals of-information-security
Fundamentals of-information-security madunix
 
Manage Risk by Protecting the Apps and Data That Drive Business Productivity
Manage Risk by Protecting the Apps and Data That Drive Business ProductivityManage Risk by Protecting the Apps and Data That Drive Business Productivity
Manage Risk by Protecting the Apps and Data That Drive Business ProductivityCitrix
 
The Three Major Goals of Cybersecurity for Business Organizations-precise tes...
The Three Major Goals of Cybersecurity for Business Organizations-precise tes...The Three Major Goals of Cybersecurity for Business Organizations-precise tes...
The Three Major Goals of Cybersecurity for Business Organizations-precise tes...Precise Testing Solution
 
What i learned at issa international summit 2019
What i learned at issa international summit 2019What i learned at issa international summit 2019
What i learned at issa international summit 2019Ulf Mattsson
 
Risk Management
Risk ManagementRisk Management
Risk Managementijtsrd
 
Crucial Layers_ Exploring the Depth of Enterprise Cyber Security.pdf
Crucial Layers_ Exploring the Depth of Enterprise Cyber Security.pdfCrucial Layers_ Exploring the Depth of Enterprise Cyber Security.pdf
Crucial Layers_ Exploring the Depth of Enterprise Cyber Security.pdfseoteameits
 
Industry Overview: Big Data Fuels Intelligence-Driven Security
Industry Overview: Big Data Fuels Intelligence-Driven SecurityIndustry Overview: Big Data Fuels Intelligence-Driven Security
Industry Overview: Big Data Fuels Intelligence-Driven SecurityEMC
 
What is cyber security
What is cyber securityWhat is cyber security
What is cyber securitySAHANAHK
 
Strategically moving towards a secure hybrid it
Strategically moving towards a secure hybrid itStrategically moving towards a secure hybrid it
Strategically moving towards a secure hybrid itAvancercorp
 
IT Security - Guidelines
IT Security - GuidelinesIT Security - Guidelines
IT Security - GuidelinesPedro Espinosa
 
GT11_ATT_GuideBk_CyberSecurity_FINAL_V.PDF
GT11_ATT_GuideBk_CyberSecurity_FINAL_V.PDFGT11_ATT_GuideBk_CyberSecurity_FINAL_V.PDF
GT11_ATT_GuideBk_CyberSecurity_FINAL_V.PDFLaurie Mosca-Cocca
 
ZSAH Security - Web
ZSAH Security - WebZSAH Security - Web
ZSAH Security - WebFahd Khan
 
CISSP Certification Training Course
CISSP Certification Training CourseCISSP Certification Training Course
CISSP Certification Training CourseRicky Lionel Vaz
 
Building an Intelligence-Driven Security Operations Center
Building an Intelligence-Driven Security Operations CenterBuilding an Intelligence-Driven Security Operations Center
Building an Intelligence-Driven Security Operations CenterEMC
 
Chapter 6 Security of Information and Cyber Security(FASS)
Chapter 6 Security of Information and Cyber Security(FASS)Chapter 6 Security of Information and Cyber Security(FASS)
Chapter 6 Security of Information and Cyber Security(FASS)Md Shaifullar Rabbi
 

Similar to Security Strategies for Success (20)

ISACA New York Metro, Developing, Deploying and Managing a Risk-Adjusted Data...
ISACA New York Metro, Developing, Deploying and Managing a Risk-Adjusted Data...ISACA New York Metro, Developing, Deploying and Managing a Risk-Adjusted Data...
ISACA New York Metro, Developing, Deploying and Managing a Risk-Adjusted Data...
 
New technologies - Amer Haza'a
New technologies - Amer Haza'aNew technologies - Amer Haza'a
New technologies - Amer Haza'a
 
Cyber-Security-Whitepaper.pdf
Cyber-Security-Whitepaper.pdfCyber-Security-Whitepaper.pdf
Cyber-Security-Whitepaper.pdf
 
Cyber-Security-Whitepaper.pdf
Cyber-Security-Whitepaper.pdfCyber-Security-Whitepaper.pdf
Cyber-Security-Whitepaper.pdf
 
What CIOs Need To Tell Their Boards About Cyber Security
What CIOs Need To Tell Their Boards About Cyber SecurityWhat CIOs Need To Tell Their Boards About Cyber Security
What CIOs Need To Tell Their Boards About Cyber Security
 
Fundamentals of-information-security
Fundamentals of-information-security Fundamentals of-information-security
Fundamentals of-information-security
 
Manage Risk by Protecting the Apps and Data That Drive Business Productivity
Manage Risk by Protecting the Apps and Data That Drive Business ProductivityManage Risk by Protecting the Apps and Data That Drive Business Productivity
Manage Risk by Protecting the Apps and Data That Drive Business Productivity
 
The Three Major Goals of Cybersecurity for Business Organizations-precise tes...
The Three Major Goals of Cybersecurity for Business Organizations-precise tes...The Three Major Goals of Cybersecurity for Business Organizations-precise tes...
The Three Major Goals of Cybersecurity for Business Organizations-precise tes...
 
What i learned at issa international summit 2019
What i learned at issa international summit 2019What i learned at issa international summit 2019
What i learned at issa international summit 2019
 
Risk Management
Risk ManagementRisk Management
Risk Management
 
Crucial Layers_ Exploring the Depth of Enterprise Cyber Security.pdf
Crucial Layers_ Exploring the Depth of Enterprise Cyber Security.pdfCrucial Layers_ Exploring the Depth of Enterprise Cyber Security.pdf
Crucial Layers_ Exploring the Depth of Enterprise Cyber Security.pdf
 
Industry Overview: Big Data Fuels Intelligence-Driven Security
Industry Overview: Big Data Fuels Intelligence-Driven SecurityIndustry Overview: Big Data Fuels Intelligence-Driven Security
Industry Overview: Big Data Fuels Intelligence-Driven Security
 
What is cyber security
What is cyber securityWhat is cyber security
What is cyber security
 
Strategically moving towards a secure hybrid it
Strategically moving towards a secure hybrid itStrategically moving towards a secure hybrid it
Strategically moving towards a secure hybrid it
 
IT Security - Guidelines
IT Security - GuidelinesIT Security - Guidelines
IT Security - Guidelines
 
GT11_ATT_GuideBk_CyberSecurity_FINAL_V.PDF
GT11_ATT_GuideBk_CyberSecurity_FINAL_V.PDFGT11_ATT_GuideBk_CyberSecurity_FINAL_V.PDF
GT11_ATT_GuideBk_CyberSecurity_FINAL_V.PDF
 
ZSAH Security - Web
ZSAH Security - WebZSAH Security - Web
ZSAH Security - Web
 
CISSP Certification Training Course
CISSP Certification Training CourseCISSP Certification Training Course
CISSP Certification Training Course
 
Building an Intelligence-Driven Security Operations Center
Building an Intelligence-Driven Security Operations CenterBuilding an Intelligence-Driven Security Operations Center
Building an Intelligence-Driven Security Operations Center
 
Chapter 6 Security of Information and Cyber Security(FASS)
Chapter 6 Security of Information and Cyber Security(FASS)Chapter 6 Security of Information and Cyber Security(FASS)
Chapter 6 Security of Information and Cyber Security(FASS)
 

More from Citrix

Building The Digital Workplace
Building The Digital WorkplaceBuilding The Digital Workplace
Building The Digital WorkplaceCitrix
 
Maximize your Investment in Microsoft Office 365 with Citrix Workspace
Maximize your Investment in Microsoft Office 365 with Citrix Workspace Maximize your Investment in Microsoft Office 365 with Citrix Workspace
Maximize your Investment in Microsoft Office 365 with Citrix Workspace Citrix
 
XenApp on Google Cloud Deployment Guide
XenApp on Google Cloud Deployment GuideXenApp on Google Cloud Deployment Guide
XenApp on Google Cloud Deployment GuideCitrix
 
Deploying Citrix XenApp & XenDesktop Service on Google Cloud Platform
Deploying Citrix XenApp & XenDesktop Service on Google Cloud PlatformDeploying Citrix XenApp & XenDesktop Service on Google Cloud Platform
Deploying Citrix XenApp & XenDesktop Service on Google Cloud PlatformCitrix
 
How do Organizations Plan to Assure Application Delivery in a Multi-Cloud World?
How do Organizations Plan to Assure Application Delivery in a Multi-Cloud World?How do Organizations Plan to Assure Application Delivery in a Multi-Cloud World?
How do Organizations Plan to Assure Application Delivery in a Multi-Cloud World?Citrix
 
Workforce Flexibility Can Drive Greater Engagement & Productivity
Workforce Flexibility Can Drive Greater Engagement & ProductivityWorkforce Flexibility Can Drive Greater Engagement & Productivity
Workforce Flexibility Can Drive Greater Engagement & ProductivityCitrix
 
Citrix Cloud Services: Total Economic Benefits Assessment Guide
Citrix Cloud Services: Total Economic Benefits Assessment GuideCitrix Cloud Services: Total Economic Benefits Assessment Guide
Citrix Cloud Services: Total Economic Benefits Assessment GuideCitrix
 
The Growing U.S. IT Productivity Gap
The Growing U.S. IT Productivity GapThe Growing U.S. IT Productivity Gap
The Growing U.S. IT Productivity GapCitrix
 
Citrix Cloud Services: Total Economic Benefits Assessment Guide
Citrix Cloud Services: Total Economic Benefits Assessment GuideCitrix Cloud Services: Total Economic Benefits Assessment Guide
Citrix Cloud Services: Total Economic Benefits Assessment GuideCitrix
 
Citrix Synergy 2017: Technology Keynote Sketch Notes
Citrix Synergy 2017: Technology Keynote Sketch NotesCitrix Synergy 2017: Technology Keynote Sketch Notes
Citrix Synergy 2017: Technology Keynote Sketch NotesCitrix
 
Citrix Synergy 2017: Malcolm Gladwell Innovation Super Session Sketch Notes
Citrix Synergy 2017: Malcolm Gladwell Innovation Super Session Sketch NotesCitrix Synergy 2017: Malcolm Gladwell Innovation Super Session Sketch Notes
Citrix Synergy 2017: Malcolm Gladwell Innovation Super Session Sketch NotesCitrix
 
Synergy 2017: Colin Powell Innovation Super Session Sketch Notes
Synergy 2017: Colin Powell Innovation Super Session Sketch NotesSynergy 2017: Colin Powell Innovation Super Session Sketch Notes
Synergy 2017: Colin Powell Innovation Super Session Sketch NotesCitrix
 
Who Are Citrix Customers?
Who Are Citrix Customers?Who Are Citrix Customers?
Who Are Citrix Customers?Citrix
 
4 Ways to Ensure a Smooth Windows 10 Migration
4 Ways to Ensure a Smooth Windows 10 Migration4 Ways to Ensure a Smooth Windows 10 Migration
4 Ways to Ensure a Smooth Windows 10 MigrationCitrix
 
Citrix Paddington
Citrix PaddingtonCitrix Paddington
Citrix PaddingtonCitrix
 
The Security Compliance Countdown: How to Get Ahead of the GDPR [Infographic]
The Security Compliance Countdown: How to Get Ahead of the GDPR [Infographic]The Security Compliance Countdown: How to Get Ahead of the GDPR [Infographic]
The Security Compliance Countdown: How to Get Ahead of the GDPR [Infographic]Citrix
 
Citrix & Canalys: Northern European Channel Partners in a State of Transforma...
Citrix & Canalys: Northern European Channel Partners in a State of Transforma...Citrix & Canalys: Northern European Channel Partners in a State of Transforma...
Citrix & Canalys: Northern European Channel Partners in a State of Transforma...Citrix
 
Digital or die? British boardrooms divided on digital transformation
Digital or die? British boardrooms divided on digital transformationDigital or die? British boardrooms divided on digital transformation
Digital or die? British boardrooms divided on digital transformationCitrix
 
The Digital Disconnect in South Africa
The Digital Disconnect in South AfricaThe Digital Disconnect in South Africa
The Digital Disconnect in South AfricaCitrix
 
Why Citrix beats VMware [Infographic]
Why Citrix beats VMware [Infographic]Why Citrix beats VMware [Infographic]
Why Citrix beats VMware [Infographic]Citrix
 

More from Citrix (20)

Building The Digital Workplace
Building The Digital WorkplaceBuilding The Digital Workplace
Building The Digital Workplace
 
Maximize your Investment in Microsoft Office 365 with Citrix Workspace
Maximize your Investment in Microsoft Office 365 with Citrix Workspace Maximize your Investment in Microsoft Office 365 with Citrix Workspace
Maximize your Investment in Microsoft Office 365 with Citrix Workspace
 
XenApp on Google Cloud Deployment Guide
XenApp on Google Cloud Deployment GuideXenApp on Google Cloud Deployment Guide
XenApp on Google Cloud Deployment Guide
 
Deploying Citrix XenApp & XenDesktop Service on Google Cloud Platform
Deploying Citrix XenApp & XenDesktop Service on Google Cloud PlatformDeploying Citrix XenApp & XenDesktop Service on Google Cloud Platform
Deploying Citrix XenApp & XenDesktop Service on Google Cloud Platform
 
How do Organizations Plan to Assure Application Delivery in a Multi-Cloud World?
How do Organizations Plan to Assure Application Delivery in a Multi-Cloud World?How do Organizations Plan to Assure Application Delivery in a Multi-Cloud World?
How do Organizations Plan to Assure Application Delivery in a Multi-Cloud World?
 
Workforce Flexibility Can Drive Greater Engagement & Productivity
Workforce Flexibility Can Drive Greater Engagement & ProductivityWorkforce Flexibility Can Drive Greater Engagement & Productivity
Workforce Flexibility Can Drive Greater Engagement & Productivity
 
Citrix Cloud Services: Total Economic Benefits Assessment Guide
Citrix Cloud Services: Total Economic Benefits Assessment GuideCitrix Cloud Services: Total Economic Benefits Assessment Guide
Citrix Cloud Services: Total Economic Benefits Assessment Guide
 
The Growing U.S. IT Productivity Gap
The Growing U.S. IT Productivity GapThe Growing U.S. IT Productivity Gap
The Growing U.S. IT Productivity Gap
 
Citrix Cloud Services: Total Economic Benefits Assessment Guide
Citrix Cloud Services: Total Economic Benefits Assessment GuideCitrix Cloud Services: Total Economic Benefits Assessment Guide
Citrix Cloud Services: Total Economic Benefits Assessment Guide
 
Citrix Synergy 2017: Technology Keynote Sketch Notes
Citrix Synergy 2017: Technology Keynote Sketch NotesCitrix Synergy 2017: Technology Keynote Sketch Notes
Citrix Synergy 2017: Technology Keynote Sketch Notes
 
Citrix Synergy 2017: Malcolm Gladwell Innovation Super Session Sketch Notes
Citrix Synergy 2017: Malcolm Gladwell Innovation Super Session Sketch NotesCitrix Synergy 2017: Malcolm Gladwell Innovation Super Session Sketch Notes
Citrix Synergy 2017: Malcolm Gladwell Innovation Super Session Sketch Notes
 
Synergy 2017: Colin Powell Innovation Super Session Sketch Notes
Synergy 2017: Colin Powell Innovation Super Session Sketch NotesSynergy 2017: Colin Powell Innovation Super Session Sketch Notes
Synergy 2017: Colin Powell Innovation Super Session Sketch Notes
 
Who Are Citrix Customers?
Who Are Citrix Customers?Who Are Citrix Customers?
Who Are Citrix Customers?
 
4 Ways to Ensure a Smooth Windows 10 Migration
4 Ways to Ensure a Smooth Windows 10 Migration4 Ways to Ensure a Smooth Windows 10 Migration
4 Ways to Ensure a Smooth Windows 10 Migration
 
Citrix Paddington
Citrix PaddingtonCitrix Paddington
Citrix Paddington
 
The Security Compliance Countdown: How to Get Ahead of the GDPR [Infographic]
The Security Compliance Countdown: How to Get Ahead of the GDPR [Infographic]The Security Compliance Countdown: How to Get Ahead of the GDPR [Infographic]
The Security Compliance Countdown: How to Get Ahead of the GDPR [Infographic]
 
Citrix & Canalys: Northern European Channel Partners in a State of Transforma...
Citrix & Canalys: Northern European Channel Partners in a State of Transforma...Citrix & Canalys: Northern European Channel Partners in a State of Transforma...
Citrix & Canalys: Northern European Channel Partners in a State of Transforma...
 
Digital or die? British boardrooms divided on digital transformation
Digital or die? British boardrooms divided on digital transformationDigital or die? British boardrooms divided on digital transformation
Digital or die? British boardrooms divided on digital transformation
 
The Digital Disconnect in South Africa
The Digital Disconnect in South AfricaThe Digital Disconnect in South Africa
The Digital Disconnect in South Africa
 
Why Citrix beats VMware [Infographic]
Why Citrix beats VMware [Infographic]Why Citrix beats VMware [Infographic]
Why Citrix beats VMware [Infographic]
 

Recently uploaded

"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyAlfredo GarcĂ­a Lavilla
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGAPIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGMarianaLemus7
 
costume and set research powerpoint presentation
costume and set research powerpoint presentationcostume and set research powerpoint presentation
costume and set research powerpoint presentationphoebematthew05
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr LapshynFwdays
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piececharlottematthew16
 

Recently uploaded (20)

"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort ServiceHot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGAPIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDG
 
costume and set research powerpoint presentation
costume and set research powerpoint presentationcostume and set research powerpoint presentation
costume and set research powerpoint presentation
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piece
 

Security Strategies for Success

  • 1. Are you protecting the information that matters most? SECURITY LEADERSHIP SERIES: Security Strategies for Success
  • 2. TABLE OF CONTENTS 4 SECRETS TO MEANINGFUL SECURITY DISCUSSIONS WITH THE BOARD OF DIRECTORS PAGE 4 5 BEST PRACTICES TO MAKE SECURITY EVERYONE’S BUSINESS PAGE 6 3 STRATEGIES TO MANAGE COMPLIANCE MANDATES PAGE 8
  • 3. To nd out more, please visit www.citrix.com/secure SECURITY HAS NEVER BEEN SO CHALLENGING. Trends such as mobility, bring-your-own device and cloud computing mean that more people are accessing sensitive business information from more places and in more ways than ever before. For IT, the challenge is to protect this information from loss, theft and increasingly sophisticated threats while addressing privacy, compliance and risk management mandates. Solid security strategies must include smart policies, rigorous enforcement and deep monitoring/reporting, as well as provide people with the level of access to business resources that they need to get their work done. Citrix, a recognized leader for its contributions to the advancement of information security, can help you take a “protect what matters” approach to security and risk management that’s right for your organization. Citrix gives business powerful ways to address key security and compliance priorities by ensuring the right level of secure access for every individual and situation. As business moves across locations, networks and devices, IT has the visibility and control it needs to protect and guard sensitive information assets without having to compromise workforce and end user mobility, freedom or productivity. Complemented by industry-leading security partners, Citrix offers secure-by-design solutions to help you protect the information that matters most to your business. In this exclusive Security Leadership Series eBook, Citrix chief information security ofcer Stan Black and chief security strategist Kurt Roemer share best practices for: n Leading meaningful security discussions with the board of directors n Engaging end users to protect business information n Meeting security-related compliance requirements For IT leaders, these security strategies for success are essential reading. Get started today. INTRODUCTION
  • 4. SECRETS TO MEANINGFUL SECURITY DISCUSSIONS WITH THE BOARD OF DIRECTORS Security was once the exclusive province of IT departments. These days, with increasingly sophisticated threats prolif- erating across geographic boundaries, cloud computing, mobility, and everything “bring your own,” security has nally won the ultimate badge of corporate honor: a seat at the board of directors. “Security has evolved from a technical issue into a broader issue of intense business interest to corporate boards,” says Kurt Roemer, chief security strategist at Citrix. That heightened interest is hardly surprising given the seri- ousness of security-related risks, which include exposure of sensitive information, damage to your company’s repu- tation, and—most important of all—serious harm to the bottom line. For IT leaders, the upshot is more frequent boardroom discussions about the core pillars of any solid security plan: policies, enforcement mechanisms, and monitoring/reporting. To lead those meetings successfully, follow these best practices: 1. Speak the language of the boardroom Board members discuss business issues in business language rather than technical terms. Follow suit in board meetings by focusing on critical threats, the material risks they pose, the best options for mitigating them, and breach preparedness. Be concise when discussing those topics, and avoid conjecture. Board members are interested strictly in facts. Use clear, easily understood charts and diagrams as well to illustrate important issues like your company’s current security posture and future goals. “That way you can show the board exactly where you are, where you’re going, and how you’ll get there,” says Stan Black, chief information security ofcer at Citrix. Be prepared for plenty of questions, too. Board members will want to know how your organization stacks up against peers in your industry, for instance. Crisp, informative, and SECURITY STRATEGIES FOR SUCCESS “Security has evolved from a technical issue into a broader issue of intense business interest to corporate boards.” —KURT ROEMER CHIEF SECURITY STRATEGIST CITRIX Corporate boards are more interested in security than ever before. Here’s how to engage them in a strategic dialogue about a topic with bottom-line implications. 4
  • 5. thoroughly researched answers will reassure them that your strategies are sound. 2. Explain the core elements of your risk mitigation efforts Well-designed risk mitigation strategies are also reassuring. Such strategies should take a “protect what matters” approach to safeguarding your company’s most important, vulnerable, and heavily regulated data. The board will want to know how you prioritized sensitive data, so describe the process you used. In addition, guide them through: n Your policies for handling business information, in the cloud as well as on company-owned and personally owned devices both inside and outside the ofce n How you enforce those policies and train employees to follow them n How you prevent the loss of essential data In particular, make certain board members understand that persons like themselves with access to an organization’s most sensitive information are high-value targets who must be especially diligent about following security policies. Be sure to update the board about any changes in your compa- ny’s governance obligations too, as well as the steps you’re taking in response. Of course, new and emerging threats pose dangers no matter how good your mitigation strategy is, so deploy secu- rity technologies in layers that account for your network and your users, as well as their apps, data, and storage. 3. Describe your breach preparedness and incident response plan Even the best security measures can fall prey to attacks, so show board members you’re ready by explaining your inci- dent response plan, including who’s on the response team, who’s authorized to mobilize it, and under what conditions. Describe your internal and external communication plan as well, and discuss your disclosure triggers for security incidents. Some disclosure thresholds are dened by law, but others rely on discretion, and board members should provide direction on how descriptive they need to be. Should a breach occur, brief the board promptly about what happened, the potential impact on your company and your customers, how long it will take you to x the problem, and what you’re doing to prevent repeat occurrences. Provide regular updates too, and set a clear schedule for when board members can expect your next report. 4. Use meaningful security metrics to measure success Most boards wish to monitor security readiness on an ongoing basis. A security dashboard will provide them quick access to the most relevant information. “The dashboard provides context to security risks and enables the board to oversee the reduction in critical expo- sures,” Black says. Use metrics that are easy for board members to understand and relevant to their concerns, such as threats identied, time to response, end-user devices lost, and audit results. In addition, revisit your metrics periodically, adapt them to your company’s evolving threat landscape, and inform the board about any major changes to your architecture, tech- nologies, and strategy. Presenting to the board of directors may be a new experi- ence for some in IT, but it doesn’t have to be a difcult one. With the help of the guidelines above, board meetings can be an opportunity to engage your company’s most senior leaders in a strategic dialogue not only about security, but about mobility, cloud computing, and the evolution of the workplace. n To nd out more, please visit www.citrix.com/secure SECURITY STRATEGIES FOR SUCCESS Security is of greater interest to corporate boards than ever before, and technology plays a central part in any effective security strategy. Citrix ensures security and compliance for critical business information while empowering your workforce to work anywhere, anytime, on any device. Citrix XenDesktop allows companies to publish Windows apps and desktops in the data center, where IT can maintain central- ized data protection, compliance, access control, and user administration. Citrix XenMobile provides rich enterprise mobility management capabilities, including identity-based provisioning and control of apps, data, and devices. Citrix ShareFile enables employees to share data securely with anyone and sync data across all of their devices. Citrix NetScaler adds a unied manage- ment framework that lets IT secure, control, and optimize access to apps, desktops, and services on any device. Citrix solutions are “secure by design” systems carefully architected to minimize vulnerabilities and are complemented by state-of-the-art offerings from industry-leading security partners. The end result is a comprehensive platform for protecting information that gives security-conscious board members lasting peace of mind. HOW CITRIX CAN HELP
  • 6. BEST PRACTICES TO MAKE SECURITY EVERYONE’S BUSINESS Menaced by an ever-expanding array of increasingly potent threats, today’s highly mobile employees are front- line participants in the struggle to secure the enterprise. So while solid security strategies must include smart policies, rigorous enforcement, and deep monitoring/ reporting, they must also reflect the needs and habits of the company’s users. “End users are ultimately where security succeeds or fails,” says Kurt Roemer, chief security strategist at Citrix. Unfortunately, keeping employees both safe and satised isn’t easy. Employees want anywhere, anytime access to information from any device without cumbersome secu- rity protections slowing them down. Business managers want to safeguard important information without inhibiting growth, innovation, and competitiveness. IT departments want to keep everyone productive while recognizing that employees and their devices are often the weak links in the security chain. To balance those competing interests, security leaders should follow these best practices: 1. Educate users An informed, security-conscious workforce is every compa- ny’s rst line of defense against security threats, so teaching people how to work safely from any location on any device must be a top priority. Simply preaching best practices is a recipe for failure. Take the time to understand who your users are, what they do, and what they need. Then explain your company’s security policies to them in terms that are easily understood and relevant to their role. “Relevance is key,” Roemer says. “Everything you present should be specic to a person’s function rather than one- size-ts-all.” It should also be personal, Stan Black, chief information security ofcer at Citrix adds. For example, in addition to work-related security training, Citrix gives its employees advice on topics like securing a home wireless network and helping their kids use the Internet safely. “We try to tie all our education efforts to the full lifecycle of SECURITY STRATEGIES FOR SUCCESS “When policies are developed collaboratively across the company, and security awareness is woven into the culture, violations are infrequent.” — STAN BLACK CHIEF INFORMATION SECURITY OFFICER CITRIX Employees are one of your greatest risks to information security. Use these ve proven techniques to strengthen your security strategy and protect your business. 5
  • 7. security, not just what people do at the ofce,” Black says. That makes security training more valuable for employees while also protecting sensitive data from poorly secured personal hardware. 2. Engage with line-of-business organizations Close working relationships between IT executives and line-of-business managers are an essential ingredient for effective security. Meeting regularly with business deci- sion makers empowers security leaders to build appro- priate safeguards into new business initiatives right from the beginning. It also gives them an indispensable, up-close perspective on a business group’s unique risks and requirements. “You’ll learn more about operational processes and poten- tial dangers that you’d never know about otherwise,” Black says. “You can then incorporate those insights into your security plans and make them even richer.” 3. Take a modern and mobile look at security policies As critical as it is, training alone doesn’t ensure strong security. Many of the devices, networks, and storage systems employees rely on these days are outside of IT control. “IT needs to update traditional security policies for the new mobile and cloud services reality,” Roemer observes. Start by thinking through how strictly you want to limit access to your company’s data based on where an employee is located and what kind of device they’re using. Most companies adopt graduated policies that protect sensitive information more carefully than public informa- tion and provide less access from consumer-grade and “bring your own devices” (BYOD) than from more thor- oughly “locked down” enterprise-grade devices. Then revise your security policies to reflect risks like storing business data on personally owned devices, posting pass- words on a computer monitor, or using a USB storage device you found on the floor. 4. Enforce policies fairly and consistently Security policies can lose value over time if users don’t believe violating them has consequences—or worse yet, if they believe bypassing them improves productivity. Poli- cies must be maintained and kept current with the busi- ness. Security leaders must therefore enforce policies fairly and consistently. “When policies are developed collaboratively across the company, and security awareness is woven into the culture, violations are infrequent,” Black says. 5. Automate security seamlessly To further reduce policy violations, use security software to automate policy enforcement. For example, many security solutions can implement desired behaviors—like encrypting business data on mobile devices—by default. They can also build tighter security into core elements of the user experi- ence by automatically preventing employees from running unauthorized apps over the company network or limiting which apps people can open email attachments with, for example. Other solutions provide logging and reporting functionality that can help you prove to auditors that you’ve applied appropriate policies scrupulously. Even so, software is ultimately just one piece of the security puzzle. “To really protect the company you have to get to know your line-of-business groups and your end users,” Roemer says. Ultimately, the best security strategies are as much about people as technology. n SECURITY STRATEGIES FOR SUCCESS Freedom of choice will rapidly drive bring-your-own device (BYOD) to become mainstream in most organizations. This is transforming both the way people work — bringing productivity, collaboration and mobility to everything they do — and how IT delivers business apps and data to them. The best BYOD approach combines a well-dened and enforceable policy with a secure technology foundation. A formal policy should address who is eligible, which devices are allowed and what services will be available. It should also address who is nancially responsible for what and how acceptable use policy applies. With Citrix, IT can simplify management and reduce costs while empowering people to work easily, securely and seamlessly across any type of device, regardless of ownership. By leveraging the ability to granularly manage data and applications, sensitive business information can be securely accessed on personally-owned devices. IT gains identity-based provisioning and control of data, apps and devices to protect information from loss and theft while addressing privacy, compliance and risk management mandates. MAKE BYOD SIMPLE AND SECURE WITH CITRIX To nd out more, please visit www.citrix.com/secure
  • 8. STRATEGIES TO MANAGE COMPLIANCE MANDATES Here’s good news for security leaders: If you’ve established sound policies, enforce them rigorously, and thoroughly monitor and report security effectiveness, you’re well on your way to protecting your company from today’s growing swarm of increasingly potent threats. Now here’s the bad news: More and more auditors, regulators, partners, and customers are demanding defensible proof of that fact. “Globally, there are over 300 security and privacy-related standards, regulations, and laws with over 3,500 specic controls, with more coming all the time,” says Stan Black, chief information security ofcer at Citrix. “The people responsible for those rules want evidence that you’re in compliance.” The consequences for disappointing auditors and regulators can be severe. Failure to comply with today’s ever-expanding thicket of security-related compliance requirements can result in nes and penalties, outraged customers, loss of sensitive data, increased scrutiny from regulators, and costly damage to your organization’s brand and reputation. Not surprisingly, then, compliance has become a topic of intense interest to senior executives and board members. To bolster their condence that your company meets all of its requirements—and can defensively prove it—follow these best practices: 1. Enable access while protecting information Adopting a comprehensive approach to identity and access management, combined with an intense focus on sensi- tive data and relevant reporting and metrics is an impor- tant balance. Policies should specify granular data access privileges based on where employees are located, what network they’re on, and which device they’re using, with additional controls commensurate with risk. For example, access should be further scrutinized when utilizing a personally owned smartphone over a public network, than when using a company-owned laptop at the ofce. Job role is another important variable. “You should grant access only to people who have a need to know for their role and function,” advises Kurt Roemer, chief security strategist at Citrix. Role-specic training and automated role-based access control will ensure employees under- stand your policies and follow them. You should also diligently enforce your policies with the SECURITY STRATEGIES FOR SUCCESS “Most companies have between three and ve different types of data classications, ranging from public to top secret.” — STAN BLACK CHIEF INFORMATION SECURITY OFFICER CITRIX Meeting security-related compliance requirements is an increasingly complex job. Focus on these three strategies to easily manage compliance. 3
  • 9. help of a robust security architecture. For example, data- focused security measures help protect data “in transit” across public and private networks, “at rest” in cloud-based or on-site storage, and “in use” on end-user devices. It also manages device security and other assets employees use to access information, builds tighter security controls into the company’s applications and networks, and manages those controls both centrally and when management responsibili- ties are distributed. 2. Control sensitive data Most security mandates apply chiefly to personally iden- tiable information, healthcare records, payment transac- tions, and other classied data. To comply with mandates, you must rst identify sensitive data by creating a clas- sication model for the various kinds of information your company creates, transmits, and stores. “Most companies have between three and ve different types of data classications, ranging from public to top secret,” Black says. Next, make data classication assignments and prioritiza- tions. To ensure the right data ends up in the right categories, involve a wide cross-section of stakeholders in this process, including representatives from your business groups, legal department, and operational functions. Now you’re ready to implement policies and enforcement mechanisms for securing data based on how sensitive it is, where it’s stored, and where it’s being accessed. For example, you might choose to control public data minimally regardless of user, network, and device, but limit access to condential information on “bring your own” and consumer hardware. Always apply your strictest controls to your most sensitive data. “It makes sense to deny access to sensitive data altogether on devices and networks that can’t be veri- ed as appropriately secured,” Roemer says. Once again, security solutions can help you enforce classication-based policies automatically. 3. Audit, measure, and demonstrate compliance Comprehensive security reporting is always important, but especially critical when it comes to compliance. “Auditors and others want to see clear evidence that you did what you said you would,” Black says. Satisfying those demands takes systematic logging, reporting, and auditing processes thorough enough to track when specic users access specic apps and data, and flexible enough to address new regulations and stan- dards as they emerge. Create a reporting dashboard as well where authorized managers can see the latest compliance goals and results. “Otherwise you’ll be pushing around spreadsheets that are out of date before anyone even gets them,” Black notes. Should an audit uncover gaps in your compliance measures, take a cradle-to-grave approach to resolving them by centrally tracking issues from detection to closure. Treat the people who found those issues as colleagues rather than adversaries. Internal auditors can help you eliminate risks and justify additional security investments. External auditors can provide valuable, unbiased feedback on your compliance regime. Consulting with peers is often similarly helpful. Executives in your eld may be reluctant to speak freely, but security leaders in other industries are often willing to exchange useful insights if everyone commits to nondisclosure agree- ments in advance. Opportunities like this make clear that, for all its difculties, compliance can pay real dividends. “Quite honestly, the reason most of these laws and standards exist is because businesses have struggled to understand and deliver a ‘best practice,’” Black says. Meeting today’s constantly shifting compliance require- ments is an excellent way to test your defenses regularly and keep them aligned with the business need for security. n SECURITY STRATEGIES FOR SUCCESS IT has to maintain compliance and protect sensitive information wherever and however it’s used and stored — even when business and personal apps live side-by-side on the same mobile device. Developing a truly comprehensive and security- conscious mobility strategy is now a top priority for every organization. To protect what matters most for your organization, choose mobility management and app delivery models that make the most sense for your business and your mobile use cases. Also collaborate with users to develop a mobility strategy so you can better meet their needs while gaining a valuable opportunity to set expectations, automate outcomes, be clear about ownership, and make sure that people understand IT’s own requirements to ensure compliance. Citrix provides a complete solution to enable secure enterprise mobility with a simple, convenient user experience your work- force demands. Incorporating complete technologies for MDM, MAM, containerization, application and desktop virtualization, and networking, the end-to-end solution allows ample flexibility to support your organization’s secure mobility requirements. EMBRACE MOBILITY SECURELY WITH CITRIX To nd out more, please visit www.citrix.com/secure