Previous Newsletters
January 08
June 07
November 06
August 06
March 06
"Sapphire's
input provides me with an additional source of impartial, practical, advice
and guidance..."
Steve Marshall,
Head of Security Architecture, Barclaycard
> more
Sapphire Newsletter – March 2008
2007 was a busy year for Sapphire’s consultancy team with much of their time spent assisting clients to write comprehensive Information Security Management Systems (ISMS) as part of their information security strategy. Our range of clients has varied considerably over the last 12 months - possibly as a result of the increasing security lapses across both the public and private sectors.
Some of our most challenging and rewarding projects were:-
For further information on any of the projects listed above, please contact Sapphire.
Over the last 12 months, Sapphire has deployed a number of security products to organisations in both the public and private sectors. One of our most successful projects of 2007 related to a public sector organisation that had approached us to assist with its remote working strategy. The organisation is responsible for handling 12 billion Euros per annum and wanted reassurance that should an event occur in which key members of staff would be unable to make it into the office, the day-to-day running of the department would be maintained.
Following our advice the organisation installed Microsoft IAG, a browser based SSL VPN solution to enable remote working. IAG was run alongside SwivelSecure’s PINsafe, a strong authentication solution to ensure a high level of security for end users. Finally, as a way to ensure additional resilience and business continuity, the organisation load balanced and clustered the IAG appliance using a Stonesoft Stonegate firewall load balanced cluster with multi-link technology.
Sapphire’s consultants are continuously trialling new solutions. One of the more recent products tried and tested in the Sapphire laboratory is the Aerohive Hive Manager and Co-operative Control Access Points solutions.
The Aerohive Hive Manager and Co-operative Control Access Points allow organisations to easily deploy and manage a scalable wireless network solution.
Aerohive Networks, named Best Start-up at Interop 2007 Las Vegas, is pioneering a next-generation enterprise wireless LAN architecture called Cooperative Control. Aerohive's Cooperative Control approach eliminates wireless LAN controllers, making an upgrade from autonomous access points both simple and extremely cost-effective. Cooperative Control provides all the management, mobility, and security of controller-based architectures without the cost, capacity, performance and availability issues associated with such deployments. In addition, Aerohive solutions provide the reliability and scalability necessary for mission-critical networks and are optimised for voice over wireless LAN (VoWLAN) applications.
For more information or to request the latest Aerohive datasheets and whitepapers please contact Tina Deighton on 01642 702113.
Sapphire hosted a number of successful events in 2007, the biggest achievement of the year being Sapphire’s annual conference NISC (National Information Security Conference). NISC was held in May 2007 at the Fairmont St Andrews in Fife, Scotland. We were delighted to have 220 people in attendance and having reviewed the delegates feedback, the event was our most successful to date. The conference covered many aspects relating to Information Assurance and there were a number of organisations presenting at the event including: Microsoft, eBay, the Society of Information Technology Management (SOCITM), Royal Holloway, University of London, Tait Walker Chartered Accountants, Police Information Technology Organisation (PITO) and the Serious Organised Crime Agency (SOCA).
The agenda for the 2008 NISC event is now confirmed contact please Tina Deighton on 01642 702113 for further information.
In October, Sapphire along with strategic partners Tait Walker Chartered Accountants and Watson Burton LLP hosted an event entitled ‘Look before you leap’. The event was held at the Newcastle Falcons rugby club and had 90 delegates in attendance. The event discussed issues relating to fraud within the workplace and the key areas affecting your organisation if you discover computer misuse or fraudulent activity has taken place.
Sapphire hosts many events throughout the year. Forthcoming events can be viewed by visiting the events section of the Sapphire website.
2007 can be depicted as the year when mobile device security became a major issue; coupled with the movement towards more flexible working. This new business environment placed a greater emphasis on information security awareness and training. Organisations and their staff were required to be aware of what their corporate and personal information security responsibilities were and to adhere to them at all times. Request further information on mobile device security
The consultancy team at Sapphire envisage that 2008 will follow last year’s trends with regards to information assurance. Due to the increasing number of security lapses being highlighted in recent press, it is now time for all organisations; regulators and the government to mandate adherence / certification to industry best standards such as ISO 27001. To combat this both employers and employees need to become more responsible in respect of information security; organisations must record and track security incidents and establish a methodology to ensure continuous monitoring. Let's hope that with 2008, all organisations will start to take information security more seriously and it will become a boardroom agenda item. Visit the Sapphire website for more information on ISO27001.