Websense® Software Helps Organizations Protect Critical Information to Achieve Regulatory Compliance Websense safeguards companies from online threats such as spyware, keyloggers and peer-to-peer risks to enforce compliance with the Gramm-Leach-Bliley Act, Sarbanes Oxley Act, and HIPAA SAN DIEGO
February 28, 2005 -- Websense, Inc. (NASDAQ: WBSN), the world's leading provider of employee internet management solutions, today announced that Websense® software and services help organizations comply with
government laws such as the Gramm-Leach-Bliley Act (GLBA), Sarbanes-Oxley Act (SOX), and the Health Insurance Portability and Accountability Act (HIPAA).
These laws (GLBA, SOX, and HIPAA) and related
regulations impose new requirements on the way organizations store and protect private and confidential data, establish standards for compliance, and institute penalties for noncompliance. Websense software
safeguards information security and mitigates liability associated with these mandates. By protecting against new web-based threats such as spyware, keyloggers, and internet-borne viruses, companies using
Websense software can protect their customers' privacy and control access to sensitive information while fulfilling legal obligations, complying with enforced regulations and avoiding noncompliance penalties.
The GLBA, signed into Public Law on November 12, 1999, dictates how financial institutions are able to manage and protect personal consumer information and applies to all companies that offer
financial products or services. From an IT perspective, the GLBA requires that companies restrict access to their networks and implement controls to protect sensitive information and prevent malicious or
inadvertent disclosure of nonpublic personal information. The GLBA also requires financial services organizations to perform regular assessments of risks to the security of customer information.
New
web-based threats such as spyware, keyloggers, and internet-borne viruses are particularly ominous for insurance and financial services industries which operate under the GLBA. Providing protections against
these threats, Websense software allows companies to define the applications that are allowed to access the network and the ports by which they can be accessed. Websense restricts networks access to only
authorized categories of programs, denying admission to unknown or unauthorized programs such as spyware, instant messaging (IM), peer-to-peer (P2P) or hacking tools.
The stated purpose of the
Sarbanes-Oxley Act is "to protect investors by improving the accuracy and reliability of corporate disclosures made pursuant to the security laws, and for other purposes". SOX, which became Public Law on
July 30, 2002, aims to prevent corporate mismanagement by requiring better controls and accountability for corporations that report to the Securities and Exchange Commission (SEC). The SOX Act points to
three key areas for ensuring the security of financial information within an organization: to control access to systems and data; to ensure the security of the company's network infrastructure; and monitor
activities and log events that might indicate security breaches.
With Websense software, companies can accomplish these goals by setting appropriate application usage policies across the organization
and reporting on employee computing. Organizations can also restrict application use to only those employees on an approved list. This feature allows the blocking of dangerous applications such as spyware,
peer-to-peer (P2P) and hacking tools entirely, securing important financial information. With Websense software, even mobile employees with laptops who are disconnected from the network are protected.
Becoming Public Law in August, 1996, HIPAA was enacted by Congress to improve the efficiency of the health care system to protect the confidentiality and security of health data. HIPAA establishes
standardized mechanisms for electronic data interchange, security, and confidentiality of all health care-related data. As more hospitals connect their databases to the public internet, new security dangers
similar to those plaguing the financial services and banking industries have arisen. These concerns are primarily about the control of access to proprietary health information and monitoring and reporting
security events.
Malicious spyware applications and keyloggers are particularly dangerous in the health care environment. Websense software and services help protect patient data from unauthorized
access and prevents unauthorized employees from launching patient data applications or hacking tools to gain access to restricted information. In addition, health care agencies must ensure that only
authorized personnel can use the system or access sensitive records. Websense software allows organizations to set appropriate application use policies based on user, group, workstation, or network.
To defend the transfer of protected information, employees should not be allowed to circumvent the corporate email system for external file transfers. Websense allows for the blocking of file transfers
through public IM and P2P applications. If an organization chooses to deny use of a certain applications altogether, whether IM, P2P or any unprotected application, Websense software will block access to the
websites from which these applications can be downloaded.
To aid with compliance requirements, Websense reporting and analysis tools can be used to ensure effective employee management. With real-time
network statistics on applications usage and knowledge of the specific computers involved, administrators have the information they need to understand the threats facing the organization. Administrators can
also drill down on reports of network usage by protocol signature, username, user group, and by destination IP or hostname to find more detailed information. Reports can be defined and scheduled for
automatic distribution to administrators via email.
For more information about how Websense addresses regulatory compliance, please visit
http://ww2.websense.com/docs/WhitePapers/Ensuring_Information_Security-New_Regulatory_C hallenges.pdf to view a white paper with case studies from Penn National Insurance, Golden State Foods, and Sharp
Healthcare. In addition, an online Websense webcast is available at http://www.accelacomm.com/jlp/press/0/10003083/ which addresses the fundamentals of information security for regulatory compliance.
Speakers address the key challenges, available solutions, and examples of companies that are successfully meeting today's demanding regulatory compliance mandates. About Websense, Inc.
Websense, Inc. (NASDAQ: WBSN), the world's leading provider of employee internet management solutions, enables organizations to optimize employee use of computing
resources and mitigate new threats related to internet use including instant messaging, peer-to-peer, and spyware. By providing usage policy enforcement at the internet gateway, on the network and at the
desktop, Websense products enhance productivity and security, optimize the use of IT resources and mitigate legal liability for our customers. |
