|
Websense® Software Helps Organizations Protect Critical Information to Achieve Regulatory
Compliance
Websense safeguards companies from online threats such as spyware, keyloggers and peer-to-peer
risks to enforce compliance with the Gramm-Leach-Bliley Act, Sarbanes Oxley Act, and HIPAA
SAN DIEGO February 28, 2005 -- Websense, Inc. (NASDAQ: WBSN), the world's leading provider of employee internet
management solutions, today announced that Websense® software and services help organizations comply with government laws such as the Gramm-Leach-Bliley Act (GLBA), Sarbanes-Oxley Act (SOX), and the Health
Insurance Portability and Accountability Act (HIPAA).
These laws (GLBA, SOX, and HIPAA) and related regulations impose new requirements on the way organizations store and protect private and confidential
data, establish standards for compliance, and institute penalties for noncompliance. Websense software safeguards information security and mitigates liability associated with these mandates. By protecting against
new web-based threats such as spyware, keyloggers, and internet-borne viruses, companies using Websense software can protect their customers' privacy and control access to sensitive information while fulfilling
legal obligations, complying with enforced regulations and avoiding noncompliance penalties.
The GLBA, signed into Public Law on November 12, 1999, dictates how financial institutions are able to manage and
protect personal consumer information and applies to all companies that offer financial products or services. From an IT perspective, the GLBA requires that companies restrict access to their networks and implement
controls to protect sensitive information and prevent malicious or inadvertent disclosure of nonpublic personal information. The GLBA also requires financial services organizations to perform regular assessments of
risks to the security of customer information.
New web-based threats such as spyware, keyloggers, and internet-borne viruses are particularly ominous for insurance and financial services industries which
operate under the GLBA. Providing protections against these threats, Websense software allows companies to define the applications that are allowed to access the network and the ports by which they can be accessed.
Websense restricts networks access to only authorized categories of programs, denying admission to unknown or unauthorized programs such as spyware, instant messaging (IM), peer-to-peer (P2P) or hacking tools.
The stated purpose of the Sarbanes-Oxley Act is "to protect investors by improving the accuracy and reliability of corporate disclosures made pursuant to the security laws, and for other purposes". SOX, which
became Public Law on July 30, 2002, aims to prevent corporate mismanagement by requiring better controls and accountability for corporations that report to the Securities and Exchange Commission (SEC). The SOX Act
points to three key areas for ensuring the security of financial information within an organization: to control access to systems and data; to ensure the security of the company's network infrastructure; and monitor
activities and log events that might indicate security breaches.
With Websense software, companies can accomplish these goals by setting appropriate application usage policies across the organization and
reporting on employee computing. Organizations can also restrict application use to only those employees on an approved list. This feature allows the blocking of dangerous applications such as spyware, peer-to-peer
(P2P) and hacking tools entirely, securing important financial information. With Websense software, even mobile employees with laptops who are disconnected from the network are protected.
Becoming Public Law
in August, 1996, HIPAA was enacted by Congress to improve the efficiency of the health care system to protect the confidentiality and security of health data. HIPAA establishes standardized mechanisms for electronic
data interchange, security, and confidentiality of all health care-related data. As more hospitals connect their databases to the public internet, new security dangers similar to those plaguing the financial
services and banking industries have arisen. These concerns are primarily about the control of access to proprietary health information and monitoring and reporting security events.
Malicious spyware
applications and keyloggers are particularly dangerous in the health care environment. Websense software and services help protect patient data from unauthorized access and prevents unauthorized employees from
launching patient data applications or hacking tools to gain access to restricted information. In addition, health care agencies must ensure that only authorized personnel can use the system or access sensitive
records. Websense software allows organizations to set appropriate application use policies based on user, group, workstation, or network.
To defend the transfer of protected information, employees should
not be allowed to circumvent the corporate email system for external file transfers. Websense allows for the blocking of file transfers through public IM and P2P applications. If an organization chooses to deny use
of a certain applications altogether, whether IM, P2P or any unprotected application, Websense software will block access to the websites from which these applications can be downloaded.
To aid with
compliance requirements, Websense reporting and analysis tools can be used to ensure effective employee management. With real-time network statistics on applications usage and knowledge of the specific computers
involved, administrators have the information they need to understand the threats facing the organization. Administrators can also drill down on reports of network usage by protocol signature, username, user group,
and by destination IP or hostname to find more detailed information. Reports can be defined and scheduled for automatic distribution to administrators via email.
For more information about how Websense
addresses regulatory compliance, please visit http://ww2.websense.com/docs/WhitePapers/Ensuring_Information_Security-New_Regulatory_Challenges.pdf to view a white paper with case studies from Penn National
Insurance, Golden State Foods, and Sharp Healthcare. In addition, an online Websense webcast is available at http://www.accelacomm.com/jlp/press/0/10003083/ which addresses the fundamentals of information security
for regulatory compliance. Speakers address the key challenges, available solutions, and examples of companies that are successfully meeting today's demanding regulatory compliance mandates.
About Websense, Inc.
Websense,
Inc. (NASDAQ: WBSN), the world's leading provider of employee internet management solutions, enables organizations to optimize employee use of computing resources and mitigate new threats related to internet use
including instant messaging, peer-to-peer, and spyware. By providing usage policy enforcement at the internet gateway, on the network and at the desktop, Websense products enhance productivity and security, optimize
the use of IT resources and mitigate legal liability for our customers.
|
