Resource Library

White Papers

White Papers


Avoiding the Security Risks of Office 365

As organizations replace on-premises applications with cloud-based ones, more of their data communications occur outside the corporate firewall, creating a completely new set of compliance and security concerns. Paramount among these concerns is the security of business-critical and sensitive information.This paper discusses how organizations can reap the benefits of Office 365 while mitigating security risks associated with storing information outside the corporate firewall. By reading this white paper, organizations can see how to manage content security risks in Office 365 by continuously monitoring content and automatically applying granular controls to limit access to and the distribution of sensitive content.

Download " Avoiding the Security Risks of Office 365"

4 Cornerstones to Securing Payment Card Data

Effective from January 2015, PCI DSS 3.0 has made compliance an even more demanding task for organizations that handle payment card data. At the same time, recent cyberattacks have demonstrated that compliance alone is no guarantee that data is secure.

In order to succeed in this environment, organizations need to abandon the uphill struggle of attempting to tackle both new PCI requirements and emerging cyber threats using traditional, inflexible network and information security solutions. This whitepaper presents an alternative, best-practice approach to securing payment card data, built on four pillars that address information security while promoting continuous compliance.

Download "4 Cornerstones to Securing Payment Card Data"

Infographic: AppGate’s context aware, dynamic approach to secure access

AppGate Secure Access makes the application/server infrastructure effectively “invisible.” It then delivers access to authorized resources only, verifying a number of user variables each session—including device posture and identity—before granting access to an application. Once the user logs out, the secure tunnel disappears. Additionally, when a new device is on a public network, or a device that failed to log in tries to connect, additional security requirements (such as multi-factor authentication) can be enforced, or access can be denied.Download our infographic on AppGate’s context aware, dynamic approach to secure access to learn more.

Download "Infographic: AppGate’s context aware, dynamic approach to secure access "

Cryptzone Office 365 Security Survey

With the widespread growth of cloud applications, we surveyed organizations to look at adoption of the Microsoft Office 365 platform. The survey addressed how organizations are utilizing Office 365 and SharePoint, where they have limitations, what applications they are using from the platform, and how organizations perceive the security of Office 365 for controlling sensitive data.

Download "Cryptzone Office 365 Security Survey"

Cryptzone Network Security Survey

Given the proliferation of cybercrimes and growing concerns over inside threats, Cryptzone conducted a survey with TechValidate to determine how organizations are implementing network access control (NAC) policies and security solutions to address today’s network environments.

Download "Cryptzone Network Security Survey"

​Information Governance & Collaboration in Financial Services

Collaboration and use of information has revolutionized how technology creates value for financial services firms. However, a challenge for financial services organizations is to govern information and collaboration across a distributed and dynamic environment, raising a number of questions.This GRC 20/20 Strategy Perspective sponsored by Cryptzone looks to answer these questions and provide financial services entities with a clear strategy for information governance, risk management, and compliance.

Download "​Information Governance & Collaboration in Financial Services"

​The Global Move to WCAG 2.0 and The Case for Conformance

Accessibility for people with disabilities is more important now than ever before. The last decade has shown how information technology (particularly the Internet) opens up new worlds for an ever-increasing number of people with disabilities. At the same time, Web accessibility standards have also evolved to keep pace. This white paper explains the global trend to adopt the Web Accessibility Content Guidelines (WCAG 2.0) – the most important and influential Web accessibility standard worldwide — and why it provides a better accessibility experience for users with disabilities.

Download "​The Global Move to WCAG 2.0 and The Case for Conformance"

​Getting Your Compliance House in Order - What to Consider Before Compliance Automation

Michael Rasmussen of GRC 20/20 looks at how to tackle these issues from the ground up to get your Governance, Risk and Compliance (GRC) house in order in a complimentary white paper. This white paper examines why organizations need to develop a strategic plan to manage GRC processes and how to put one in place to ensure the success of policy enforcement programs including compliance automation.

Download "​Getting Your Compliance House in Order - What to Consider Before Compliance Automation"

Four Steps to Readily Achievable Web Accessibility

In the absence of specific regulations for Web accessibility in the Americans with Disabilities Act (ADA), businesses are left without legal guidance on how to make their complex websites accessible. Some advocate for full compliance with WCAG 2.0 in all content while others argue that nothing is required at all. This white paper discusses the risks to businesses that do not employ Web accessibility citing recent lawsuits, and suggests some best practices for readily achievable Web accessibility that any business can employ.

Download "Four Steps to Readily Achievable Web Accessibility"

Guidance at a Glance: Web Accessibility

Do you know what where to start or how to improve your Web accessibility? If you are not sure what to do, download our whitepaper to help you kick start or improve your existing Web accessibility program to meet compliance.

Download "Guidance at a Glance: Web Accessibility"

The Changing Legal Landscape of Web Accessibility in Higher Education

Universities face liability if their Web content is inaccessible under Section 504 and other laws. This is further complicated by new laws and regulations that change some of these obligations, but also the standards for what constitutes “accessible” Web content. Colleges and universities also face the increasing chance of liability due to disability rights organizations filing more complaints and lawsuits based on these laws. The lawsuits filed are also extending liability beyond the Web to include other new technologies used in education. This white paper will provide guidance on the changing legal landscape of Web accessibility in higher education.

Download "The Changing Legal Landscape of Web Accessibility in Higher Education"

​Analysis of Website Accessibility After National Federation of the Blind v. Target

The National Federation of the Blind sued the Target Corporation in 2006 for the alleged inaccessibility of its website. This litigation applied the Americans with Disabilities Act (ADA)—and state laws expanding the ADA—to a retailer’s website and quickly became a focal point for advocates and industry alike. As California represents a huge opportunity for almost every company doing business over the Internet, California’s Unruh Act and Disabled Persons Act provide a strong reason for all companies to make their websites accessible.

Download "​Analysis of Website Accessibility After National Federation of the Blind v. Target"

​The Web Accessibility Handbook: A guide to best practices for achieving Web accessibility

Microsoft and Cryptzone partnered to hold a series of European Dialogues on Practical Strategies for an Accessible Web. The goal throughout these dialogues was to not only understand the challenges for organization that looked to achieve Web accessibility, but to closely examine some of the solutions and strategies that are already being employed by organizations to accomplish their goals. As a result of the Dialogues a “How To” guide, the Web Accessibility Handbook, was created.

Download "​The Web Accessibility Handbook: A guide to best practices for achieving Web accessibility"

Leveraging Dynamic Access to Easily Create and Manage Non-Employee Portals

While you might be thinking about building non-employee access portals in SharePoint to collaborate with clients and suppliers, the reality is very few SharePoint customers have deployed these portals. This white paper looks at the recommended model for implementing non-employee sites and the challenges it presents, as well as more practical solutions to building portals in SharePoint.

Download "Leveraging Dynamic Access to Easily Create and Manage Non-Employee Portals"

​Is Permissions Inheritance the Best Method for Governing SharePoint Access?

SharePoint is purchased for a number of reasons, but generally the primary purpose is to foster the collaboration and information sharing required in order to achieve these objectives. But opening up documents for sharing can open up a can of worms when it comes to security. This white paper will look at the issues around securing documents in the context of Microsoft's recommended inheritance model, which defines permissions and allows them to be inherited through all sites, lists, libraries, folders and items.

Download "​Is Permissions Inheritance the Best Method for Governing SharePoint Access?"

​The Do’s and Don’ts of Enterprise Collaboration: 22 Tips to Ensure Secure Collaboration

Collaboration is a critical part of business success and a key driver for increasing competitiveness and productivity. If you are using enterprise collaborative environments from SharePoint to file shares, or even social platforms, you do not want to find yourself in a position where you are scrambling to retrofit security measures after the mishandling of sensitive data, or worse a data breach.

Download "​The Do’s and Don’ts of Enterprise Collaboration: 22 Tips to Ensure Secure Collaboration"

​SharePoint Compliance & Security Go Hand in Hand as featured in KMWorld

Organizations using SharePoint have tremendous collaboration benefits. But this collaborative environment also requires organizations and individuals to be trusted with a vast amount of sensitive data: customers’ personally identifiable information (PII), protected health information (PHI) and confidential company content including intellectual property (IP), human resource files, M&A, board documents, customer lists or product strategies, just to name a few. Sure most organizations have governance and compliance strategies in place that dictate proper usage, but compliance policies only get you so far. Just like the song ‘Love and Marriage’ reminds us, you can’t have one without the other and so to it goes with SharePoint compliance and security.

Download "​SharePoint Compliance & Security Go Hand in Hand as featured in KMWorld"

​Folders vs Metadata: 7 Questions to Assess the Best Method for SharePoint Security

Many companies have a hard time choosing whether to use folders or metadata for security and classification in SharePoint. The problem is that out-of-the-box neither folders nor metadata can achieve effective security and classification in SharePoint.This white paper outlines the seven most commonly asked questions on using folders versus metadata for SharePoint security. It provides insight and solutions for more secure and effective document security.

Download "​Folders vs Metadata: 7 Questions to Assess the Best Method for SharePoint Security"

​The Top 10 SharePoint Security Challenges with Collaboration

Many companies have invested in SharePoint for managing their unstructured information and fostering enterprise collaboration. However, few have fully realized the potential efficiencies and productivities that SharePoint offers because of concerns about the security of the information stored in it. This white paper looks at the top 10 security challenges with SharePoint collaboration facing executives and IT managers today.

Download "​The Top 10 SharePoint Security Challenges with Collaboration"

​AIIM Survey: SharePoint Security – A Survey on Compliance with Recommendations for Improvement

The release of SharePoint 2010 saw a number of widely-reported and sorely-needed security tools and techniques added to the product suite, but the increasing numbers of security-related third party add-in components suggest that the new features do not go far enough. In this report we evaluate security needs and make recommendations for taking SharePoint to a higher level.

Download "​AIIM Survey: SharePoint Security – A Survey on Compliance with Recommendations for Improvement"

​Microsoft SharePoint® Security: Part 2 - Evaluating a Content Security Solution

Microsoft SharePoint® Security: Part 2 provides insight into enforcing SharePoint policies and offers guidance on what to look for when evaluating a content security solution.

Download "​Microsoft SharePoint® Security: Part 2 - Evaluating a Content Security Solution"

​Microsoft SharePoint Security: Part 1 - The Security, Compliance and Risk Case

With SharePoint serving as the ECM and collaboration tool of choice for enterprises, many do not recognize the risks until it is too late.

Download "​Microsoft SharePoint Security: Part 1 - The Security, Compliance and Risk Case"

​Making SharePoint Safe for Sensitive Data

SharePoint promises to solve many of today’s ECM challenges. But concerns persist about SharePoint's use for the management of private or sensitive content.

Download "​Making SharePoint Safe for Sensitive Data"

Best Practices in SharePoint Content Checklist: SharePoint Adoption and Security in 5 Easy Steps

As you deploy SharePoint® 2010, you have considered the technical aspects — but have you considered the content? How will it be migrated, accessed and secured while encouraging collaboration?

Download "Best Practices in SharePoint Content Checklist: SharePoint Adoption and Security in 5 Easy Steps"

​Gov 2.0: Promoting Inclusive, Open, and Transparent Government through Technology White Paper by Microsoft & Cryptzone

This white paper will explore how government agencies can meet their obligations to provide citizen centered government solutions while at the same time maintaining their statuary and regulatory compliance requirements using Microsoft SharePoint™ and HiSoftware Compliance Sheriff®.

Download "​Gov 2.0: Promoting Inclusive, Open, and Transparent Government through Technology White Paper by Microsoft & Cryptzone"

​Website Content Quality Checklist: 16 Usability and Performance Questions to Ask Your Web Team

Site quality matters. In fact, a recent article indicates that it is costing companies millions of dollars in lost revenue for Internet businesses.* Site quality is multi-faceted, but at its core it is focused on a site that users can trust and visit repeatedly, as well as ensuring everything works in a way that meets a user’s expectations for speed, reliability and accessibility.

Download "​Website Content Quality Checklist: 16 Usability and Performance Questions to Ask Your Web Team"

​Six Steps to Help Maximize Online Profits, Keep Pace with Accessibility Needs and Meet Expectations for Site Quality and Privacy White Paper

In today’s technology-rich economic environment, the Internet has become the fastest-growing channel for sales, profit and building a positive brand image. But overlooking compliance as you craft your Web strategy may expose your organization to vulnerable legal fines and penalties, and result in the loss of valuable revenue opportunities by failing to reach a large community of potential customers. Monitoring your site to ensure it meets important compliance benchmarks for privacy, accessibility and site quality is a must for companies doing business on the Web.

Download "​Six Steps to Help Maximize Online Profits, Keep Pace with Accessibility Needs and Meet Expectations for Site Quality and Privacy White Paper"

Leveraging SharePoint for HIPAA Governed Data: 5 Conquerable Challenges to Meeting HIPAA Compliance in SharePoint

You know you need to be HIPAA compliant. However, achieving compliance, while still allowing employees to collaborate in SharePoint, is not easy. Healthcare organizations looking to leverage SharePoint for collaboration often struggle with a number of issues trying to meet compliance with the strict requirements set by HIPAA. Download this white paper to learn how to conquer the barriers to collaboration in SharePoint. Discover how technology can help your organization safely leverage SharePoint for the storage and collaboration of PHI and other confidential material.

Download "Leveraging SharePoint for HIPAA Governed Data: 5 Conquerable Challenges to Meeting HIPAA Compliance in SharePoint"

Five Healthcare Content Compliance Challenges and How to Solve Them

Learn how to implement a repeatable, practical, measurable and cost-effective process for auditing and reporting on Protected Health Information (PHI) and other sensitive corporate information across intranets, public-facing websites, portals, document libraries and SharePoint sites.

Download "Five Healthcare Content Compliance Challenges and How to Solve Them"

SharePoint's 5 Most Wanted Governance Offenders: Plus 4 Ways to Stop Them in Their Tracks

We set out to find the top 5 governance offenders and the characters we uncovered might surprise you. This infographic exposes SharePoint’s Most Wanted characters, their sometimes risky behavior and annoying habits. It also offers 4 things you can do to stop them in their tracks, to ensure only the right people have access to the right content.

Download "SharePoint's 5 Most Wanted Governance Offenders: Plus 4 Ways to Stop Them in Their Tracks"

Managing Compliance Risk in SharePoint: A Step by Step Illustrated Guide

Effective compliance is the ability to not only have a governance strategy in place, but also be able to manage risk by identifying issues and potential violations, and have a process in place for resolution and fine tuning. This step-by-step illustrated guide lays out each step; from defining your compliance strategy, to implementing Cryptzone's suite of solutions for identifying and managing compliance and security issues in SharePoint to help protect your organization.

Download "Managing Compliance Risk in SharePoint: A Step by Step Illustrated Guide"

​Who's at Risk for a Data Privacy Breach?

The answer is everyone. Any company who collects, stores and/or collaborates customer, patient or employee data is at risk. Not convinced? We’ve put together an infographic that examines who is at risk for a data breach, how it happens, the cost implications and tips on how to reduce data privacy risk within your own organization.

Download "​Who's at Risk for a Data Privacy Breach?"

Does your Citrix or Terminal Server environment have an Achilles heel?

This white paper will highlight the information security risks inherent in all multi-user virtual desktop solutions, and offer a better way to secure access using a 'zero trust' security methodology.

Download "Does your Citrix or Terminal Server environment have an Achilles heel?"

Preventing Cyber Attacks with a Layered Network Security Model

This white paper looks at the IT landscape today and why traditional models are failing. It also explores how a layered defense, built on the principles of Zero Trust, can be used to combat cyber attacks involving privileged user accounts and enable organizations to regain control over their networks and mitigate risk.

Download "Preventing Cyber Attacks with a Layered Network Security Model"

Addressing Auditors Compliance Requirements with Secure Access

Regulatory compliance is a critical concern for many organizations. However, implementing the proper security controls and demonstrating compliance places a considerable burden on system administrators and can become very costly. Compliance with regulations, such as SOX, FISMA, PCI, FSA and SCC has always been challenging, but is especially difficult when adherence to multiple regulations is required.

Download "Addressing Auditors Compliance Requirements with Secure Access"

Why Recognition, not Identity should underpin Access Permissions

This short white paper introduces the concept of recognition, where identity becomes, only one dynamic attribute amongst many, used to determine user authenticity and grant access permissions, in order to minimize IT security exposure in line with risk based policies.

Download "Why Recognition, not Identity should underpin Access Permissions"

Cryptzone Survey Reveals SharePoint Users are Breaching Security Policies

This study, conducted amongst attendees at Microsoft’s SharePoint Conference in Las Vegas (USA) found that at least 36% of SharePoint users are breaching security policies, and gaining access to sensitive and confidential information, to which they are not entitled. Read the survey for more findings and SharePoint security recommendations.

Download "Cryptzone Survey Reveals SharePoint Users are Breaching Security Policies"

Infographics


Infographic: AppGate’s context aware, dynamic approach to secure access

AppGate Secure Access makes the application/server infrastructure effectively “invisible.” It then delivers access to authorized resources only, verifying a number of user variables each session—including device posture and identity—before granting access to an application. Once the user logs out, the secure tunnel disappears. Additionally, when a new device is on a public network, or a device that failed to log in tries to connect, additional security requirements (such as multi-factor authentication) can be enforced, or access can be denied.Download our infographic on AppGate’s context aware, dynamic approach to secure access to learn more.

Download "Infographic: AppGate’s context aware, dynamic approach to secure access "

SharePoint's 5 Most Wanted Governance Offenders: Plus 4 Ways to Stop Them in Their Tracks

We set out to find the top 5 governance offenders and the characters we uncovered might surprise you. This infographic exposes SharePoint’s Most Wanted characters, their sometimes risky behavior and annoying habits. It also offers 4 things you can do to stop them in their tracks, to ensure only the right people have access to the right content.

Download "SharePoint's 5 Most Wanted Governance Offenders: Plus 4 Ways to Stop Them in Their Tracks"

Managing Compliance Risk in SharePoint: A Step by Step Illustrated Guide

Effective compliance is the ability to not only have a governance strategy in place, but also be able to manage risk by identifying issues and potential violations, and have a process in place for resolution and fine tuning. This step-by-step illustrated guide lays out each step; from defining your compliance strategy, to implementing Cryptzone's suite of solutions for identifying and managing compliance and security issues in SharePoint to help protect your organization.

Download "Managing Compliance Risk in SharePoint: A Step by Step Illustrated Guide"

​Who's at Risk for a Data Privacy Breach?

The answer is everyone. Any company who collects, stores and/or collaborates customer, patient or employee data is at risk. Not convinced? We’ve put together an infographic that examines who is at risk for a data breach, how it happens, the cost implications and tips on how to reduce data privacy risk within your own organization.

Download "​Who's at Risk for a Data Privacy Breach?"

Security Guides


PCI DSS v3 Compliance Security Guide

This document summarises the twelve Payment Card Industry (PCI) Data Security Standard (DSS) Requirements and Security Assessment Procedures, and highlights some of the new updates in Version 3.0. The context is however limited to many areas in which the use of Cryptzone’s AppGate Server can deliver compliance against the standard.

Read the PCI DSS v3 Compliance Security Guide Security Guide