Websense® Software Helps Organizations Protect Critical Information to Achieve Regulatory Compliance
Websense safeguards companies from online threats such as spyware, keyloggers and peer-to-peer risks to enforce compliance with the
Gramm-Leach-Bliley Act, Sarbanes Oxley Act, and HIPAA SAN DIEGO February 28, 2005 -- Websense, Inc. (NASDAQ: WBSN), the world's leading provider of employee internet management solutions, today announced that
Websense® software and services help organizations comply with government laws such as the Gramm-Leach-Bliley Act (GLBA), Sarbanes-Oxley Act (SOX), and the Health Insurance Portability and
Accountability Act (HIPAA).
These laws (GLBA, SOX, and HIPAA) and related regulations impose new requirements on the way organizations store and protect private and confidential data, establish
standards for compliance, and institute penalties for noncompliance. Websense software safeguards information security and mitigates liability associated with these mandates. By protecting against new
web-based threats such as spyware, keyloggers, and internet-borne viruses, companies using Websense software can protect their customers' privacy and control access to sensitive information while fulfilling
legal obligations, complying with enforced regulations and avoiding noncompliance penalties.
The GLBA, signed into Public Law on November 12, 1999, dictates how financial institutions are able to
manage and protect personal consumer information and applies to all companies that offer financial products or services. From an IT perspective, the GLBA requires that companies restrict access to their
networks and implement controls to protect sensitive information and prevent malicious or inadvertent disclosure of nonpublic personal information. The GLBA also requires financial services organizations to
perform regular assessments of risks to the security of customer information.
New web-based threats such as spyware, keyloggers, and internet-borne viruses are particularly ominous for insurance and
financial services industries which operate under the GLBA. Providing protections against these threats, Websense software allows companies to define the applications that are allowed to access the network
and the ports by which they can be accessed. Websense restricts networks access to only authorized categories of programs, denying admission to unknown or unauthorized programs such as spyware, instant
messaging (IM), peer-to-peer (P2P) or hacking tools.
The stated purpose of the Sarbanes-Oxley Act is "to protect investors by improving the accuracy and reliability of corporate disclosures made
pursuant to the security laws, and for other purposes". SOX, which became Public Law on July 30, 2002, aims to prevent corporate mismanagement by requiring better controls and accountability for corporations
that report to the Securities and Exchange Commission (SEC). The SOX Act points to three key areas for ensuring the security of financial information within an organization: to control access to systems and
data; to ensure the security of the company's network infrastructure; and monitor activities and log events that might indicate security breaches.
With Websense software, companies can accomplish
these goals by setting appropriate application usage policies across the organization and reporting on employee computing. Organizations can also restrict application use to only those employees on an
approved list. This feature allows the blocking of dangerous applications such as spyware, peer-to-peer (P2P) and hacking tools entirely, securing important financial information. With Websense software,
even mobile employees with laptops who are disconnected from the network are protected.
Becoming Public Law in August, 1996, HIPAA was enacted by Congress to improve the efficiency of the health care
system to protect the confidentiality and security of health data. HIPAA establishes standardized mechanisms for electronic data interchange, security, and confidentiality of all health care-related data. As
more hospitals connect their databases to the public internet, new security dangers similar to those plaguing the financial services and banking industries have arisen. These concerns are primarily about the
control of access to proprietary health information and monitoring and reporting security events.
Malicious spyware applications and keyloggers are particularly dangerous in the health care
environment. Websense software and services help protect patient data from unauthorized access and prevents unauthorized employees from launching patient data applications or hacking tools to gain access to
restricted information. In addition, health care agencies must ensure that only authorized personnel can use the system or access sensitive records. Websense software allows organizations to set appropriate
application use policies based on user, group, workstation, or network.
To defend the transfer of protected information, employees should not be allowed to circumvent the corporate email system for
external file transfers. Websense allows for the blocking of file transfers through public IM and P2P applications. If an organization chooses to deny use of a certain applications altogether, whether IM,
P2P or any unprotected application, Websense software will block access to the websites from which these applications can be downloaded.
To aid with compliance requirements, Websense reporting and
analysis tools can be used to ensure effective employee management. With real-time network statistics on applications usage and knowledge of the specific computers involved, administrators have the
information they need to understand the threats facing the organization. Administrators can also drill down on reports of network usage by protocol signature, username, user group, and by destination IP or
hostname to find more detailed information. Reports can be defined and scheduled for automatic distribution to administrators via email.
For more information about how Websense addresses regulatory
compliance, please visit http://ww2.websense.com/docs/WhitePapers/Ensuring_Information_Security-New_Regulatory_C hallenges.pdf to view a white paper with case studies from Penn National Insurance, Golden
State Foods, and Sharp Healthcare. In addition, an online Websense webcast is available at http://www.accelacomm.com/jlp/press/0/10003083/ which addresses the fundamentals of information security for
regulatory compliance. Speakers address the key challenges, available solutions, and examples of companies that are successfully meeting today's demanding regulatory compliance mandates. About Websense, Inc.
Websense, Inc. (NASDAQ: WBSN), the world's leading provider of employee internet management solutions, enables organizations to optimize employee use of computing
resources and mitigate new threats related to internet use including instant messaging, peer-to-peer, and spyware. By providing usage policy enforcement at the internet gateway, on the network and at the
desktop, Websense products enhance productivity and security, optimize the use of IT resources and mitigate legal liability for our customers. |
