Dear Customer,

Welcome to the GSS monthly update of news, views and advice surrounding today’s top IT security issues. 

Firstly, a thank you for the positive feedback on last month’s Websense Roadmap Seminar.  The morning proved informative for all involved - we will keep you up to-date with future Roadmap events.

We are continuing on the road this month.  You can see us at Enterprise IP VPN Forum at the Inmarsat Conference Centre in London on 12th March.  The Forum aims to give IT, Network and Telecoms Managers a thorough, unbiased insight into business issues relating to IP VPN implementation and management.  Visit our website to find out more.

Infosecurity Europe is fast approaching.  Opening next month on 22nd April we will be exhibiting at stand C240.  The organisers of Europe’s no.1 dedicated information security event, have put together a light hearted competition to win an exclusive Infosecurity prize.  For your chance to win play the online game ‘De-bug’.  Find out more in the article below.

We are also talking about compliance issues in this month’s newsletter - DPA compliance and PCI-DSS compliance.  Regulations such as these require changes to network security infrastructures and IT procedures. The two articles below are aimed at helping you understand some of the recently highlighted compliance challenges.

Please keep your suggestions coming – I welcome your feedback on any issues covered. Feel free to email me with any comments.

David Hobson
Managing Director

Issues behind DPA compliance

Last month, Justin, IT Support Manager from Ashford asked: “I read your article in last month’s newsletter regarding steps to set up a Data Protection Act compliance programme.  We've put some of these steps in place, but can you explain some of the issues behind why we need to be compliant?"

Read David's advice

If you've got a question you'd like to put to the experts, send it to emaildavid@gss.co.uk

Providing access in the most remote locations

Marie Stopes International is a registered charity running 9 sexual and reproductive healthcare centres in the UK.  The charity also works around the world with 452 centres in 38 countries delivering care and services in some of the world's poorest regions.

To enable charity staff to work effectively while on the move and stay in touch when working in remote locations around the world, the IT team initiated a project to develop an information-sharing environment based around Microsoft's Sharepoint.

Read more

---

Win exclusive infosecurity prize

The organisers of Infosecurity Europe are offering you the chance to win VIP entry to Infosecurity 2008 with reserved seminar seating, hotel accommodation and dinner for 2!  For your chance to win, play De-bug - an online game where you must remove the bug from your system before time runs out!

Visit www.infosec.co.uk/debug to try the game and for your opportunity to win the exclusive prize.  Infosecurity Europe opens on 22nd April 2008 – see us at stand C240.

Play the game!

---

And the winner is...

Thank you to all of you that entered the Guess Who competition in last month’s Newsletter.  We had many entries but the winner was Jan-Fei Li at Borer Data Systems Ltd.  Jan-Fei correctly guessed that the mystery official pictured was Des Brown, The Secretary of Defence.  A bottle of champagne is on the way to our lucky winner.

See last month's newletter

How to achieve PCI compliance with AppGate

A company processing, storing, or transmitting payment card data must be compliant with the Payment Card Industry (PCI) Data Security Standards (DSS) or risk losing their ability to process credit card payments.

AppGate have produced a paper that clearly describes the twelve requirements defined in PCI DSS and how AppGate can support your PCI DSS compliance.  Download the free paper below.

Download PCI DSS Paper

---

A day in the life of a GSS security expert

GSS Consultants have been carrying out security reviews as bespoke consulting assignments for more than ten years. Our clients are diverse and range from central and local government, education institutions, major financial organisations, retailers, manufacturers through to SMEs and Start Ups.

To find out what a typical day is like for our GSS consultants, we hear from Pauline Brace, Principal Information Security Consultant at GSS to discover some of the daily issues our experts face.

Read more

Malicious Page of the Month

Finjan’s renowned Malicious Code Research Centre has published its latest issue of the Malicious Page of the Month (MPOM).  This informative document shows the commercialisation of stolen FTP server credentials of legitimate companies as well as how the deployment of ready-made Crimeware toolkits has gained momentum.

Finjan found more than 8,700 FTP servers’ credentials of highly respected organisations and enterprises were stolen, including valid user names and passwords.

Read the MPOM report

---

Websense unveil Data Loss Prevention solution

Websense has unveiled a preview of its data loss prevention (DLP) solution for the endpoint and announced a new technology partnership designed to give customers more choice, flexibility and interoperability in their security deployments on endpoints – end-user devices such as laptops that connect to the corporate network.

Read more