Solution

Security Awareness content must be dynamic. The themes should be based on specific threats, severity of the threats, enterprise-specific vulnerability, enterprise physical location, and enterprise business vertical. Security awareness program must also be able to track the awareness level of all employees and have the capability to identify, report and defend against any known attacks on an enterprise.

Damage to a company ’ s resources from internal forces continues to rise each day.
 

FootPath launched SecureGURU^TM to help enterprises effectively communicate with enterprise security programs and reduce the liability of the enterprise, while fully complying with laws passed by the US Congress that will soon be required of financial services, health care, defense and utility companies in the US. In addition to the technology to communicate, track and prioritize security content, FootPath provides security training content in the form of Flash presentations, screen savers, Intranet servers, posters & flyers. FootPath’s interactive content team constantly develops new content and provides it bundled with SecureGURU^TM product.

SecureGURUTM helps enterprises effectively communicate enterprise security programs

SecureGURU^TM Enterprise Security Awareness Concept

FootPath’s Enterprise Security Group provides Security Awareness Solutions for  Enterprises, Security Audits, and Information Security Architecture to Fortune-5000 companies with the main focus being:

Identification of the Threat - (How does one positively identify?)
To combat a threat, employees must be trained to identify a threat. Therefore, educating employees about all types of threats is the first and the most crucial step an enterprise can take to combat security threats

Reporting a Threat - (Who to report?)
Your employees have identified the kind of threat! Is the threat from within the enterprise or is it external? Do they know where and how it has to be reported?

Defending against a Threat – (Emergency response, first-aid…)
Is your staff capable enough to handle a threat? Are your systems being monitored by security software? Do your staffs know about the software?

SecureGURU^TM Security Education Content

With the Government stepping up its emphasis on Information Security and Privacy standards with recent U.S Legislation acts such as Gramm-Leach-Bliley Act of 1999 and the Health Insurance Portability and Accountability Act (HIPAA) of 1998, Footpath’s SecureGURUTM solution aims to proactively educate employees to improve enterprise threat and security awareness with the education themes in compliance with these regulations. FootPath Security Education themes are available on the following areas:

• Identity Theft
• Information Theft
• Privacy Protection
• Desktop Security
• Virus & Worms Education
• Social Attacks & Defense
• Bio-terror Defense Education
• Work Place Theft Prevention Education
• PDA/Laptop Security
• Wireless Security
• HIPAA (scheduled 02/2003)

Advantages of SecureGURU^TM Architecture

SecureGURU^TM architecture has been designed keeping in mind, all issues pertaining to the MIS department, network resources and most frequently used features such as:

• Minimal use of Internet bandwidth to download/view the light-weight, Security Education Content .The content is downloaded only once or whenever updated

• Reduced or no Intranet traffic as offline security education themes are played from each client machine

• Lesser Connection time as the Offline communication system (SecureGURU Screen Saver and SecureGURU Advisor) dispenses with constant connection to the Internet

• Least CPU utilization enabling it to work on computers with minimal hardware resources.

• SecureGURU Screen Savers make effective usage of computer idle time by playing security education content thereby creating a security aware environment

• Scheduled delivery of Security content through SecureGURU Live Update

• Offline tracking with no load on network resources.

Tracking of Viewer ship

Track Security Education Training
SecureGURU^TM Education content is both interactive and intelligent (SecureGURU^TM 3.0 and future releases). Each theme is engineered to track and evaluate the progress of an employee’s security awareness. On having completed viewing, the theme is automatically marked as read and the next unread theme is brought up ready to be viewed.

Control Security Education
With server push technology (SecureGURU^TM 3.0 and future releases), SecureGURU Content Server can communicate “Urgent Threat Alerts” to all SecureGURU^TM Clients and evaluate each user as having acknowledged or not acknowledged the alert. The client system remains locked as long as the user has not acknowledged the alert.

With Server based push technology, top priority alerts are communicated to all SecureGURU^TM clients on the corporate LAN

SecureGURUTM Desktop Security and Breach Notification

One of the key issues addressed by SecureGURU^TM is Desktop Security. The SecureGURU^TM Desktop Monitor automatically monitors the locked workstation. On detection of an unauthorized

login, the SecureGURU^TM Breach Notification System automatically notifies the owner of the  workstation over a pre-configured email address or a mobile phone. SecureGURU^TM Breach Notification System can be configured to channel Breach Notification messages through the corporate SMTP server on the company Intranet or a dedicated third-party SMTP server.

SecureGURU Breach Notification System alerts clients of unwarranted breach attempts on workstations

In addition to the Breach Notification System, the Desktop Monitor also features:

• Capture and logging Breach information to dedicated log files
• Automatic and configurable facility to Backup log files on the local computer or over the Intranet
• Automatic Event Log Backup, Clearing and Notification system
• Automatic Live Update Scheduling

To view Technical White Paper of SecureGURU^TM specification in details, click here.