Annual Report 2009 (1 MB, pdf) - Vasco
Annual Report 2009 (1 MB, pdf) - Vasco
Annual Report 2009 (1 MB, pdf) - Vasco
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Components of Security. Data and financial asset security, and secured access to and participation in<br />
on-line commerce, generally consist of the following components:<br />
• Encryption: Maintains data privacy by converting information into an unreadable pattern and<br />
allowing only authorized parties to decrypt the data. Encryption can also maintain data integrity<br />
by creating digital signatures for transmitted data, enabling the recipient to check whether the data<br />
has been changed since or during transmission.<br />
• Identification and Authentication: Serves as the foundation for other security mechanisms by<br />
verifying that a user is who he or she claims to be. Identification and authentication mechanisms<br />
are often employed with encryption tools to authenticate users, to determine the proper encryption<br />
key for encrypting/decrypting data, or to enable users to digitally “sign” or verify the integrity of<br />
transmitted data.<br />
• Access Control: Software that provides authentication, authorization and accounting functions,<br />
controlling a user’s access to only that data or the financial assets which he or she is authorized to<br />
access, and that keeps track of a user’s activities after access has been granted.<br />
• Administration and Management Tools: Software that sets, implements, and monitors security<br />
policies, the access to which is typically regulated by access control systems. These tools are<br />
extremely important to the overall effectiveness of a security system.<br />
The most effective security policies employ most, if not all, of the above components. Many<br />
companies, however, only implement a patchwork of these components, which could result in their security<br />
systems being compromised.<br />
Our Solution<br />
We have found that, to date, most approaches to network security, including Internet security, have<br />
been limited in scope and have failed to address all of the critical aspects of data security. We believe that an<br />
effective enterprise-wide solution must address and assimilate issues relating to the following:<br />
• Speed and ease of implementation, use and administration;<br />
• Reliability;<br />
• Interoperability within diverse enterprise environments, existing customer applications and the<br />
security infrastructure;<br />
• Scalability; and<br />
• Overall cost of ownership.<br />
Accordingly, we have adopted the following approach to data security:<br />
• In designing our products, we have sought to incorporate industry-accepted, open and<br />
non-proprietary protocols. This permits interoperability between our products and the multiple<br />
platforms, products and applications widely in use.<br />
• We have designed our products and services to minimize their integration effort with, and<br />
disruption of, existing legacy applications and the security infrastructure. We provide customers<br />
with easier implementations and a more rapid means of implementing security across the<br />
enterprise, including the Internet. With security being a critical enabling technology for on-line<br />
business initiatives, speed and ease of security implementation has become crucial to an<br />
organization’s success.<br />
• We design our products and services to have a more attractive total cost of ownership than<br />
competing products and services. We have found that product improvements and tools that lower<br />
a customer’s total cost of ownership create differentiating sales and marketing tools and also help<br />
in the development of a highly loyal customer base that is open to new solutions that we offer.<br />
7