http://www.compliancehome.com/ ComplianceHome is one of the Web's largest library of resources for compliance management of HIPAA, SOX, FISMA, GLBA, FDA, COOP & COG, FFIEC, Basel II, OSHA and ISO 27002/17799. Visit our directories which are the best source on White papers, related news articles, resources on the web, training, webinars, conferences, rules & regulation overview, ask the expert, job and search on vendors, solutions & products. http://www.compliancehome.com/images/rsslogo.gif http://www.compliancehome.com/ en-us Fri, 27 Jun 2008 00:00:00 CST http://www.compliancehome.com/whitepapers/FDA/abstract10948.html CFR Part 11 of title 21 of the Code of Federal Regulations; Electronic Records; Electronic Signatures sets forth the requirements for the creation, modification, maintenance, archival, retrieval, and transmittal of electronic records and also the use of electronic signatures when complying with the Federal Food, Drug and Cosmetic Act or any other Food and Drug Administration (FDA) regulation. These rulings became law in March 1997. Since that time, both industry and the FDA have been working to interpret the meaning and intent of Part 11. The FDA has created several documents with the assistance of industry representatives, to offer guidance in interpretation of the requirements. Even with these efforts, the requirements are still somewhat of a moving target. Pilgrim Software is continuously monitoring the opinions of the FDA to ensure continued compliance with the requirements. http://www.compliancehome.com/whitepapers/FDA/abstract10948.html Thu, 01 May 2008 00:00:00 CST http://www.compliancehome.com/whitepapers/FDA/abstract10890.html IronPort email security appliances are designed to protect networks from todays and tomorrows email threats.These appliances are built on IronPort s proprietary asyncos operating system.optimized for messaging, asyncos provides the foundation that allows a single IronPor t appliance to process mail more than ten times more efficiently than traditional UNIX-based systems.on top of this highly scalable platform,IronPort of fers a variety of security applications for spam and virus filtering,content scanning and policy enforcement.also contained are unique technologies developed by IronPort as well as tightly integrated filtering technology from best of breed partners. The modular design of the system allows these applications to be turned on or off to meet the specific needs of each customer. http://www.compliancehome.com/whitepapers/FDA/abstract10890.html Mon, 25 Feb 2008 00:00:00 CST http://www.compliancehome.com/whitepapers/FDA/abstract10798.html Web Application Security Testing White Paper Author: Avi D. Bartov The need to provide web security and defend web applications from hackers due to software and hardware vulnerabilities requires remote an online web vulnerability-assessment service to combat maximum vulnerabilities. The risks must be continually updated and the tests tailor-made to provide optimal solutions. http://www.compliancehome.com/whitepapers/FDA/abstract10798.html Mon, 18 Feb 2008 00:00:00 CST http://www.compliancehome.com/whitepapers/FDA/abstract10791.html Organizations regulated by the U.S. Food and Drug Administration (FDA) like pharmaceutical, biotechnology, medical device, and others continue to experience the peaks and valleys of complying with 21 CFR Part 11. While the regulation itself has not changed, industry and the technological environment certainly have. As a result, FDA has announced its intention to provide additional guidance regarding Part 11 compliance and enforcement in 2005. Adhering to the Part 11 requirements is a significant undertaking for most companies. However, the effort expended in doing so has proven beneficial because it allows an organization to capitalize on current technologies to automate existing paper-based processes. In order to do this, companies not only must filter through all the technologies available to automate current paper-based processes, but must understand how to comply with Part 11 and execute their plan. This paper provides an overview of 21 CFR Part 11 and how it came about, how it is http://www.compliancehome.com/whitepapers/FDA/abstract10791.html Wed, 09 Jan 2008 00:00:00 CST http://www.compliancehome.com/whitepapers/FDA/abstract10744.html Companies that are under competitive pressure and/or stringent compliance and legal guidelines are using strong accountability mechanisms, specifically, secure audit trail/logging to provide the ability to reliably reconstruct and irrefutably prove the integrity, origin, order and sequence of events contained in audit logs in support of business operations. This whitepaper reviews the various requirements across different regulations about ensuring integrity and authenticity of logs and digital records, and the technical implications of these requirements. http://www.compliancehome.com/whitepapers/FDA/abstract10744.html Mon, 19 Nov 2007 00:00:00 CST http://www.compliancehome.com/whitepapers/FDA/abstract10673.html For decades, data backup has been a challengeslow, costly, labor-intensive, and unreliable. But now major breakthroughs in hardware and software offer organizations new, attractive options for data backup and recovery. This white paper highlights the extensive capabilities of disk-based options, which help speed backup and recovery and make it more reliable. And it discusses strategies for complementing traditional tape-based solutions with powerful disk-based approaches. In an era of exponential data growth and greater regulatory compliance, the need for efficient backup and recovery is all the more acute. This white paper presents the business case for disk-based backup, highlights enterprise options, and describes key solutionsincluding EMC Legato NetWorker software. For any organization that wants to enhance its backup and recovery processes, this overview offers helpful information and answers many relevant questions. http://www.compliancehome.com/whitepapers/FDA/abstract10673.html Thu, 15 Nov 2007 00:00:00 CST http://www.compliancehome.com/whitepapers/FDA/abstract10672.html As a security specialist, I find that companies pay plenty of attention to hardening their servers and networks but pay little attention to how uncontrolled Internet access from within an organization can represent a significant legal and security risk. For example, a university in California was warned it might be held liable for permitting downloads of a copyrighted movie1. And a company in Arizona was fined $1 million for file sharing activity hosted on the companys computers2. These and other events add up to an increase in exposure to liability as a result of a workers illegal activity on the Internet while using company equipment. Additionally, users who browse a malicious Web site can become infected with a Trojan or other malware without their knowledge as a result of vulnerabilities in Microsoft Internet Explorer (IE) and the difficulty of keeping computer systems updated. Internet filtering technology, which is typically associated with increasing work efficiency by reducin http://www.compliancehome.com/whitepapers/FDA/abstract10672.html Thu, 18 Oct 2007 00:00:00 CST http://www.compliancehome.com/whitepapers/FDA/abstract10644.html With the demand by customers for more real-time, self-service options, many businesses have migrated their services to remote channels such as the Internet and telephone. At the same time, businesses have reaped the benefits of remote customer interaction reduced costs, increased efficiency and the opportunity to offer new services. Despite the advantages, remote interaction also comes with risks most specifically, an increased risk of fraud and identity theft. According to several industry reports, an identity is stolen every 79 seconds. In addition, the number of identity thefts reported continues to steadily grow each year. As the number and sophistication of attacks increase, customer confidence is likely to be affected. Businesses must provide strong authentication to protect customer activity in remote channels without impeding on their experience or privacy. http://www.compliancehome.com/whitepapers/FDA/abstract10644.html Thu, 18 Oct 2007 00:00:00 CST http://www.compliancehome.com/whitepapers/FDA/abstract10642.html This paper provides the business case for extending Microsofts enterprise management tools, System Center 2007 (SC 2007) and its predecessors, Microsoft Operations Manager (MOM) and Systems Management Server (SMS) with Configuresoft Enterprise Configuration Manager (ECM) to exponentially increase operational efficiencies, lower security risk and extend management benefits to the UNIX and Linux systems across the enterprise. http://www.compliancehome.com/whitepapers/FDA/abstract10642.html Thu, 18 Oct 2007 00:00:00 CST http://www.compliancehome.com/whitepapers/FDA/abstract10641.html Change is a two-edged sword for IT organizations. While change is necessary and inevitable, change also holds the potential for introducing risk into IT environments. Change management process-oriented solutions using approaches such as ITIL seek to control change and the associated risks. However, many existing solutions focus too narrowly on solving specific change-related issues, such as the change approval process or configuration audit for compliance, and do not complete the change management process cycle. Most solutions fail to address the Change Reconciliation challenge, which introduces risk. Solutions are starting to emerge that complete and close the change management loop by integrating with existing Service Desk change approval processes, thereby extending change process control to include the change implementation and change verification phases, and finally circling back to the change approval process to complete the entire change process. These emerging solutions deliver http://www.compliancehome.com/whitepapers/FDA/abstract10641.html Mon, 08 Oct 2007 00:00:00 CST http://www.compliancehome.com/whitepapers/FDA/abstract10621.html With spam levels breaking records every day, the quintessential business tool email has simultaneously become a major liability. With inboxes overrun with more and more unwanted email that threatens business productivity, regulatory compliance, and network security, organizations are having to look at what is being mailed in, out and around their network, at the gateway, at the mail server and at the endpoint. This paper focuses on the threat posed by unwanted emails that make it through to the inbox, explains the impact these threats have on organizations, and demonstrates what needs to be done in response to make email safe and productive. http://www.compliancehome.com/whitepapers/FDA/abstract10621.html Mon, 17 Sep 2007 00:00:00 CST http://www.compliancehome.com/whitepapers/FDA/abstract10577.html CIOs and IT managers face tremendous demands today to reduce IT costs, improve user productivity and create an IT environment that complies with best practices for IT risk management and regulations. Efficient and secure user access to SAP is a specific challenge in todays powerful but also complex and heterogeneous SAP environments. Weak user authentication with static passwords and unencrypted communication between users workstations and the backend SAP servers is a significant vulnerability to your SAP environment. This can put the availability of your SAP environment, the confidential data inside your SAP systems, and your entire business activity at risk. And it exposes your company and its management to potential compliance issues with regulations and data privacy laws. These challenges can be solved with a secure single sign-on solution for SAP, which has been proven to increase security and save significant costs. This whitepaper shows how to improve your companys business r http://www.compliancehome.com/whitepapers/FDA/abstract10577.html Wed, 29 Aug 2007 00:00:00 CST http://www.compliancehome.com/whitepapers/FDA/abstract10538.html Without an effective plan in place, disruptions to business operations or government services can cause substantial financial loss, unnecessary personal or property damage, while seriously impacting communities. Business continuity planning (BCP) and organizational procedures for continuity of operations (COOP) can be strengthened and enhanced by means of a proven wireless solutions. Preparing effectively for catastrophic events, power outages, weather-related incidents, and similar threats requires forward-looking procedures, a responsive communication network, and a framework of supporting technology. Developing and implementing an effective mobile BCP strategy includes establishing best practices to make sure the solution is: Architected to minimize potential revenue loss and brand damage; Reliable and easy to use; Secure and confidential; Capable of communicating promptly to stakeholders during crisis; Engineered for efficient usage of battery, processing, and networ http://www.compliancehome.com/whitepapers/FDA/abstract10538.html Fri, 24 Aug 2007 00:00:00 CST http://www.compliancehome.com/whitepapers/FDA/abstract10533.html The Internet has matured from a phenomenon to a transformational infrastructure that is changing our society. Consumers can conduct business from virtually anywhere, and they increasingly expect retailersregardless of their size or the products they sellto provide access to customer services, content, and commerce anytime, from any device. However, as retailers open and extend their channels to accommodate the demands of this Any Era, threats and vulnerabilities increase. These threats target the key assets of retail business: consumers, brands, Web sites, and internal networks. Such attacks not only jeopardize a companys financial standing, reputation, and regulatory compliance; they also undermine their consumers confidence. VeriSigns Digital Infrastructure offers a layered, systematic approach to help protect sensitive data, mitigate threats to digital assets, and address compliance in the Any Era. Complementary security layers fortify each other to create a solution that is http://www.compliancehome.com/whitepapers/FDA/abstract10533.html Fri, 24 Aug 2007 00:00:00 CST http://www.compliancehome.com/whitepapers/FDA/abstract10518.html Running a data center has always been a challenging job, as any IT manager will attest. In most cases, data centers evolved on a project-by-project basis, and over time they have grown ever more complicated. How complicated? Todays data center is teeming with complexity, starting with multiple-vendor solutions for servers, storage hardware, operating systems, applications, and utilities. Managers wrestle with an increasing number of business processes, users, and volumes of data to be processed and stored. Unfortunately, as is the case with most businesses, limited financial and human resources are available to the IT managers who are charged with running data center operations. These people are left in the unenviable position of expanding IT service levels while maintaining cost control. http://www.compliancehome.com/whitepapers/FDA/abstract10518.html Thu, 16 Aug 2007 00:00:00 CST http://www.compliancehome.com/whitepapers/FDA/abstract10505.html Am I compliant? is a question more and more companies are recognizing they need to answer with absolute certainty. Illegal software use costs software publishers billions of dollars each year, and software vendors, along with organizations such as the Business Software Alliance (BSA) and Software and Information Industry Association (SIIA), are stepping up activities to find and prosecute organizations guilty of software piracy. A 2006 survey conducted by Gartner Research revealed that 35% of companies had experienced an on-site audit from a major software vendor. Weve developed this six-step guide to help you assess your vulnerabilities with respect to license compliance, and ensure ongoing compliance. The guide provides an overview of the issues you'll need to explore when seeking to understand your license compliance status and selecting a software license management tool. Dont risk being blindsided by a software license auditfollow the Six Steps to Completing a Software Audit a http://www.compliancehome.com/whitepapers/FDA/abstract10505.html Tue, 14 Aug 2007 00:00:00 CST http://www.compliancehome.com/whitepapers/FDA/abstract10503.html There are numerous well documented improvements to system performance and reliability when an automated disk defragmentation program is used. Applications load faster, the computer boots to a useable state in less time, backup requires less time to transfer data to an archival storage devices, and many more. This paper pursues a narrowed focus, specifically addressing the tangible benefit that disk defragmentation provides to desktop and laptop client security. Anti-malware security software has become ubiquitous commodity. Whether used on servers, desktops or laptops, the scanning of files on demand or as a scheduled process, is a significant part of the overall business security equation. This particular research paper will present the results of testing performed on typical desktop/laptop environments. As a core function, malicious software detection-and-removal applications scan files (including the Windows Registry) for known malware or malware patterns. The general principle is t http://www.compliancehome.com/whitepapers/FDA/abstract10503.html Fri, 10 Aug 2007 00:00:00 CST http://www.compliancehome.com/whitepapers/FDA/abstract10501.html This document outlines how hackers are exploiting vulnerabilities in e-mail systems, and describes the widely available hacking tools they use. As a collection of already published risks to e-mail security, this white paper is written to educate IT security managers on the challenges they face when attempting to secure their email infrastructure. http://www.compliancehome.com/whitepapers/FDA/abstract10501.html Thu, 09 Aug 2007 00:00:00 CST http://www.compliancehome.com/whitepapers/FDA/abstract10499.html In the wake of massive financial scandals and rising incidences of identity and data theft that have compromised the privacy of millions, many federal and state regulations have been crafted, with the aim of protecting sensitive data and imposing transparency on corporate accounting practices. http://www.compliancehome.com/whitepapers/FDA/abstract10499.html Thu, 09 Aug 2007 00:00:00 CST http://www.compliancehome.com/whitepapers/FDA/abstract10498.html Several years ago, most Internet threats were relatively benign examples of a young adolescents technical expertise but over time they have evolved into increasingly sophisticated domestic and foreign attacks that are designed to capture financial, personal, or strategic business information. Threats now come in the form of deliberately malicious acts, and exploitive opportunities for hackers and/or organized crime. The impact is serious, and the landscape of victims is getting broader every day. In response, no organization can afford to have its networks remain unprotected. Spammers do not distinguish among the sizes of organizations they target. SMBs receive as much and sometimes even more spam as larger enterprises, but are less likely to have the defense systems in place to thwart it. For small businesses, spam can very quickly become a silent killer, overwhelming the resources of a mail system or network before an effective countermeasure can be enforced. In fact, according to s http://www.compliancehome.com/whitepapers/FDA/abstract10498.html Thu, 09 Aug 2007 00:00:00 CST http://www.compliancehome.com/whitepapers/FDA/abstract10495.html First lets consider some hard facts relating to the recent SoBig.F outbreak, the fastest-growing email virus ever: MessageLabs stopped more than a million emails carrying the Sobig.F virus during the first 24 hours of the outbreak. And in excess of 6.4 million further copies during the first week. Typically we stop between one and two million viruses a month. To see this many copies of one particular virus is absolutely unprecedented. MessageLabs scans, on average, between 16 and 18 million emails for customers each day. During the first 24 hours the volume rose by more than 60% to over 25 million emails. At peak we were stopping 12 SoBig.F viruses every second! The ratio of virus to emails topped 1:17. After a week this had slowed to 1:48 still huge by any standards. It took conventional anti-virus software vendors a full 13 hours to come up with a signature, or fix, for SoBig.F after it first appeared. This meant non-MessageLabs customers were wide open to the virus fo http://www.compliancehome.com/whitepapers/FDA/abstract10495.html Thu, 09 Aug 2007 00:00:00 CST http://www.compliancehome.com/whitepapers/FDA/abstract10493.html Web 2.0 applications provide access to numerous resources. From social networks to blogs, to wikis, employees are surfing the web for business data and for personal use. However, web-borne viruses, spyware, malicious code, data leaks, identity theft, pornography, and illegal files are just as happy landing on a corporate PC as on a domestic one. But few enterprises are rigorous in their web defense. This resource identifies fifteen of the most common web security mistakes we see every day in enterprises of every size. http://www.compliancehome.com/whitepapers/FDA/abstract10493.html Thu, 09 Aug 2007 00:00:00 CST http://www.compliancehome.com/whitepapers/FDA/abstract10492.html http://www.compliancehome.com/whitepapers/FDA/abstract10492.html Fri, 03 Aug 2007 00:00:00 CST http://www.compliancehome.com/whitepapers/FDA/abstract10490.html This paper provides a clear understanding of the creative, detection, suppression, and prevention of fire within mission critical facilities. Fire codes for Information Technology environments are discussed. Best practices for increasing availability are provided. http://www.compliancehome.com/whitepapers/FDA/abstract10490.html Fri, 03 Aug 2007 00:00:00 CST http://www.compliancehome.com/whitepapers/FDA/abstract10489.html Cyberattacks have morphed from an individual hackers intent to prove their prowess and intelligence at breaking into computers to a more organized effort where the ultimate goal is to commit fraud or steal critical information. And attacks are on the rise. In a recent eWEEK article, Craig Morford, the first Assistant U.S. Attorney for the Northern District of Ohio, said: Were seeing the growth of a large number of criminal entities targeting U.S. organizations for cyber crimes. Companies trying to defend against these organized efforts find that their employees are not helping matters. In fact, 42 percent of 269 companies surveyed by CIO Insight magazine in 2006 did not have confidence that their users consistently followed their companys security policies and procedures. Such reckless behavior puts data and systems at greater risk. http://www.compliancehome.com/whitepapers/FDA/abstract10489.html Thu, 02 Aug 2007 00:00:00 CST http://www.compliancehome.com/whitepapers/FDA/abstract10486.html Americans are rightly concerned about the safety of their drugs. Too many suffer from unexpected and unpreventable adverse events from the medicines they need. Some have worried about dangerous drugs, while others have worried that an overemphasis on safety will delay developing new therapies. The most important concern for many Americans, however, has been the gap between the time a safety issue emerges and the time we know enough to make a regulatory decision. http://www.compliancehome.com/whitepapers/FDA/abstract10486.html Thu, 02 Aug 2007 00:00:00 CST http://www.compliancehome.com/whitepapers/FDA/abstract10485.html FDA compliance is at the heart of the Life Science Industries. The executives dilemma is balancing compliance with the demands of the market and stockholders. This challenge is fundamental to the success of the Life Science enterprise. Much confusion exists in the mid-market about those very regulatory issues. Key concerns include: How does the enterprise decide what compliance means to it? What strategy is right to balance risk with the compliance effort? What is the right balance between human and automated efforts? Who is responsible for compliance? Where does automation fit into the effort? What is ITs role in compliance? How do we select our automation partner? This document is intended as a guide to addressing these questions for the mid-market Life Science executive. http://www.compliancehome.com/whitepapers/FDA/abstract10485.html Mon, 23 Jul 2007 00:00:00 CST http://www.compliancehome.com/whitepapers/FDA/abstract10471.html IT organizations responsible for running and operating the enterprises business network face many challenges. They first need to take a strategic role to select and provide the best networking infrastructure to achieve the companys high level objectives and provide a competitive advantage. They must then shift to a more tactical focus to setup, monitor, troubleshoot, repair and change the network to support the enterprises evolving, day-to-day needs. These tasks become more challenging when they are impacted by other essential requirements, such as goals related to improving network availability, shortening response time to requests, and curtailing operating expense. And to complicate matters further, many enterprises are becoming increasingly more conscious of operating procedures and regulatory compliance requirements when daily and routine tasks are being executed. http://www.compliancehome.com/whitepapers/FDA/abstract10471.html Thu, 19 Jul 2007 00:00:00 CST http://www.compliancehome.com/whitepapers/FDA/abstract10468.html The amount spent on compliance and data protection is a very small percentage of the financial value that is at risk. With returns on investment in compliance for larger enterprises starting at 1,000 percent and improving to 100,000 percent, good compliance pays for itself. Table of contents Executive Summary Key findings Implications and analysis Recommendations: Follow the leaders Key Findings Most firms continue to struggle with compliance Compliance deficiencies, business disruptions and data losses Firms that do well on compliance have the fewest business disruptions Firms that do well on compliance have the fewest data losses and thefts Publicly exposed and reported data loss/theft: When, not if Financial losses from publicly exposed data loss and theft Share price declines for publicly traded companies Customer and revenue losses Expenses and costs Financial returns for compliance and data protection Leaders cracked the code: Operational http://www.compliancehome.com/whitepapers/FDA/abstract10468.html Tue, 17 Jul 2007 00:00:00 CST http://www.compliancehome.com/whitepapers/FDA/abstract10467.html IT departments have long understood the need to prevent viruses, spyware and other malicious applications or activity from compromising security and disrupting business continuity. Now the rapid emergence of Web 2.0 is beginning to redefine how individuals interact with the internet, and the related technologies pose a range of new threats. Web-savvy users who have local administration rights for their work computers are downloading applications such as Instant Messaging (IM), peer-to-peer (P2P) file-sharing applications and Voice over Internet Protocol (VoIP) services to help them communicate, share files and work collaboratively online for both official and unofficial business. In September 2006, a Sophos online poll asked IT administrators to evaluate what kind of software applications they would like to prevent their users from being able to access and use. The results reveal that administrators have a clear desire to be able to exert more control and to prevent users from instal http://www.compliancehome.com/whitepapers/FDA/abstract10467.html Tue, 17 Jul 2007 00:00:00 CST http://www.compliancehome.com/whitepapers/FDA/abstract10466.html A 2005 IDC survey listed spyware as the second-greatest threat to a companys network security. (The year before, it had ranked as number three.) The research group estimates that 67 percent of all computers are afflicted with some form of spyware. For the past two years, security experts have warned that spyware is becoming more insidious. Spywares annoying pop-up windows and browser hijackings are being replaced by more sinister and covert programs. Recent headlines indicate that spyware developers have shifted their focus away from pay-per-click advertising to far more lucrative identity theft schemes. Sophisticated tools like keystroke loggers can be used to record every account number and password a user enters, in turn, to send the information back to the spyware perpetrator. URL monitors and Trojan horses are also being deployed through spyware, and experts are predicting an increase in the use of spyware to take control of PCs and enlist them in giant botnets. http://www.compliancehome.com/whitepapers/FDA/abstract10466.html Wed, 11 Jul 2007 00:00:00 CST http://www.compliancehome.com/whitepapers/FDA/abstract10465.html The continuing evolution of malware threats combined with the demand for increasingly flexible working practices is a significant challenge to IT departments seeking to reduce help desk support and get better value for money from their investment in security. This paper looks at how organizations can benefit from a more integrated, policy-driven approach to protecting the network at all levels and controlling both user access and behavior. http://www.compliancehome.com/whitepapers/FDA/abstract10465.html Wed, 11 Jul 2007 00:00:00 CST http://www.compliancehome.com/whitepapers/FDA/abstract10464.html Historically, tape has been the archival medium of choice. Today, tape continues to enjoy a reputation as the lowest cost option for archive and compliance needs. Dramatic decreases in the price of disk storage combined with the mounting costs of managing, vaulting (either on-site or off-site), and retrieving information from tape has made disk-based archive and compliance an attractive alternative for todays archive solutions. As part of the ideal architecture, disk-based archive and compliance solutions provide a huge advantage in cost and time efficiency. A typical disk-based archive and compliance architecture includes the core storage system, a unified operating system, and support for multiple protocols. It must be able to scale to meet growth demands, and it must be flexible enough to run primary and secondary storage on the same machine (a single-box solution). http://www.compliancehome.com/whitepapers/FDA/abstract10464.html Thu, 05 Jul 2007 00:00:00 CST http://www.compliancehome.com/whitepapers/FDA/abstract10459.html This white paper will describe how Veritas Provisioning Manager is a leading automated server provisioning solution that has had great success when deployed and used to build servers within a local area data center environment. As Provisioning Manager has become more widely used, customers are discovering a growing number of ways to realize value from its ability to rapidly provision operating system and application images. One of the newest and most novel ways to deploy Provisioning Manager is to reuse a remote QA or test facility as a disaster recovery (DR) site in the event of catastrophe. Conversely, companies are getting new use out of previously idle DR sites, using these investments for software development, for example, then rapidly reprovisioning them back to DR roles with Provisioning Manager when needed. Also known as dual-use DR, this new solution enables the benefits of business continuity protection while getting maximum return on IT hardware, software, and data center http://www.compliancehome.com/whitepapers/FDA/abstract10459.html Fri, 29 Jun 2007 00:00:00 CST http://www.compliancehome.com/whitepapers/FDA/abstract10440.html Whether your organization is a publicly traded multinational corporation, a mid-sized privately held operation, or a small family-owned business, any time you allow employees access to your computer systems and authorize their use of the Internet, email and instant messaging (IM), you put your organizations assets, future, and reputation at risk. Employees accidental misuse (and intentional abuse) of the Internet, peer-to-peer (P2P) technology, email and IM can create potentially costly and time-consuming legal, regulatory, security and productivity headaches for employers.Newsworthy computer gaffes have triggered everything from tumbling stock prices to six-figure regulatory fines to billion-dollar legal settlements to media feeding frenzies. The best advice: manage your organizations electronic liabilities today or risk disaster tomorrow. E-Policy Fact: When it comes to inappropriate computer use, employers are primarily concerned about inappropriate Web surfing, with 76% mo http://www.compliancehome.com/whitepapers/FDA/abstract10440.html Fri, 29 Jun 2007 00:00:00 CST http://www.compliancehome.com/whitepapers/FDA/abstract10439.html Internet filtering technology has evolved far beyond blocking access to unsavory websites. Today, there is an undeniable business case for distributed corporations to use filtering solutions and comprehensive reporting tools. Read this paper to learn 6 facts on Internet filtering and reporting tools. The term Internet filtering may conjure up notions of Big Brother lording over every keystroke an employee makes throughout a long workday. But simply put, filtering is about knowledge. And knowledge gives businesses, particularly those with employees spread out in multiple locations, insights into how and when their precious network resources are being used, and how to maximize them. Filtering gives them the knowledge they need to protect against an endless stream of destructive security threats, and it protects their valuable and sensitive assets by monitoring and reporting on the content flowing in and out. But monitoring and filtering are only half the equation. Just as important are http://www.compliancehome.com/whitepapers/FDA/abstract10439.html Thu, 28 Jun 2007 00:00:00 CST http://www.compliancehome.com/whitepapers/FDA/abstract10438.html Methods employed by hackers are changing. They are often more varied and more organized, and, increasingly, the intent is to steal corporate or personal information for monetary gain. For years, the bulk of security problems came via infected e-mail attachments. But today, hackers are using other conduits to deliver malicious software. Some are preying on the constant stream of newly discovered operating systems and application vulnerabilities to exploit security weaknesses. Others are using instant messaging and peer-to-peer connections. And still others are using phishing or other methods to lure users to rogue Web sites that automatically download Trojans and spyware as soon as the user visits such a site. http://www.compliancehome.com/whitepapers/FDA/abstract10438.html Thu, 28 Jun 2007 00:00:00 CST http://www.compliancehome.com/whitepapers/FDA/abstract10437.html As a hosted Web conferencing service, Microsoft Office Live Meeting recognizes and respects the responsibility it assumes on behalf of its clients to ensure the security of all meetings and associated stored content. A hosted meeting service must make this security obligation to its customers its number-one priority. Microsoft continues to invest significantly in technology and human processes to help ensure a reliable, secure, and highly scalable service. In this report, youll learn why Live Meeting is a reliable, secure, and scalable solution for delivering real-time Web-based meetings and online collaboration. Explore Live Meetings real-time communication platform that provides proven 99.99 percent uptime availability and always-on SSL encryption. Provides an overview of Microsofts approach to providing a hosted, secure online meeting environment, including: o Access Control o Content Control o Creating and managing persistent content o Physical Security Measures o Software Secur http://www.compliancehome.com/whitepapers/FDA/abstract10437.html Mon, 25 Jun 2007 00:00:00 CST http://www.compliancehome.com/whitepapers/FDA/abstract10456.html This white paper discusses how many organizations are struggling with the massive changes in data storage requirements that have transpired over the last decade. The almost exponential growth of business critical data from email, e-commerce, and electronic systems shows no sign of decreasing. With relatively new data types such as voice and video now in use, enterprise storage administrators will soon have to manage petabytes of data. According to a recent study by the School of Information Management and Systems at the University of California at Berkeley, the world produces between 1 and 2 exabytes of unique information per year, which is roughly 250 megabytes for every man, woman, and child on earth. An exabyte is a billion gigabytes and printed documents of all kinds comprise only .003 percent of the total. Magnetic storage is by far the largest medium for storing information and is the most rapidly growing, with shipped hard-drive capacity doubling every year. Magnetic storage is http://www.compliancehome.com/whitepapers/FDA/abstract10456.html Mon, 25 Jun 2007 00:00:00 CST http://www.compliancehome.com/whitepapers/FDA/abstract10453.html In many companies, lost or stolen data goes unnoticed until a serious problem points to the security breach. Is your company one of them? While security risks are high in most companies, there is good news. In this J. Gold Associates white paper, youll learn how to: Mitigate security risks and provide a safe environment for critical data; Meet the diverse needs of an ever-expanding mobile workforce; Learn how to accomplish these goals cost-effectively; and Deploy a successful mobile strategy without further taxing your overburdened IT organization. With data loss on the rise, penalties increasing, and a growing proliferation of mandates and regulations from state and federal governments, now is the time for your company to take action. Learn how to formulate and deploy a mobile security strategy now! Download the free white paper now. http://www.compliancehome.com/whitepapers/FDA/abstract10453.html Mon, 25 Jun 2007 00:00:00 CST http://www.compliancehome.com/whitepapers/FDA/abstract10452.html According to most estimates, first-year efforts to comply with the Sarbanes Oxley Act of 2002, widely known as SOX, tended to overcompensate by trying to cover too many controls. Stacks of manual assessments and spreadsheets were produced at a very high cost. According to Ernst & Young, first-year SOX filers spent 70 percent of their time resolving deficiencies in IT controls in order to pass SOX audits.1 In the second year of SOX activity, financial report filers still spent 60 to 65 percent of their time resolving IT deficiencies in order to pass SOX audits, and again experienced significant increases in personnel costs as they completed their final SOX audits. Research reveals major success factors for SOX compliance Recent research conducted among organizations in North America and around the world helps illuminate what appears to be working when it comes to SOX compliance. Organizations with the least IT control deficiencies: 1. Deliver continuous training to employees while ens http://www.compliancehome.com/whitepapers/FDA/abstract10452.html Mon, 25 Jun 2007 00:00:00 CST http://www.compliancehome.com/whitepapers/FDA/abstract10451.html Protecting intellectual property and confidential personal, financial, and business information is a business priority, and often a legal requirement. To secure their data and ensure that only authorized people have access to it, organizations use a variety of access management disciplines. Access management includes identity management solutions that control permissions for critical data stores by managing Access Control Lists (ACLs). But identity management solutions in isolation risk access inflation, workarounds, and coverage gaps. Comprehensive access management deploys identity management within a framework that includes disciplines for data protection, integration with hiring and promotion, and especially monitoring. Monitoring augments access management with a second line of defense, protection against unanticipated threats, a source of feedback for the continuous improvement of access management practices, and an audit trail. The transition to comprehensive access management d http://www.compliancehome.com/whitepapers/FDA/abstract10451.html Mon, 25 Jun 2007 00:00:00 CST http://www.compliancehome.com/whitepapers/FDA/abstract10450.html The managed state of an organizations individual endpoints plays a critical role in the overall security and availability of its IT infrastructure and related business operations. The new wave of sophisticated crimeware not only targets specific companies, but it also targets desktops and laptops as backdoor entryways into those enterprises business operations and valuable resources. To safeguard themselves against these targeted threats, organizations must have a means to guarantee that each endpoint continually complies with corporate security and configuration management policies. Failure to guarantee endpoint policy compliance leaves organizations vulnerable to a wide array of threats, including the proliferation of malicious code throughout the enterprise, disruption of business-critical services, increased IT recovery and management costs, exposure of confidential information, damage to corporate brand, and regulatory fines due to non-compliance. Symantec Network Access Control http://www.compliancehome.com/whitepapers/FDA/abstract10450.html Mon, 25 Jun 2007 00:00:00 CST http://www.compliancehome.com/whitepapers/FDA/abstract10449.html Only 12 percent of organizationsabout one in tenare experiencing fewer than three losses of sensitive data in the past year. For all other institutionsalmost 90 percentdata loss rates are higher. The leading organizationsthose with the fewest losses of sensitive dataare spending more time, employing multiple IT controls, and monitoring compliance with their policies weekly, to significantly reduce the loss of sensitive data. In fact, leading organizations are uniquely: Employing multiple IT controls to help protect sensitive data Monitoring and measuring controls and procedures to protect data once every four days While best-in-class organizations are monitoring and measuring controls and procedures to protect sensitive data once a week, most firms are conducting such measurements only once in a blue moon: at best, once every 176 days. Furthermore, all other organizations are either ignoring the use of IT controls to protect sensitive data or are selectively employing only a http://www.compliancehome.com/whitepapers/FDA/abstract10449.html Mon, 25 Jun 2007 00:00:00 CST http://www.compliancehome.com/whitepapers/FDA/abstract10448.html Organizations today face a threat landscape that involves stealthy, targeted, and financially motivated attacks that exploit vulnerabilities in endpoint devices. Many of these sophisticated threats can evade traditional security solutions, leaving organizations vulnerable to data theft and manipulation, disruption of business-critical services, and damage to corporate brand and reputation. To stay ahead of this emerging breed of stealthy and resilient security threats, organizations must advance their endpoint protection. Symantec Endpoint Protection enables organizations to take a more holistic and effective approach to protecting their endpointslaptops, desktops, and servers. It combines five essential security technologies to proactively deliver the highest level of protection against known and unknown threats, including viruses, worms, Trojan horses, spyware, adware, rootkits, and zero day attacks. This offering combines industry-leading antivirus, antispyware, and firewall with a http://www.compliancehome.com/whitepapers/FDA/abstract10448.html Mon, 25 Jun 2007 00:00:00 CST http://www.compliancehome.com/whitepapers/FDA/abstract10446.html Messaging management is becoming more difficult thanks to the growing malware threat. At the same time, messaging system administrators are under enormous pressure to push their messaging infrastructures to do more than ever, including archiving messaging content for regulatory compliance, archiving to support legal discovery and for overall litigation support, providing services to a growing body of mobile users, ensuring continuity by making the messaging system more reliable, and managing policies for message encryption. The problem caused by viruses, worms and spam continues to build. Zombie networks are generating record levels of spam and viruses, and phishing poses a serious and growing threat to personal information that can lead to enormous financial losses. A signature-based approach to virus detection no longer provides adequate protection. This trend is driving the need for zero-day virus protection. Hosted solutions, such as those offered by Microsoft Exchange Hosted Servi http://www.compliancehome.com/whitepapers/FDA/abstract10446.html Mon, 25 Jun 2007 00:00:00 CST http://www.compliancehome.com/whitepapers/FDA/abstract10445.html Veritas NetBackup Enterprise Server delivers high-performance data protection that scales to protect the largest UNIX, Windows, Linux, and NetWare environments. Offering complete protection from desktop to data center to vault, NetBackup software offers a single management tool to consolidate all backup and recovery operations, while providing cutting-edge management, alerting, reporting, and troubleshooting technologies. NetBackup helps organizations take advantage of both tape and disk storage with its advances in disk- and snapshot-based protection, off-site media management, and automated disaster recovery. For the ultimate in data protection, NetBackup offers data encryption that transmits and stores data using the latest encryption technologies on the market today. To reduce the impact on business-critical systems, NetBackup software provides online database- and application-aware backup and recovery solutions for all leading databases and applications. http://www.compliancehome.com/whitepapers/FDA/abstract10445.html Mon, 25 Jun 2007 00:00:00 CST http://www.compliancehome.com/whitepapers/FDA/abstract10442.html This white paper will show you the importance of PC management and the benefits of building an internal PC management infrastructure. Most small and medium businesses do not have the IT staff and tools to treat desktop management issues with the attention they deserve. IT shops in small and medium sized companies are generally over-taxed and doing the best they can to keep the IT infrastructure running smoothly. Budgets are much smaller than those of their large enterprise counterparts, staffing is limited, and toolsets are few and far between. Too often manual processes and http://www.compliancehome.com/whitepapers/FDA/abstract10442.html Mon, 25 Jun 2007 00:00:00 CST http://www.compliancehome.com/whitepapers/FDA/abstract10441.html Historically, tape has been the archival medium of choice. Today, tape continues to enjoy a reputation as the lowest cost option for archive and compliance needs. Dramatic decreases in the price of disk storage combined with the mounting costs of managing, vaulting (either on-site or off-site), and retrieving information from tape has made disk-based archive and compliance an attractive alternative for todays archive solutions. As part of the ideal architecture, disk-based archive and compliance solutions provide a huge advantage in cost and time efficiency. A typical disk-based archive and compliance architecture includes the core storage system, a unified operating system, and support for multiple protocols. It must be able to scale to meet growth demands, and it must be flexible enough to run primary and secondary storage on the same machine (a single-box solution). http://www.compliancehome.com/whitepapers/FDA/abstract10441.html Thu, 21 Jun 2007 00:00:00 CST http://www.compliancehome.com/whitepapers/FDA/abstract10444.html In a survey of over 1,000 users conducted by junkfax.org, the average grade for spam filters was B-. Today there is an arms race between spammers and traditional anti-spam vendors. So far, spammers are winning the battle over the email inbox with average spam blocking effectiveness at only 90%. With low blocking rates from the dozens of companies offering anti-spam solutions it is no wonder spam is still one of IT managements most pressing issues. This should be no surprise when you look at how current Anti-Spam technologies work and you consider spams economic impact. According to Ferris Research, the cost of spam for a typical organization without a spam filter reaches over $500 per user per year. Even with a spam filter in place blocking 90% of all inbound spam, the cost per user per year is $140. Over 50% of this cost is attributed to lost user productivity time users spend on reviewing and deleting messages. The other two cost elements are IT costs and help-desk costs. http://www.compliancehome.com/whitepapers/FDA/abstract10444.html