http://www.compliancehome.com/ ComplianceHome is one of the Web's largest library of resources for compliance management of HIPAA, SOX, FISMA, GLBA, FDA, FFIEC, Basel II, OSHA and ISO 27002/17799. Visit our directories which are the best source on White papers, related news articles, resources on the web, training, webinars, conferences, rules & regulation overview, ask the expert, job and search on vendors, solutions & products. http://www.compliancehome.com/images/rsslogo.gif http://www.compliancehome.com/ en-us Wed, 20 Oct 2010 00:00:00 CST http://www.compliancehome.com/whitepapers/GLBA/abstract12000.html Penetration Testing should do more than assess the external network for obvious flaws. Discover how enhancing the penetration testing process will ultimately lead to a stronger and more compliant security posture. http://www.compliancehome.com/whitepapers/GLBA/abstract12000.html Fri, 18 Jun 2010 00:00:00 CST http://www.compliancehome.com/whitepapers/GLBA/abstract11975.html Today, when you make decisions about information technology (IT) security priorities, you must often strike a careful balance between business risk, impact, and likelihood of incidents, and the costs of prevention or cleanup. Historically, the most well-understood variable in this equation was the methods that hackers used to disrupt or invade the system. Protective security became the natural focus, and the level of protection was measured by evaluating defensive resiliency against live or simulated attacks. This protection has proven to be insufficient, as the escalating frequency and impact of successful exploits are proving that IT assets are not yet secure. The ever-changing landscape at the application infrastructure layer likely leaves you inadequately informed as to where and how your data might be exposed. So where can you turn next to help protect the security of your critical data assets? Since 75 - 90 percent of all Internet attacks are targeting the application layer, it i http://www.compliancehome.com/whitepapers/GLBA/abstract11975.html Tue, 25 May 2010 00:00:00 CST http://www.compliancehome.com/whitepapers/GLBA/abstract11961.html The global economy is pushing businesses in virtually every industry to work faster and smarter. The company that cant respond to a customer need almost immediately is destined to lose out to a more nimble competitor that can meet that need. It comes down to agility how fast a company can adapt to change and respond to demands. This white paper discusses the issues important in designing a process for user-to-user secure file transfer that simultaneously enhances business agility while ensuring that your methods for handling private information adhere to your security and privacy policies. The solution described in this white paper has been chosen by numerous companies in industries that are regulated by Sarbanes-Oxley, HIPAA and other legislation in order to increase their security posture. Read this white paper to learn more http://www.compliancehome.com/whitepapers/GLBA/abstract11961.html Tue, 25 May 2010 00:00:00 CST http://www.compliancehome.com/whitepapers/GLBA/abstract11960.html When it comes to your employees' use of the Internet, it isnt wise to underestimate the potential for damage to your organization. From a network used by dedicated scientific intellectuals devoted to honest research, the Internet has grown to become the worlds biggest clearinghouse for information of all kinds. At the same time, it has become a haven for inappropriate behavior and systems attacks, as well as posing a liability for any company that doesnt appropriately manage their employees' Internet use. Due to the serious nature of many threats, the Internet use of even one unmonitored employee on a single unmanaged system can ravage a companys internal network, irrevocably delete critical data, and ultimately ruin the companys ability to conduct business. Situations like this arent works of fiction, but actual everyday occurrences for organizations with unprotected networks. Read this white paper to learn more about how to protect your organization from these threats. http://www.compliancehome.com/whitepapers/GLBA/abstract11960.html Tue, 25 May 2010 00:00:00 CST http://www.compliancehome.com/whitepapers/GLBA/abstract11959.html Protecting information assetsconfidential intellectual property, sensitive customer data, financial information or private patient informationcontinues to be a top-of-mind issue for all enterprises. A data breach that reveals sensitive information can be costly and devastate the reputation of your organization. There are ways to avoid the situation with the improved ability to secure email attachments and other file transfers. Read this whitepaper to learn about the issues important in selecting a solution for user-to-user secure file transfer that ensures methods for handling sensitive information, adherence to security and privacy policies, and compliance with government mandates for sensitive data handling. Learn how Accellion Secure File Transfer meets these requirements for secure file transfer and seamlessly supports business process agility. http://www.compliancehome.com/whitepapers/GLBA/abstract11959.html Mon, 03 May 2010 00:00:00 CST http://www.compliancehome.com/whitepapers/GLBA/abstract11937.html Just like wired networks, 802.11 wireless LANs require network policies that are designed, implemented, and enforced to maximize network performance and reduce exposure to the inherent security flaws in 802.11 wireless LANs. The many benefits and expected return on investment of a wireless LAN can be wiped out if a security and management policy is not in place and enforced. This paper is designed to guide network administrators and security managers to design, implement, and enforce wireless LAN security policies that enable every organization to fully reap the benefits of wireless LANs without experiencing undue management pains and security holes. This paper will also cover how organizations can comply with regulatory policies like HIPAA, PCI, GLBA - Safeguards Rule, DoD 8100.2, Sarbanes-Oxley Act etc. http://www.compliancehome.com/whitepapers/GLBA/abstract11937.html Sat, 27 Mar 2010 00:00:00 CST http://www.compliancehome.com/whitepapers/GLBA/abstract11896.html Most financial institutions lack internal resources or the technical expertise necessary to identify all of the risks to information security, making a correct evaluation of risk extremely difficult if not impossible. Therefore, without knowing where threats exist, or their potential severity, within their information systems, a financial institution is ill prepared to combat a threat, mitigate the costs of a breach or even face a Federal or State examiners prying eyes. This white paper explains the value of having qualified experts properly identify and evaluate information risk through a comprehensive risk assessment. It also shows how developing a continuous risk management program, thus continuous compliance, can benefit the entire organization in a cost-effective manner. http://www.compliancehome.com/whitepapers/GLBA/abstract11896.html Mon, 15 Mar 2010 00:00:00 CST http://www.compliancehome.com/whitepapers/GLBA/abstract11883.html Driven by an accelerated increase in identity theft, consumer fraud, and other personal informationrelated thefts, industry groups and federal and state governments have taken aggressive steps to hold companies and their management accountable for confidential information disclosures. Similarly, enterprises are facing significant challenges in preventing the theft or accidental disclosure of intellectual property (IP) and corporate trade secrets. Ultimately, the challenge of establishing and implementing effective personal information and IP protection solutions falls upon the shoulders of IT management and staff. Securing personally identifiable information (PII) and IP has become a high priority for enterprise management and IT. Read this IDC paper to learn more. http://www.compliancehome.com/whitepapers/GLBA/abstract11883.html Mon, 01 Feb 2010 00:00:00 CST http://www.compliancehome.com/whitepapers/GLBA/abstract11832.html One of the major challenges faced by the enterprise is the re-identification of de-identified data that leads to Data Disclosure. This paper discusses the scenarios which bring the need for de-identification of data and what leads to the data disclosure of such deidentified data .The paper aims to share insights that help Data Custodians in an enterprise, Security Auditor, Risk and Compliance Group, Data Security Subject Matter Expert and the curious minds of the database world. http://www.compliancehome.com/whitepapers/GLBA/abstract11832.html Mon, 18 Jan 2010 00:00:00 CST http://www.compliancehome.com/whitepapers/GLBA/abstract11820.html The antivirus industry currently serves numerous vertical sectors and has done so for many years with great success. This report provides the information necessary to determine where antivirus solutions may help an organization to comply with the regulatory requirements. http://www.compliancehome.com/whitepapers/GLBA/abstract11820.html Sun, 03 Jan 2010 00:00:00 CST http://www.compliancehome.com/whitepapers/GLBA/abstract11800.html Risk assessments are widely understood to be the cornerstone (or even the foundation) of any security program. The risk assessment is a classic process, originally developed by the Defense and intelligence communities, to not only assess the risk of SOMETHING a process, a facility a data center, a system; but to also detail cost effective solutions to whatever problems are uncovered and rank those potential solutions by Return On Investment. http://www.compliancehome.com/whitepapers/GLBA/abstract11800.html Tue, 29 Dec 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/GLBA/abstract11795.html Security provisions of Gramm-Leach-Bliley Act are complex and process intensive. Our free guide explains how on-demand security audits makes Gramm-Leach-Bliley Act compliance easier to achieve. http://www.compliancehome.com/whitepapers/GLBA/abstract11795.html Tue, 29 Dec 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/GLBA/abstract11793.html Today, there is an undeniable, urgent need for businesses and individuals to know whos on the other end of their transactions, to trust that entity, and to be confident that the information they share is safe with them. Identity management holds the answers to these needs. By providing everything required to effectively manage identities across traditional business boundaries, identity management makes it possible to securely deliver the right resources to the right people at the right time and in the right context. In this way, it can enable businesses to dramatically accelerate growth while leaving competitors far behindand to do so safely and securely. If you are currently evaluating identity management solutions, this guide will provide the information and tools to help you make the right decision. http://www.compliancehome.com/whitepapers/GLBA/abstract11793.html Thu, 17 Dec 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/GLBA/abstract11771.html Off late information security and technology risk management was relegated to the back office or basement operations of most financial institutions3. Today, with the passage of legislation such as the 1999 Gramm-Leach-Bliley Act (GLBA) and the subsequent GLBA Security rule that took affect in 2001, information security and technology risk management are subjects upon which the board and senior management must be actively involved and aware, especially in the instance of material events such as a system disruption from unauthorized access to a bank's network, data breach, cyber terrorism, or a natural disaster that may threaten the safety, soundness, and security of the institution and its customer information. http://www.compliancehome.com/whitepapers/GLBA/abstract11771.html Thu, 17 Dec 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/GLBA/abstract11770.html The Securities and Exchange Commission (SEC) currently has a series of Safeguards and Disposal Rules (Section 30a of Regulation S-P) that requires institutions to adopt written policies and procedures to safeguard customer records and information. The safeguards are required to be reasonably designed to meet the objectives of the Gramm-Leach-Bliley Act ( http://www.compliancehome.com/whitepapers/GLBA/abstract11770.html Thu, 17 Dec 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/GLBA/abstract11769.html Compliance with regulations such as Sarbanes-Oxley, PCI, HIPAA and GLBA requires regular audit reporting against critical Information Technology (IT) assets. This white paper outlines the key items that need to be reviewed on AS/400 (now called System i) for both configuration data and transactional log information from the audit journal http://www.compliancehome.com/whitepapers/GLBA/abstract11769.html Thu, 17 Dec 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/GLBA/abstract11768.html If information is allowed to become stale, operations can be disrupted. However, for the same reasons that the information flow should not be allowed to stagnate, changes should not go unwatched. Those aspects of company life that IT is entrusted with are easier to change than other structures. However, the consequences of adverse changes can be as detrimental and expensive to correct as physical damage. In addition, IT staff has to deal with compliance. SOX, HIPPA, GLBA, and FISMA compliance measures are not dictated by internal needs, but still have to be considered for the enterprise to function smoothly. http://www.compliancehome.com/whitepapers/GLBA/abstract11768.html Fri, 11 Dec 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/GLBA/abstract11757.html With growing threats to industrial, financial and personal information security, there has been an influx of regulation and legislation designed to improve the way that institutions handle sensitive data. This is especially true in areas that are directly related to information privacy and security: the Payment Card Industry (PCI); the Sarbanes-Oxley Act (SOX); the Gramm-Leach-Bliley Act (GLBA); the Federal Information Security Management Act (FISMA); and the Health Insurance Portability & Accountability Act (HIPAA). To satisfy these new regulations, companies are required to deploy systems, policies, and programs that enforce information security, information control, and information monitoring and reporting capabilities for corporate assets. http://www.compliancehome.com/whitepapers/GLBA/abstract11757.html Fri, 11 Dec 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/GLBA/abstract11752.html There's a problem with the widespread distribution of administrator rights in your organization, and it has nothing to do with security. That problem is compliance: Compliance with the industry, governmental, and regulatory statutes that define certain configurations within your IT infrastructure. Although many of those configurations are mandated to enforce a greater level of security control, your job as an IT professional is to ensure their fulfillment. However, similar to the tradeoffs we endure between strong security and total usability, the solid implementation of a compliant configuration often requires a reduction in user flexibility, administrative capability, and merely getting the job of IT done. Nowhere is this more prevalent than in compliances role in reducing the power and spread of administrative rights. http://www.compliancehome.com/whitepapers/GLBA/abstract11752.html Fri, 04 Dec 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/GLBA/abstract11741.html As if financial institutions did not have enough compliance worries, a new international standard - Basel II - now looms on the compliance horizon. Unlike other laws and standards affecting financial institutions in the US and overseas such as the Gramm-Leach-Bliley Act ( http://www.compliancehome.com/whitepapers/GLBA/abstract11741.html Fri, 27 Nov 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/GLBA/abstract11734.html Rebooting the global financial system may take years. The international move to new regulatory organizations will require financial institutions to change the way they do business. No one knows exactly how the system will change yet, but one thing is certain: financial institutions will be required to protect the security and confidentiality of customer information. The Gramm-Leach-Bliley Act (GLBA) of 1999 (P.L. 106-102) defines guidelines and standards for safeguarding customer information. These rules apply to all financial institutions doing business in the U.S. New laws and financial regulations for the coming reboot may change GLBA, but increasing threats to customer data will only guarantee tighter security requirements. http://www.compliancehome.com/whitepapers/GLBA/abstract11734.html Fri, 27 Nov 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/GLBA/abstract11729.html IT staff has to deal with regulations compliance. SOX, HIPAA, GLBA, and FISMA compliance measures are not dictated by internal needs but still have to be considered so the enterprise can function smoothly. This white paper describes approaches to change auditing for the most widespread database management technology used by businesses today: Microsoft SQL Server. http://www.compliancehome.com/whitepapers/GLBA/abstract11729.html Tue, 03 Nov 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/GLBA/abstract11688.html Industry standards and government regulations such as Sarbanes-Oxley, PCI-DSS, HIPAA, Gramm-Leach-Bliley Act, and FISMA require organizations to constantly strengthen the protection of mission-critical information. With billions of dollars of annual losses attributed to security breaches, corporations are under pressure to eliminate non-secure legacy systems. This paper explores the business and technical reasons why companies should stop using FTP and discusses alternatives for organizations to achieve fast and secure file transfers through Open Text Secure Server and Open Text SecureTerm software solutions. http://www.compliancehome.com/whitepapers/GLBA/abstract11688.html Tue, 03 Nov 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/GLBA/abstract11685.html SOX. HIPAA. GLBA. Basel II. NERC. Each mandate carries a unique set of challenges for compliance- especially when it comes to access control and data management. As IT management looks for better answers, the advantages of cloud-based, two-factor authentication continue to gain favor. This paper looks at some common regulations and presents the argument for in-the-cloud authentication as the most advantageous response to these access control related requirements. It also presents a practical solution for addressing these regulations. http://www.compliancehome.com/whitepapers/GLBA/abstract11685.html Wed, 07 Oct 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/GLBA/abstract11670.html The Gramm-Leach-Bliley Act (GLBA) was introduced into U.S. law in 1999. The main intent of the GLBA was to open up financial markets by repealing some portions of the Glass-Steagall Act of 1933. A secondary objective of the act was to ensure the privacy and protection of individual financial information by requiring financial institutions to institute appropriate controls and procedures. These requirements have introduced additional complexity into the operations of these organizations and have forced them to rethink how they store, transmit, and dispose of customer data. This paper will illustrate how Red Hat Enterprise Virtualization for Desktops can help organizations comply with specific GLBA mandates while increasing overall efficiency and agility. http://www.compliancehome.com/whitepapers/GLBA/abstract11670.html Wed, 07 Oct 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/GLBA/abstract11669.html In most organizations, an estimated 83 percent of all communications are electronic, with the vast majority of those communications going through an email system. In a 2004 survey of 840 U.S. companies, 21 percent of respondents had their email and instant message data subpoenaed, up from 14 percent in 2003. The cost of providing this data can easily run into the hundreds of thousands of dollars, for which the organization may be solely responsible. Besides the legal concern, regulatory compliance requirements, like those covered in HIPPA, Sarbanes-Oxley (SOX), and the Gramm-Leach-Bliley Act (GLBA), increase the need for a message archiving and retention solution. The last factor in supporting the need for such a solution is the IT overhead involved with the ever increasing size of mailboxes and messaging databases. http://www.compliancehome.com/whitepapers/GLBA/abstract11669.html Mon, 21 Sep 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/GLBA/abstract11652.html IBM System i customers need to meet regulatory requirements to secure the transfer of data over the Internet and on internal networks. Alliance All-Ways Secure provides strong PGP Command Line 9 encryption, secure FTP, and Secure Shell (SSH) sFTP transfer support to meet these regulations. Alliance All-Ways Secure provides strong PGP Command Line 9 encryption, secure FTP, and Secure Shell (SSH) sFTP, and automated operations to meet regulatory requirements to protect sensitive data. You can satisfy PCI, HIPAA, GLBA, Privacy Notification, and all other data security regulations that require encrypted transfer of your most sensitive data. http://www.compliancehome.com/whitepapers/GLBA/abstract11652.html Tue, 08 Sep 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/GLBA/abstract11634.html All over the world, in the past five years, corporate e-mail messages have become classified as http://www.compliancehome.com/whitepapers/GLBA/abstract11634.html Thu, 03 Sep 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/GLBA/abstract11629.html Many business activities require access to real production data, but there are equally many that do not. Data masking secures enterprise data by eliminating sensitive information, while maintaining data realism and integrity. Many Fortune 500 companies have already integrated data masking into their PCI DSS and GLBA compliance programs, and so can you. Learn http://www.compliancehome.com/whitepapers/GLBA/abstract11629.html Thu, 03 Sep 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/GLBA/abstract11628.html Most organizations spend 30-50% more on compliance than they should 1. No matter the industry, with regulations such as GLBA, PCI, FISMA, SOX, and other regulations and mandates, it seems nobody is immune to scrutiny - but why spend so much more than what is necessary? In order to reduce the burden of an IT audit, you must understand the costs involved to demonstrate due care, which can be almost as harrowing as the fines and litigation costs for non-compliance. If your organization continues to rely on ad hoc, manual and disjointed compliance and audit processes - which is the norm in many health care organizations today - you can be sure that your IT audits will be expensive and inefficient. Recent research has noted that organizations struggle with as many as 40,000 spreadsheets for just one compliance purpose(2). If you must support multiple regulations, mandates and internal policies, the amount of spreadsheets will surely get out of hand, ensuring inaccuracies and forcing you to http://www.compliancehome.com/whitepapers/GLBA/abstract11628.html Mon, 31 Aug 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/GLBA/abstract11624.html The modern corporation is using web based infrastructures in many ways to conduct business across the enterprise and around the globe. Whether it is with customers, partners or employees, the Internet provides instant access and global reach at a fraction of the cost of traditional channels. However, doing business via the Internet presents unique security challenges such as ensuring privacy, confirming identity, managing authorization and legitimizing business transactions. To address these issues, governments have enacted far-reaching privacy legislation and industries are mandating a growing list of new security requirements (GLBA, Sarbanes-Oxley, HIPAA, FDA 21 CFR Part 11, EU Data Privacy, EU Electronic Signature, etc. ). Increasingly, there is a need for web based solutions that provide instant global access, yet also provide security and privacy in a cost effective manner. This paper discusses the benefits that are unique to deploying the integrated solution of the Windows Server http://www.compliancehome.com/whitepapers/GLBA/abstract11624.html Tue, 04 Aug 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/GLBA/abstract11600.html Most of the worlds sensitive data is stored in commercial database systems such as Oracle, Microsoft SQL Server, IBM DB2 and Sybase making databases an increasingly favorite target for criminals. This may explain why SQL injection attacks jumped 134 percent in 2008, increasing from an average of a few thousand per day to several hundred thousand per day according to a recently-published report by IBM. This white paper discusses the 8 essential best practices that provide a holistic approach to both safeguarding databases and achieving compliance with key regulations such as SOX, PCI-DSS, GLBA and data protection laws. http://www.compliancehome.com/whitepapers/GLBA/abstract11600.html Sun, 12 Jul 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/GLBA/abstract11558.html The Federal Desktop Core Configuration (FDCC) is an Office of Management and Budget (OMB) mandated security configuration set applicable within United States Federal Government agencies. Private enterprises may also choose to utilize this established framework as a foundation for their own security configuration baselines. All federal agencies that utilize or plan an upgrade to either Windows XP or Vista must report compliance, with FDCC reporting requirements dictated by the standard FISMA reporting guidance. The FDCC specific configuration requirements are generally based on the http://www.compliancehome.com/whitepapers/GLBA/abstract11558.html Sun, 12 Jul 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/GLBA/abstract11555.html Among the more common analogies used to describe an email sent across the Internet is that it is like a message on a postcard that anyone can read along the way. However an email or file sent in a clear text offers much more exposure than a postcard because of the nature of the transmission itself. http://www.compliancehome.com/whitepapers/GLBA/abstract11555.html Mon, 06 Jul 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/GLBA/abstract11552.html The modern corporation is using web based infrastructures in many ways to conduct business across the enterprise and around the globe. Whether it is with customers, partners or employees, the Internet provides instant access and global reach at a fraction of the cost of traditional channels. However, doing business via the Internet presents unique security challenges such as ensuring privacy, confirming identity, managing authorization and legitimizing business transactions. To address these issues, governments have enacted far-reaching privacy legislation and industries are mandating a growing list of new security requirements (GLBA, Sarbanes-Oxley, HIPAA, FDA 21 CFR Part 11, EU Data Privacy, EU Electronic Signature, etc. ). Increasingly, there is a need for web based solutions that provide instant global access, yet also provide security and privacy in a cost effective manner. http://www.compliancehome.com/whitepapers/GLBA/abstract11552.html Fri, 26 Jun 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/GLBA/abstract11536.html Web-borne malware is now more common than malware that enters an organization through email. The number of Web sites discovered per day, that carry malware increased 400% in 2008. This drastic increase in infected sites can cause serious issues for your business. Organizations need to proactively protect their networks both by instituting acceptable usage policies for employee Web usage as well as implementing a solution to combat these malware intrusions. http://www.compliancehome.com/whitepapers/GLBA/abstract11536.html Tue, 23 Jun 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/GLBA/abstract11526.html The Obama Administration has proposed to Congress the most sweeping and fundamental regulatory reform of the U.S. financial and securities markets since the New Deal. The proposals goals are to regulate systemic risk, enhance transparency and disclosure, delink executive compensation from excessive risk, improve investor protection, and prevent regulatory arbitrage. The Administration has set forth detailed recommendations on the regulation of hedge funds and over-the-counter derivatives, including credit default swaps, as well as draft legislation on a new resolution authority to unwind failing securities and commodities firms. The Administration also recommends major corporate governance reforms, such as shareholder advisory votes on compensation and enhanced compensation committees. http://www.compliancehome.com/whitepapers/GLBA/abstract11526.html Wed, 17 Jun 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/GLBA/abstract11520.html A Simple, Cost-Effective Solution to Exchanging Confidential Information Over the Internet http://www.compliancehome.com/whitepapers/GLBA/abstract11520.html Wed, 10 Jun 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/GLBA/abstract11510.html To satisfy regulatory requirements and better protect their networks, many organizations are turning to Security Information Management (SIM) tools. By collecting, correlating and reporting security events from firewalls, IDS/IPS devices, servers and other data sources across the network, SIM technology enables defense-in-depth. http://www.compliancehome.com/whitepapers/GLBA/abstract11510.html Tue, 09 Jun 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/GLBA/abstract11507.html As a life sciences company, issues of governance, risk, and compliance (GRC) touch on nearly everything you do. But many organizations approach GRC in an ad hoc manner - implementing point solutions, one after another, in response to regulatory demands as they arise. This approach is inefficient and costly. It also leads to the proliferation of silos and a lack of transparency concerning compliance issues. A more effective approach is to institutionalize GRC throughout the global enterprise. This is where SAP solutions for governance, risk, and compliance can help. http://www.compliancehome.com/whitepapers/GLBA/abstract11507.html Thu, 28 May 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/GLBA/abstract11499.html Read this white paper to discover the current and emerging trends of stealth malware and protect your organization from potentially devastating data breaches. It covers new advances in network security technologies that use multi-phase heuristic and virtual machine analysis to detect and mitigate the damages that result from malware-related data thefts. Protect yourself from the Cyber Theft Pandemic! http://www.compliancehome.com/whitepapers/GLBA/abstract11499.html Tue, 26 May 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/GLBA/abstract11491.html We are beginning to see a trend of growing awareness around Web application security. The Payment Card Industry (PCI) Section 6.6 initiative is driving a lot of companies especially e-retailers to get compliant. However, the economic crisis, lack of awareness and understanding of the issues are holding some organizations back from moving forward with this initiative. Most of the regulations around compliance including PCI, GLBA, HIPAA, and others are not enforcing the regulations as strongly as they should. Many organizations don't want to take action unless they have been hacked or audited by one of the regulatory compliance bodies. http://www.compliancehome.com/whitepapers/GLBA/abstract11491.html Wed, 20 May 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/GLBA/abstract11479.html Each month many companies, big or small, well known or unknown, experience a data security loss with the potential exposure of thousands to millions of sensitive customer or employee records. Recent regulatory actions have made such losses much more onerous. Corporations need to reduce the financial risks of a security breach as well as protect their brand reputation. As such, corporate management is looking to CIOs to minimize these risks with effective security for all sensitive corporate data, wherever it may reside. http://www.compliancehome.com/whitepapers/GLBA/abstract11479.html Mon, 11 May 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/GLBA/abstract11446.html Lack of access controls in native UNIX/Linux operating systems prevents them from passing today's compliance audits. Security issues surrounding the practice of sharing access to privileged accounts and the absence of least-privilege access control makes accountability a near impossibility. Symark Software's PowerBroker enables IT departments to bring these systems into compliance with multiple mandates such as PCI DSS, SOX, HIPAA and GLBA. PowerBroker creates RBAC-like access control that simplifies and lowers the costs security administration across heterogeneous platforms. http://www.compliancehome.com/whitepapers/GLBA/abstract11446.html Mon, 11 May 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/GLBA/abstract11431.html This document introduces a unique database encryption and masking technology in one, which can vastly simplify data privacy, while mitigating data leakage at data level at a fraction of the cost, changing impact of all prior approaches. The fundamental technology is called AES Format-Preserving Encryption (FPE), which for the first time, allows encryption in place in databases and applications, without significant IT impact. Projects, formerly taking many months or years, can be completed in days to weeks. The Voltage SecureData product line, incorporating FPE, is agnostic of the data store and operating system, with convenient delivery and integration options suited to contemporary and legacy Enterprise IT systems, and with a 5 times reduction in time to success. http://www.compliancehome.com/whitepapers/GLBA/abstract11431.html Fri, 08 May 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/GLBA/abstract11429.html Companies rely on knowledge assets, such as product formulas and customer databases. VPNs and network monitors can protect proprietary information from outsiders; but, they wont do much to prevent access by internal users. With the popularity of wireless networks, USB drives and other portable devices, it's all too easy for insiders to leak key data. This white paper explains how Trend Micro LeakProof 3.0 protects sensitive data at rest, in use, and in motion. http://www.compliancehome.com/whitepapers/GLBA/abstract11429.html Fri, 08 May 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/GLBA/abstract11428.html Enterprise Content Management (ECM) provides critical capabilities for managing the documents, spreadsheets, reports, e-mails, Web pages, etc. that drive business operations. EMA research shows that ECM delivers numerous benefits, including easier information access, knowledge sharing and collaboration, improved productivity, competitive advantage, regulatory compliance, cost reduction, and more. http://www.compliancehome.com/whitepapers/GLBA/abstract11428.html Fri, 08 May 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/GLBA/abstract11423.html The data security challenges for financial enterprises have never been as challenging as they are in today's turbulent times. Not only must financial enterprises comply with regulations such as SOX, GBLA and PCI along with a multitude of state regulations concerning customer privacy and electronic data security, they must also guard against the staggering costsboth tangible and intangiblethat a security breach can incur. http://www.compliancehome.com/whitepapers/GLBA/abstract11423.html Wed, 06 May 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/GLBA/abstract11409.html Most organizations realize that the key to success lies in how well they manage dataand the banking industry is no exception. From customer statistics to strategic plans to employee communications, financial institutions are constantly juggling endless types of information. Not only does this data provide the basis for major corporate moves, it also impacts business on a more granular level by helping to maintain customer loyalty and improve staff productivity. Simply put, a bank's information is its lifeline. That's why it's critical for financial institutions to be able to access relevant data when it's needed most. http://www.compliancehome.com/whitepapers/GLBA/abstract11409.html Tue, 05 May 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/GLBA/abstract11408.html In this paper we will explore the meaning of GRC, how information technology (IT) GRC creates value within an organization, and why Intrusion Prevention Systems are a key part of a successful IT GRC strategy. As we begin to explore these IT GRC and Intrusion Prevention System (IPS) practices, think about your companys current GRC and IPS practices. Maybe you havent started a formal GRC program or automated IPS solution yet. Perhaps you are researching how to improve on your existing efforts. No matter where you are with your IT GRC and IPS initiatives, it is important that we have a common awareness of how the right technology and human resources can enable your success. http://www.compliancehome.com/whitepapers/GLBA/abstract11408.html