• PCI DSS and storage of credit card data

    Posted June 23, 2009 - 5:06 pm

    The PCI (Payment Card Industry) Data Security Standard is all-encompassing, setting a standard for security and protective measures for merchants who store credit card information. Created by the credit card industry, the standard sets forth a set of core standards. From a security perspective, the standards are basic best practices.
  • Casino Giant Doubles Down on Data Center Automation

    Posted June 8, 2009 - 9:48 am

    Who's gambling on big technology investments in this down economy? At first glance, you might not guess that it would be the Las Vegas Sands Company, the owner of the Venetian and Palazzo Resorts in Las Vegas and the Sands Macau in China.
  • Security and regulatory concerns slow some server virtualization efforts

    Posted May 28, 2009 - 9:31 am

    The Stanford Hospital & Clinics, part of Stanford University in Palo Alto, Calif., has shifted about half of its applications from traditional server platforms to VMware-based virtual machines (VM) -- and found it strongly impacted decision-making on security.
  • Information Systems Audit: The Basics

    Posted May 26, 2009 - 9:55 am

    Nowadays, information systems audit seems almost synonymous with information security control testing.
  • CA unveils Compliance Manager for z/OS for mainframe policy control

    Posted May 20, 2009 - 11:07 am

    CA Wednesday unveiled Compliance Manager for z/OS, software that works in tandem with any of three mainframe access-control products -- CA's Access Control Facility or Top Secret plus IBM's Resource Control Access Control Facility -- to boost real-time monitoring and policy control on data.
  • Compliance, backup, and recovery

    Posted May 15, 2009 - 4:07 pm

    Compliance with the ever-increasing array of legislative mandates presents a burden to management and IT staff alike. If you’re in financial services, you are bound by Gramm-Leach-Bliley; in health care, by HIPAA; or if you’re a publicly-held corporation, Sarbanes-Oxley. If you process credit card payments, there are PCI-DSS rules to consider.
  • Symantec sees slowdown in security sales

    Posted May 6, 2009 - 8:07 pm

    Symantec reports a $249 million loss, saying customers are moving away from multiyear licenses.
  • IT pros justify high-tech investments during downturn

    Posted May 5, 2009 - 4:14 pm

    IT professionals dealing with the economic downturn say some technologies warrant an investment even when budget dollars are tight.
  • Another Data Center Headache: Log Data Exploding

    Posted May 4, 2009 - 10:35 am

    While most companies use data centers to store their primary business information -- such as backups of important files and customer data -- real-time log data and unstructured transactional data are quickly becoming major issues as well. Most industries will face a significant data problem in the future, as compliance requirements force them to not only retain more data, but also make such data easily searchable.
  • Tasks you fear to outsource but should try

    Posted April 29, 2009 - 3:26 pm

    To save money, reconsider these ripe outsourcing opportunities you may have never (or were afraid to) put on the table.
  • Can security processes finally be automated?

    Posted April 29, 2009 - 9:38 am

    Automation of security is a concept with momentum this year as some of the larger federal agencies, including the DoD, NSA, Agriculture and Energy, are pushing for a new direction beyond the current FISMA audit mandate for compliance.
  • Areas Where IT Is Still Investing

    Posted April 16, 2009 - 4:29 pm

    By Cal Slemp, Protiviti

  • A Lesson in Compliance from the Chemical Industry

    Posted April 13, 2009 - 11:19 am

    In 2007, the Department of Homeland Security (DHS) introduced the Chemical Facility Anti-Terrorism Standards (CFATS), a rigorous program designed to protect high-risk chemical facilities from attacks. The legislation mandates that sites identified as "high-risk facilities" implement solutions, under the guidance of Risk-based Performance Standards (RBPS), to address gaps in safety and security. The penalties for non-compliance can range from hefty fines to total plant shutdowns.
  • Struggling with supersized storage

    Posted April 6, 2009 - 4:46 pm

    Tasty Baking Co. produces more than 4.8 million cakes, doughnuts, cookies and pies each day. And the Philadelphia-based snack food giant also manages to generate another crucial commodity -- computer data -- in equally impressive amounts. "It's something to be concerned about," says Brendan O'Malley, Tasty Baking's vice president and CIO.
  • When A Company Folds, Who Guards Your Data's Privacy?

    Posted March 2, 2009 - 10:10 am

    From HIPPA to Sarbox, a slew of regulations to protect customer and employee data force CIOs to step lively to comply. The punishment for failure to do so is costly and even dire. But once a company folds -- and more are folding every week given the economy -- what happens to that data?
  • Managing change

    Posted February 26, 2009 - 1:18 pm

    "Change and release control aren't optional any more. You must have adequate control of IT changes in order to stay compliant with governmental and industry regulations," says Larry Klosterboer, author of Implementing ITIL Change and Release Management. Here he offers advice for making change and release management a source of cost savings for your business.

  • "Proving nothing" cuts compliance costs

    Posted February 10, 2009 - 4:21 pm

    Using software to perform compliance tasks that would otherwise be done by hand may be an obvious way to drive down the costs of regulatory compliance. Less obvious, however, is what that software must do to maximize those savings — continuously monitor the source data of primary business applications.
  • The Case Against Cloud Computing, Part Two

    Posted February 2, 2009 - 10:44 am

    In speaking with a number of people involved with cloud computing, I found that they (rather paradoxically) discussed with great vigor all the barriers to enterprises adopting cloud computing. One such barrier: Cloud computing imposes legal, regulatory, and business risk.
  • Cloud computing and compliance: Be careful up there

    Posted January 30, 2009 - 12:22 pm

    Using the cloud for data processing and storage may have its advantages in terms of simplicity and cost, but ensuring regulatory compliance will not be nearly so simple.
  • Microsoft, Infosys focus on supply chain

    Posted January 29, 2009 - 6:01 pm

    Microsoft and IT services provider Infosys Technologies revealed on Thursday an alliance around improving supply chain visibility and collaboration.
  • E-discovery vendor revamps pricing model

    Posted January 21, 2009 - 5:44 pm

    E-discovery vendor Kazeon announced a range of new pricing models this week, including a usage-based license.
  • Resolution for 2009: Comply without Complaint

    Posted January 12, 2009 - 2:41 pm

    The new year promises to be full of regulatory reform, especially financial reform. It’s a top-tier issue for the incoming Obama administration, and it will almost certainly be embraced by the 111th Congress. So what does that mean for those of us in corporate America? It means that in 2009, we should resolve to comply without complaining.
  • The South West Regional Development Agency saves $40,000 by implementing Software Asset Management

    Posted January 12, 2009 - 11:50 am

    The South West RDA leads the development of a sustainable economy in South West England, investing to unlock the region’s business potential. With a core strategy focused on creating the conditions for productivity–led growth, South West RDA works in partnership with public and private sector organizations.
  • Security predictions for 2009

    Posted December 30, 2008 - 5:06 pm

    Though these predictions are based on primary research and many, many discussions with CSOs, they concern information security only and can be affected by external factors that are unpredictable (at least by me). Case in point: My predictions for 2008 did not take into account a severe downturn in the economy that was underway already at the beginning of the year. Let's hope that my 2009 predictions also miss the mark by assuming a continuation of economic difficulties that turn out to be less severe than predicted. Here goes:
  • Separating Backup and Archiving; Securing Your Digital Information

    Posted December 29, 2008 - 5:09 pm

    Today's companies are challenged not only with managing rapidly growing volumes of information that are spread across many technologies and geographies, but also with heightened regulatory and legal oversight on their information management – not to mention how to manage all of this amongst tightening IT budgets in a tough economy.
Join us:






Join today!

See more content
Ask a Question