• Global CISOs Want Compliance to be Easier

    Posted October 12, 2010 - 5:33 pm

    Global businesses face tighter enforcement and more specific regulations, which are driving up costs and eroding security. A statement from one group demands changes, from governments that didn't listen to them the first time around.
  • Black Duck Buys One-Stop Dev Portal Coming

    Posted October 5, 2010 - 8:36 am

    Geeknet sold off to Black Duck Software today, raising the promise of a new centralized FOSS developer portal site coming soon.
  • Red Hat v. Oracle: Which is More Standards Compliant?

    Posted September 28, 2010 - 9:09 am

    While the community discussion ramps up for licensing compliance, how are these dualing enterprise Linux players faring with LSB compliance?
  • IBM bolsters business analytics unit with purchase of OpenPages

    Posted September 15, 2010 - 11:27 am

    Aiming to expand its business analytics capabilities to support compliance and risk management processes, IBM today announced it is purchasing Waltham, MA-based software vendor OpenPages. Terms of the deal for the privately held company were not disclosed. Naturally, the acquisition is contingent upon regulatory approval.
  • When Data Compliance and Cloud Computing Collide

    Posted September 10, 2010 - 2:05 pm

    On the crucial issue of data compliance, do you understand what you are responsible for versus your cloud service provider?
  • Why Microsoft is Being Nicer to Open Source

    Posted August 30, 2010 - 12:34 pm

    Companies and independent developers have been using open source for years now, with little regard to the old FUD that said "if you use this software, little Stallman-like demons will eat your soul!" But the growth of open source has led to some interesting scaling problems, and the reason why Microsoft no longer openly uses such FUD.
  • PCI DSS: 4 things to expect in the new version

    Posted July 14, 2010 - 7:42 am

    Every two years the PCI Security Standards Council (PCI SSC) issues a new version of the Payment Card Industry Data Security Standard (PCI DSS) as part of the lifecycle and feedback review process from a wide range of organizations. While no major changes are expected in the upcoming release, here's a rundown of the clarifications you'll see and what they mean to you.
  • Supreme Court's SOX decision may be non-event for IT

    Posted June 29, 2010 - 9:20 am

    Monday's Supreme Court decision on a lawsuit challenging the Sarbanes-Oxley Act financial regulations is unlikely to cause IT managers to change current strategies for complying with the law.
  • Where is Your Cloud? Four Compliance Best Practices

    Posted April 15, 2010 - 3:27 pm

    If you think the phrase "It's in the cloud" means that your data resides on the Internet and is thus accessible everywhere equally, think again. Most infrastructure-as-a-service (IaaS) cloud services share the same residence model as traditional hosting and outsourcing deployments -- they live in specific data centers in specific geographies. This means that customer data is generated and most likely stored in this physical location, giving it legal and privacy implications.
  • Average annual cost of PCI compliance audit? $225k

    Posted March 1, 2010 - 12:52 pm

    Merchants that undergo network audits to ensure compliance with the Payment Card Industry Data Security Standards are paying an average of $225,000 each year.
  • Compliance Under a Cloud

    Posted February 24, 2010 - 4:31 pm

    Cloud services buyers beware: vendors must address security regulations.
  • Five Security Missteps Made in the Name of Compliance

    Posted February 23, 2010 - 2:41 pm

    In the hurry to meet a regulatory compliance deadline, companies risk making some costly security mistakes. Here are five examples.
  • Managing software legal compliance

    Posted February 22, 2010 - 9:53 pm

    In the age of open source and large-scale outsourcing, ascertaining the legal compliance of software is just as important as assuring the quality before pressing it into production. Numerous legal cases have highlighted the business risks and enormous costs incurred when compliance is not done properly -- costs stemming from judicial procedures, recalls, fixing issues post-release and missed market opportunities.
  • With Security, You Must Regulate Thyself

    Posted December 11, 2009 - 11:59 am

    Internet security is a horizontal issue that we regulate vertically, and this is putting us all at risk.
  • Make your security investments do double duty

    Posted November 16, 2009 - 2:33 pm

    Yes, you can get additional ROI from security, business continuity, disaster recovery and compliance investments. Here are three ways to wring more value out of "uneventful" operations.
  • How to Stretch Your Security Dollar

    Posted October 22, 2009 - 11:41 am

    Getting additional ROI from security, business continuity, disaster recovery and compliance investments during "uneventful" operations is not unheard of, say experts. You just need to be creative. Here are some ways to make these critical investments work even harder.
  • Novell, SAP bring together security, compliance wares

    Posted October 17, 2009 - 10:13 pm

    Novell is integrating its security and identity software with governance, risk and compliance wares from SAP.
  • Security & Data Privacy Compliance Guide

    Posted September 14, 2009 - 11:42 am

    In today’s digital environment, it’s easier and more convenient than ever to share, access, and store data. Many organizations depend on technologies that make the data easily accessible and communicated to colleagues, partners, and clients in order to go about their daily business.
  • The Annual Audit Antidote

    Posted August 24, 2009 - 3:31 pm

    The season of annual corporate audits has arrived. If you listen closely, you’ll hear controllers and their staffs lacing up their running shoes, preparing for the marathon of scurrying facing them.
  • Microsoft charges Europeans double for Windows 7

    Posted June 28, 2009 - 7:34 pm

    Prices new OS at 41% to 100% more than in the U.S., but leaves out browser
  • Merchants Struggle to Comply With PCI Security In Economy

    Posted June 26, 2009 - 12:50 pm

    The heads of seven business organizations sent PCI Security Standards Council General Manager Bob Russo a cry for help earlier this month, saying the recession is making it "increasingly difficult" for merchants to meet the requirements of the Payment Card Industry's Data Security Standard (PCI DSS).
  • Complying with New Medicare Reporting Requirements

    Posted June 24, 2009 - 12:59 pm

    Insurance companies offering liability coverage, workers compensation, and those that are self insured have struggled to prepare for the new Medicare reporting requirements since the federal mandates were announced. Art Meadows, President and CEO of Panhandle Farmers Mutual Insurance Company shares tips for success.
  • Strengthening Compliance Initiatives with Enterprise Content Management (ECM)

    Posted June 24, 2009 - 11:55 am

    Regardless of your industry, there are specific areas where ECM can provide significant improvements to your compliance efforts as well as to your business processes.
  • Seven Tips to Help Insurers Guarantee Effective Enterprise-wide Data Searches

    Posted June 24, 2009 - 11:41 am

    In order to meet regulatory standards, efficient data collection across the enterprise is critical. Here are a few tips to help you stay afloat in the turbulent sea of changing regulations.
  • PCI DSS and storage of credit card data

    Posted June 23, 2009 - 5:06 pm

    The PCI (Payment Card Industry) Data Security Standard is all-encompassing, setting a standard for security and protective measures for merchants who store credit card information. Created by the credit card industry, the standard sets forth a set of core standards. From a security perspective, the standards are basic best practices.
Join us:






Join today!

See more content
Ask a Question