http://www.compliancehome.com/ ComplianceHome is one of the Web's largest library of resources for compliance management of HIPAA, SOX, FISMA, GLBA, FDA, FFIEC, Basel II, OSHA and ISO 27002/17799. Visit our directories which are the best source on White papers, related news articles, resources on the web, training, webinars, conferences, rules & regulation overview, ask the expert, job and search on vendors, solutions & products. http://www.compliancehome.com/images/rsslogo.gif http://www.compliancehome.com/ en-us Mon, 18 Jul 2011 00:00:00 CST http://www.compliancehome.com/whitepapers/FISMA/abstract12010.html With the increase of advanced persistent threats combined with the need for cost savings, the Federal Government is undertaking a dramatic shift in its cybersecurity strategy and annual security risk reporting. The Federal Information Security Management Act (FISMA) requires agencies to report performance measures defined by the Office of Management and Budget (OMB). In 2010, OMB released the CyberScope system and updated FISMA reporting guidance for federal agencies. The purpose of this paper is to provide a perspective on this new guidance and the impacts on federal agencies that must collect and provide data for these performance measures. http://www.compliancehome.com/whitepapers/FISMA/abstract12010.html Fri, 18 Jun 2010 00:00:00 CST http://www.compliancehome.com/whitepapers/FISMA/abstract11979.html NIST SP 800-53 includes several sections that specify requirements for managing passwords used in the datacenter. While many agencies have investigated password management from the end-user perspective, few have addressed the need to manage passwords for elevated privilege accounts used by administrators and unattended applications. An organized, workable approach to managing these passwords is critical. http://www.compliancehome.com/whitepapers/FISMA/abstract11979.html Fri, 18 Jun 2010 00:00:00 CST http://www.compliancehome.com/whitepapers/FISMA/abstract11978.html FISMA compliance is a complex process due to the broad scope and diversity of federal information systems. However, the core identity and access management requirements come down to common sense and well established principles that can be addressed through a strategy of centralized management and policy enforcement. http://www.compliancehome.com/whitepapers/FISMA/abstract11978.html Mon, 07 Jun 2010 00:00:00 CST http://www.compliancehome.com/whitepapers/FISMA/abstract11969.html Be sure your site is in compliance with government data regulations by reading about the different data regulatory standards in this white paper. Learn more today! http://www.compliancehome.com/whitepapers/FISMA/abstract11969.html Mon, 17 May 2010 00:00:00 CST http://www.compliancehome.com/whitepapers/FISMA/abstract11954.html AB Paving is a leading paving services & professional paving contractor in Burnaby BC. It provides Commercial paving services, residential paving services, landscaping services, paving maintenance, driveway sealing. http://www.compliancehome.com/whitepapers/FISMA/abstract11954.html Mon, 17 May 2010 00:00:00 CST http://www.compliancehome.com/whitepapers/FISMA/abstract11952.html John Buchanan is a trusted Criminal Defence Lawyer based in Vancouver BC. With 25 years of experience in the Criminal Law services, John Buchanan offers professional and quality legal services as a Criminal Defence Lawyer for Vancouver and adjoining areas in British Columbia. http://www.compliancehome.com/whitepapers/FISMA/abstract11952.html Mon, 17 May 2010 00:00:00 CST http://www.compliancehome.com/whitepapers/FISMA/abstract11951.html Commercial cleaning services are important for proper cleaning of offices and industrial places. They have a growing need in most industries and businesses. http://www.compliancehome.com/whitepapers/FISMA/abstract11951.html Sat, 27 Mar 2010 00:00:00 CST http://www.compliancehome.com/whitepapers/FISMA/abstract11907.html The Federal Information Security Management Act (FISMA) requires federal agencies to protect their information infrastructures against vulnerabilities and attacks and implement automated monitoring of their information security measures and controls. To help agencies comply with FISMA, a team of cyber-security experts from Defense, Energy, Homeland Security's US-CERT, GAO, Transportation, HHS, and other organizations have published the Consensus Audit Guidelines, which identifies 20 security controls that are important for blocking attacks. This paper explains how Quest Software can help meet the requirements of 11 of these controls. http://www.compliancehome.com/whitepapers/FISMA/abstract11907.html Sat, 27 Mar 2010 00:00:00 CST http://www.compliancehome.com/whitepapers/FISMA/abstract11906.html The Federal Information Security Management Act of provides a comprehensive framework for ensuring effective information security controls for all federal information and assets. The Act aims to bolster computer and network security within the Federal Government and affiliated parties such as contractors by mandating periodic audits. Based on this framework, FISMA mandates that all government agencies report their overall security posture to the Office of Management and Budget (OMB), which in turn reports to Congress annually. http://www.compliancehome.com/whitepapers/FISMA/abstract11906.html Thu, 18 Mar 2010 00:00:00 CST http://www.compliancehome.com/whitepapers/FISMA/abstract11891.html The Federal Information Security Management Act of 2002 (FISMA) was passed with the purpose of improving computer and network security at government agencies and government contractors. The Act called for increased security standards and yearly audits of the systems and processes, and tasked the National Institute of Standards and Technology (NIST) to come up with a set of standards and guidelines, in effect a set of documents that provide a framework for risk management, security and compliance. The NIST approach is to have agencies and contractors adopt a risk based approach - to independently assess systems, decide on security controls from NIST supplied guidelines, and then authorize the use of the system, with subsequent periodic reviews and reauthorization. http://www.compliancehome.com/whitepapers/FISMA/abstract11891.html Sun, 14 Feb 2010 00:00:00 CST http://www.compliancehome.com/whitepapers/FISMA/abstract11853.html These are the questions that every company asks before making a decision for a security and information management (SIEM) solution. It's easy to understand why: selecting the right SIEM solution can do more for your brand and your bottom line than most other IT decisions. Logging and event management are essential to governance and risk, not to mention a mandate for compliance with standards like PCI DSS and FISMA. Companies and agencies eventually outgrow the in house developed tools, the vendor tools with limited scope and the low cost products solved only 50% of the problem. Reading this paper prepares you for evaluating all the alternatives, including Intellitactics, and for selecting the one that works best for you. http://www.compliancehome.com/whitepapers/FISMA/abstract11853.html Mon, 18 Jan 2010 00:00:00 CST http://www.compliancehome.com/whitepapers/FISMA/abstract11820.html The antivirus industry currently serves numerous vertical sectors and has done so for many years with great success. This report provides the information necessary to determine where antivirus solutions may help an organization to comply with the regulatory requirements. http://www.compliancehome.com/whitepapers/FISMA/abstract11820.html Mon, 11 Jan 2010 00:00:00 CST http://www.compliancehome.com/whitepapers/FISMA/abstract11808.html The E-Government Act, passed into law in December 2002, recognized that information security is essential to protect the nation's economic and national security interests. Title III of the E-Government Act, the Federal Information Security Management Act (FISMA), requires United States government agencies to develop, document and implement programs to protect the confidentiality, integrity and availability of IT systems. http://www.compliancehome.com/whitepapers/FISMA/abstract11808.html Sun, 03 Jan 2010 00:00:00 CST http://www.compliancehome.com/whitepapers/FISMA/abstract11800.html Risk assessments are widely understood to be the cornerstone (or even the foundation) of any security program. The risk assessment is a classic process, originally developed by the Defense and intelligence communities, to not only assess the risk of SOMETHING a process, a facility a data center, a system; but to also detail cost effective solutions to whatever problems are uncovered and rank those potential solutions by Return On Investment. http://www.compliancehome.com/whitepapers/FISMA/abstract11800.html Tue, 22 Dec 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/FISMA/abstract11785.html Safeguarding personally identifiable information in the possession of the government and preventing its breach are essential to ensure the government retains the trust of the American public. This is a responsibility shared by officials accountable for administering operational and privacy and security programs, legal counsel, Agencies' Inspectors General and other law enforcement, and public and legislative affairs. It is also a function of applicable laws, such as the Federal Information Security Management Act of 2002 (FISMA) and the Privacy Act of 1974. (Clay Johnson III, Deputy Director for Management, Office of Management and Budget). http://www.compliancehome.com/whitepapers/FISMA/abstract11785.html Thu, 17 Dec 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/FISMA/abstract11768.html If information is allowed to become stale, operations can be disrupted. However, for the same reasons that the information flow should not be allowed to stagnate, changes should not go unwatched. Those aspects of company life that IT is entrusted with are easier to change than other structures. However, the consequences of adverse changes can be as detrimental and expensive to correct as physical damage. In addition, IT staff has to deal with compliance. SOX, HIPPA, GLBA, and FISMA compliance measures are not dictated by internal needs, but still have to be considered for the enterprise to function smoothly. http://www.compliancehome.com/whitepapers/FISMA/abstract11768.html Thu, 17 Dec 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/FISMA/abstract11767.html It is essential to understand that the FDCC is a detailed extension of a subset of the general security requirements previously imposed by Federal Information Security Management Act of 2002 (FISMA). In fact, FDCC presupposes that an implementing agency has already complied with the more general and fundamental network security requirements enumerated by NISF in Special Publication 800-53, and later made part of the Federal Information Processing Standard (FIPS) 200. Consequently, the NIST 800-68 document that describes FDCC requirements is simply a more detailed version of NIST 8Q3-S3 principles. http://www.compliancehome.com/whitepapers/FISMA/abstract11767.html Fri, 11 Dec 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/FISMA/abstract11761.html Recognizing the importance of securing federal systems and data, Congress passed the Federal Information Security Management Act (FIMSA) in 2002. The act requires federal agencies develop, document and implement agency-wide information security programs to protect the confidentiality, integrity and availability of the data and systems that support government operations and assets. http://www.compliancehome.com/whitepapers/FISMA/abstract11761.html Fri, 11 Dec 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/FISMA/abstract11757.html With growing threats to industrial, financial and personal information security, there has been an influx of regulation and legislation designed to improve the way that institutions handle sensitive data. This is especially true in areas that are directly related to information privacy and security: the Payment Card Industry (PCI); the Sarbanes-Oxley Act (SOX); the Gramm-Leach-Bliley Act (GLBA); the Federal Information Security Management Act (FISMA); and the Health Insurance Portability & Accountability Act (HIPAA). To satisfy these new regulations, companies are required to deploy systems, policies, and programs that enforce information security, information control, and information monitoring and reporting capabilities for corporate assets. http://www.compliancehome.com/whitepapers/FISMA/abstract11757.html Fri, 04 Dec 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/FISMA/abstract11751.html In 2002, Congress passed the E-Government Act, containing the Federal Information Security Management Act (FISMA). This law requires federal agencies - and the foundations, educational institutions, and organizations that receive federal funds to develop, document, and implement information security programs to protect the confidentiality, integrity and availability of the data and systems that support agency operations and assets. Generating, collecting and reporting FISMA results each year remains tedious and time-consuming - often requiring complicated, manual processes. Download this report and find out how Tripwire can help federal agencies and the organizations that store, process or transmit federal information become more efficient and secure while achieving compliance. http://www.compliancehome.com/whitepapers/FISMA/abstract11751.html Fri, 27 Nov 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/FISMA/abstract11729.html IT staff has to deal with regulations compliance. SOX, HIPAA, GLBA, and FISMA compliance measures are not dictated by internal needs but still have to be considered so the enterprise can function smoothly. This white paper describes approaches to change auditing for the most widespread database management technology used by businesses today: Microsoft SQL Server. http://www.compliancehome.com/whitepapers/FISMA/abstract11729.html Fri, 27 Nov 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/FISMA/abstract11716.html Compliance with regulations like such as SOX, PCI DSS, and FISMA does not need to be the resource drain that it often becomes in organizations. The key is avoiding a Dform over function approach and focusing on the real intent of the requirements, which are actually well aligned with most organizations' business objectives. Armed with the right perspective and knowledge, the IT professional will be able to capitalize on the effort and technology investments made in the name of compliance to further IT's mission to deliver business value and reduce costs. http://www.compliancehome.com/whitepapers/FISMA/abstract11716.html Mon, 09 Nov 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/FISMA/abstract11697.html Increased assessment, reporting and compliance requirements are going to be difficult to manage from year to year, and organizations without the right strategy, will face a significant increase in costs to audit and report on compliance annually. http://www.compliancehome.com/whitepapers/FISMA/abstract11697.html Tue, 03 Nov 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/FISMA/abstract11688.html Industry standards and government regulations such as Sarbanes-Oxley, PCI-DSS, HIPAA, Gramm-Leach-Bliley Act, and FISMA require organizations to constantly strengthen the protection of mission-critical information. With billions of dollars of annual losses attributed to security breaches, corporations are under pressure to eliminate non-secure legacy systems. This paper explores the business and technical reasons why companies should stop using FTP and discusses alternatives for organizations to achieve fast and secure file transfers through Open Text Secure Server and Open Text SecureTerm software solutions. http://www.compliancehome.com/whitepapers/FISMA/abstract11688.html Sat, 03 Oct 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/FISMA/abstract11664.html Tripwire has long been an important tool for federal agency IT departments, offering an iron-clad defense, or foundation for a layered compliance and security strategy. This guide is intended to show how Tripwire Enterprise can continue to help federal agencies, as well as the organizations that store, process or transmit federal information, and the contractors that do business with the federal government, by providing an automated method for meeting many of the most critical regulatory IT security standards of FISMA compliance. http://www.compliancehome.com/whitepapers/FISMA/abstract11664.html Fri, 25 Sep 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/FISMA/abstract11658.html With new attention on recent security breaches of federal information systems, President Obama has issued a mandate that these systems undergo an immediate review for cyber security. But federal government agencies face numerous challenges, including the fact that FISMA compliance is often viewed as a time-consuming exercise that generates mountains of paperwork, but still doesn't protect systems. http://www.compliancehome.com/whitepapers/FISMA/abstract11658.html Tue, 22 Sep 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/FISMA/abstract11656.html Complying with FISMA requirements can be tough. It's almost always time consuming, costly, and complex and for some agencies it seems impossible to achieve. A recent GAO congressional report says that most agencies continue to have security weaknesses in major categories of controls. This puts U.S. economic and national security interests at risk. In fact, with the growing sophistication of security attacks, we've actually seen a dramatic rise in security incidents reported by agencies over the past few years. If you're one of these agencies that's still struggling to achieve FISMA compliance, maybe it's time to jumpstart your risk management program. http://www.compliancehome.com/whitepapers/FISMA/abstract11656.html Thu, 03 Sep 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/FISMA/abstract11628.html Most organizations spend 30-50% more on compliance than they should 1. No matter the industry, with regulations such as GLBA, PCI, FISMA, SOX, and other regulations and mandates, it seems nobody is immune to scrutiny - but why spend so much more than what is necessary? In order to reduce the burden of an IT audit, you must understand the costs involved to demonstrate due care, which can be almost as harrowing as the fines and litigation costs for non-compliance. If your organization continues to rely on ad hoc, manual and disjointed compliance and audit processes - which is the norm in many health care organizations today - you can be sure that your IT audits will be expensive and inefficient. Recent research has noted that organizations struggle with as many as 40,000 spreadsheets for just one compliance purpose(2). If you must support multiple regulations, mandates and internal policies, the amount of spreadsheets will surely get out of hand, ensuring inaccuracies and forcing you to http://www.compliancehome.com/whitepapers/FISMA/abstract11628.html Mon, 03 Aug 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/FISMA/abstract11598.html Abstract The Federal Information Security Management Act of 2002 (FISMA) is an important part of the E-Government Act, enacted by the one hundred and seventh Congress, and is intended to bolster the security of information systems used within the Federal Government. FISMA requires every federal agency to develop, document, and implement agency-wide programs to provide security for the information and information systems that support the operations and assets of the agency. This paper provides an in-depth analysis of FISMA. It examines specific aspects of the Act, including the FISMA compliance framework and supporting standards. The paper gives an analysis of the security controls and procedures that FISMA requires and provides guidelines for implementation. Finally, the report details the specific information needed by federal Chief Information Officers to ensure compliance for their agencies. http://www.compliancehome.com/whitepapers/FISMA/abstract11598.html Tue, 21 Jul 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/FISMA/abstract11574.html The Federal Information Security Management Act of 2002 (FISMA) was passed with the purpose of improving computer and network security at government agencies and government contractors. The Act called for increased security standards and yearly audits of the systems and processes, and tasked the National Institute of Standards and Technology (NIST) to come up with a set of standards and guidelines, in effect a set of documents that provide a framework for risk management, security and compliance. The NIST approach is to have agencies and contractors adopt a risk based approach - to independently assess systems, decide on security controls from NIST supplied guidelines, and then authorize the use of the system, with subsequent periodic reviews and reauthorization. http://www.compliancehome.com/whitepapers/FISMA/abstract11574.html Sun, 12 Jul 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/FISMA/abstract11559.html Information security - also known as Information Assurance (IA) is one of the most pressing issues for American defense. Because of the highly networked nature of the current computing environment, the threat to the confidentiality, integrity, and availability of the country's information is a matter of national security. Congress passed FISMA (Federal Information Security Management Act) to ensure information security and to provide effective oversight for the protection of all federal operations and assets. The law requires all federal agencies to implement policies and procedures to that end and to report their progress annually to Congress. http://www.compliancehome.com/whitepapers/FISMA/abstract11559.html Sun, 12 Jul 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/FISMA/abstract11558.html The Federal Desktop Core Configuration (FDCC) is an Office of Management and Budget (OMB) mandated security configuration set applicable within United States Federal Government agencies. Private enterprises may also choose to utilize this established framework as a foundation for their own security configuration baselines. All federal agencies that utilize or plan an upgrade to either Windows XP or Vista must report compliance, with FDCC reporting requirements dictated by the standard FISMA reporting guidance. The FDCC specific configuration requirements are generally based on the http://www.compliancehome.com/whitepapers/FISMA/abstract11558.html Fri, 03 Jul 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/FISMA/abstract11542.html Getting control over desktop PCs is fast becoming a major strategic objective of CIOs and IT departments. There is no doubt that a fully controlled PC is easier to manage and therefore much less expensive, but there are actually several factors that are forcing companies to do away with overly lenient policies and strengthen their management capabilities of their Windows infrastructure http://www.compliancehome.com/whitepapers/FISMA/abstract11542.html Wed, 10 Jun 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/FISMA/abstract11510.html To satisfy regulatory requirements and better protect their networks, many organizations are turning to Security Information Management (SIM) tools. By collecting, correlating and reporting security events from firewalls, IDS/IPS devices, servers and other data sources across the network, SIM technology enables defense-in-depth. http://www.compliancehome.com/whitepapers/FISMA/abstract11510.html Tue, 09 Jun 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/FISMA/abstract11507.html As a life sciences company, issues of governance, risk, and compliance (GRC) touch on nearly everything you do. But many organizations approach GRC in an ad hoc manner - implementing point solutions, one after another, in response to regulatory demands as they arise. This approach is inefficient and costly. It also leads to the proliferation of silos and a lack of transparency concerning compliance issues. A more effective approach is to institutionalize GRC throughout the global enterprise. This is where SAP solutions for governance, risk, and compliance can help. http://www.compliancehome.com/whitepapers/FISMA/abstract11507.html Thu, 04 Jun 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/FISMA/abstract11506.html This whitepaper examines the requirements of Federal Information Security Management Act (FISMA) and associated NIST security standards that define the Federal Government information security framework. When Government uses outsourcing, managed services or contracted services (Cloud computing, SaaS, etc) approaches for business services or technology solutions, commercial providers must meet government security standards. A common industry assessment standard used is known as the Statement of Auditing Standards (SAS) No. 70. The objective of this paper is to contrast the SAS 70 assessment method to the FISMA requirements and NIST standards to highlight the differences and gaps which Federal government agencies must be aware and solution providers must address. http://www.compliancehome.com/whitepapers/FISMA/abstract11506.html Thu, 04 Jun 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/FISMA/abstract11505.html This whitepaper examines the security threats and information technology (IT) security requirements associated with FISMA and NIST for contracted IT services, websites, outsourced business processing and on-demand applications. When Government agencies contract for these services, agency Chief Information Officers (CIO), Chief Information Security Officers (CISO) and System Owners must ensure that Federal government information and services are adequately protected and in compliance with a series of national security policies and standards. This paper provides a checklist for system owners and security professionals to assist in reviewing current contracts and aid in planning for new acquisitions. Industry standard alternatives to the Federal government security frameworks are also presented as a means to aid in determining potential usage. Solutions are provided to enable Federal agency personnel responsible for IT, contracts, and business operations to perform these assessments, reme http://www.compliancehome.com/whitepapers/FISMA/abstract11505.html Wed, 20 May 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/FISMA/abstract11479.html Each month many companies, big or small, well known or unknown, experience a data security loss with the potential exposure of thousands to millions of sensitive customer or employee records. Recent regulatory actions have made such losses much more onerous. Corporations need to reduce the financial risks of a security breach as well as protect their brand reputation. As such, corporate management is looking to CIOs to minimize these risks with effective security for all sensitive corporate data, wherever it may reside. http://www.compliancehome.com/whitepapers/FISMA/abstract11479.html Mon, 11 May 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/FISMA/abstract11445.html In this white paper, Varonis maps out a set of guidelines to ensure your business acts in accordance with the Federal Information Security Management Act (FISMA). Varonis presents web-based products to assist businesses' enforcement and monitoring of data. By providing a progressive step-by-step strategy and software to help organizations successfully control, protect, and audit the use of unstructured data, Varonis has become the leading innovator in data governance. http://www.compliancehome.com/whitepapers/FISMA/abstract11445.html Fri, 08 May 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/FISMA/abstract11430.html There are many key drivers for application security, such as managing the high levels of complexity in rapidly changing IT environments as well as regulatory and compliance demands. With recent high profile breaches and their consequences in the headlines, the direct line between insecure software and data insecurity has never been more clear. As a result, organizations with a strong commitment to data integrity and privacy are taking concrete, measurable steps to ensure the software systems that control data are developed securely. http://www.compliancehome.com/whitepapers/FISMA/abstract11430.html Tue, 05 May 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/FISMA/abstract11408.html In this paper we will explore the meaning of GRC, how information technology (IT) GRC creates value within an organization, and why Intrusion Prevention Systems are a key part of a successful IT GRC strategy. As we begin to explore these IT GRC and Intrusion Prevention System (IPS) practices, think about your companys current GRC and IPS practices. Maybe you havent started a formal GRC program or automated IPS solution yet. Perhaps you are researching how to improve on your existing efforts. No matter where you are with your IT GRC and IPS initiatives, it is important that we have a common awareness of how the right technology and human resources can enable your success. http://www.compliancehome.com/whitepapers/FISMA/abstract11408.html Mon, 13 Apr 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/FISMA/abstract11309.html Instant messaging (IM) and other real-time communications are widely used throughout most enterprises today, but their use remains largely unmanaged. That puts organizations at risk for loss of intellectual property and crucial data, rising costs around e-discovery, fines for noncompliance, legal exposure from inappropriate use, and network vulnerabilities resulting from unauthorized access. To mitigate real-time communications risks and maintain accountability, organizations must secure buy-in from top management, establish strong policies for message archiving and appropriate use, and adopt good tools to enforce those policies. This paper identifies key concerns and identifies six steps to improve control over organizational use of real-time communications. http://www.compliancehome.com/whitepapers/FISMA/abstract11309.html Mon, 13 Apr 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/FISMA/abstract11308.html GettingcontroloverdesktopPCsisfastbecomingamajorstrategicobjectiveofCIOsandITdepartments.Thereisnodoubtthatafully controlled PC is easier to manage and therefore much less expensive, but there are actually several factors that are forcing companies to do away with overly lenient policies and strengthen their management capabilities of their Windows infrastructure. http://www.compliancehome.com/whitepapers/FISMA/abstract11308.html Wed, 08 Apr 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/FISMA/abstract11284.html One of the latest trends in IT security has been the shift in focus toward data-centric protection. Data is the most valuable asset an IT department must protect, and technology has evolved to meet this requirement. Encryption technology and data leakage protection solutions, which tend to rely heavily on content filtering technology, have helped shore up many organizations data stores, but the problem is that as companies adjust their data protection strategies they have fallen prey to a number of misconceptions about data protection. http://www.compliancehome.com/whitepapers/FISMA/abstract11284.html Tue, 07 Apr 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/FISMA/abstract11280.html Mid-market companies were early SaaS adopters and have been using SaaS and cloud applications on a large scale for more than five years to deliver enterprise CRM, ERP and HR functionality. Today SaaS is mainstream as larger enterprises have adopted SaaS and a more sophisticated business-in-the-cloud model. By 2010, 65% of U.S. companies with more than $100 million in yearly revenue are forecasted to be using SaaS1. Today, half of all large enterprises have two or more SaaS applications in use. http://www.compliancehome.com/whitepapers/FISMA/abstract11280.html Tue, 07 Apr 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/FISMA/abstract11277.html How much do you trust the data?What happens if you use outdated information? Do you have complete visibility and insight into your business activities? Download this White Paper today for the answers to these questions and to explore how Informatica can help your organization to manage Governance, Risk, and Compliance with complete and trusted information. With advice and knowledge from real-world customer success stories, this White Paper will help you to understand how to reduce the cost of producing timely and trusted data for Governance, Risk and Compliance while improving business efficiency. http://www.compliancehome.com/whitepapers/FISMA/abstract11277.html Tue, 07 Apr 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/FISMA/abstract11275.html Is there really a solution out there that can give your organization the vulnerability assessment solution that would satisfy its technical and reporting needs? Find out in this Executive Health Magazine article How Integrated Threat Management Eases Compliance Risks written by Carol Weiszmann and Susan Messenheimer.The article points out that all organizations affected by HIPAA, Gramm Leach Bliley, and FISMA are required to assess their risks. However, the protocol for doing this is complex and difficult. Integrated threat management solutions that carry built-in best-practices configuration settings as a default can go a long way to helping companies assess their risks and reduce them without spending a lot of money on consultants. http://www.compliancehome.com/whitepapers/FISMA/abstract11275.html Mon, 06 Apr 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/FISMA/abstract11272.html Data encryption is a http://www.compliancehome.com/whitepapers/FISMA/abstract11272.html Fri, 03 Apr 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/FISMA/abstract11264.html Failure to comply with the Gramm-Leach-Bliley Act of 1999 is not a trivial issue. Also known as the Financial Modernization Act, it can shut a business down until compliance can be demonstrated to the inspectors' satisfaction. Regulatory agencies have the authority to levy fines and/or suspend an institution's charter for failure to comply, which can cripple a company in this current economic climate. To ensure compliance with this powerful regulation, your organization needs to adopt three GLBA-defined measures for effective security: physical, administrative and technical measures.Check out this solution brief and discover how configuration audit and control solutions assist in GLBA compliance and how they are compatible with other security measures recommended in by various regulators' guidelines. http://www.compliancehome.com/whitepapers/FISMA/abstract11264.html Fri, 03 Apr 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/FISMA/abstract11260.html The increased demands of regulatory compliance are causing IT security managers to review their access governance policies and procedures with an eye toward improving efficiency while reducing the complexity and cost associated with demonstrating compliance. Within many organizations, however, regulatory compliance is simply regarded as a sunk cost. This narrow perspective can obscure the true value of investing in technologies that strengthen, automate, and streamline access governance.In fact, meeting compliance requirements and reducing costs are not the only compelling reasons for investing in access governance. http://www.compliancehome.com/whitepapers/FISMA/abstract11260.html