http://www.compliancehome.com/ ComplianceHome is one of the Web's largest library of resources for compliance management of HIPAA, SOX, FISMA, GLBA, FDA, FFIEC, Basel II, OSHA and ISO 27002/17799. Visit our directories which are the best source on White papers, related news articles, resources on the web, training, webinars, conferences, rules & regulation overview, ask the expert, job and search on vendors, solutions & products. http://www.compliancehome.com/images/rsslogo.gif http://www.compliancehome.com/ en-us Tue, 26 Feb 2013 00:00:00 CST http://www.compliancehome.com/whitepapers/ISO-27002-(17799)/abstract12140.html Thi white paper describes about implementation of Access Control Service with an example http://www.compliancehome.com/whitepapers/ISO-27002-(17799)/abstract12140.html Sun, 14 Feb 2010 00:00:00 CST http://www.compliancehome.com/whitepapers/ISO-27002-(17799)/abstract11837.html The changing economy presents daunting challenges in information security. Companies are pressed to collaborate with more and more outside partners, and many business processes--due diligence, compliance, product development, sales, and marketing--involve sharing of confidential information. The demands for productivity and speed drive executives and project team members to share information outside the firewall, even in the absence of a safe collaboration platform--putting companies at risk of security breaches or data leakage. Several vendors offer online work spaces to meet the demand for safe, efficient document sharing. IT should define security policies and requirements for these collaborative spaces, ensure that they support existing security policies, and manage their implementation and integration with existing systems and applications. As fleeting opportunities arise suddenly, IT leaders can create competitive advantage for their companies by managing the process of setti http://www.compliancehome.com/whitepapers/ISO-27002-(17799)/abstract11837.html Sun, 03 Jan 2010 00:00:00 CST http://www.compliancehome.com/whitepapers/ISO-27002-(17799)/abstract11800.html Risk assessments are widely understood to be the cornerstone (or even the foundation) of any security program. The risk assessment is a classic process, originally developed by the Defense and intelligence communities, to not only assess the risk of SOMETHING a process, a facility a data center, a system; but to also detail cost effective solutions to whatever problems are uncovered and rank those potential solutions by Return On Investment. http://www.compliancehome.com/whitepapers/ISO-27002-(17799)/abstract11800.html Tue, 29 Dec 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/ISO-27002-(17799)/abstract11787.html Strategic business activities, especially those where a lot of money or even the companys future is at stake, usually involve a lot of people who do not work for the company, or at least not directly. These may include external board members or consultants; partners interested in a joint venture; or, increasingly, regulatory authorities. This is why digital documents relevant to these processes cannot be kept behind the companys firewall, as they must be able to circulate securely among the authorized project participants. http://www.compliancehome.com/whitepapers/ISO-27002-(17799)/abstract11787.html Fri, 11 Dec 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/ISO-27002-(17799)/abstract11760.html The objective of this whitepaper is to discuss some important Information Security management issues Organizations face when they are considering, or are in the middle of, Outsourcing their ICT environment to an external Service Provider. The issues discussed here are mostly related to closing or preventing the http://www.compliancehome.com/whitepapers/ISO-27002-(17799)/abstract11760.html Fri, 11 Dec 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/ISO-27002-(17799)/abstract11759.html The regulatory landscape for Information Security in Europe has grown ever more complex in recent years. As organisations, both public and private, recognise the inherent value of their information, and as the safety and reliability of electronic communications become ever more central to the ways in which it interacts with each other, business and public bodies, regulators have moved to ensure that those who collect, use and store this data do so in a manner which effectively protects it. http://www.compliancehome.com/whitepapers/ISO-27002-(17799)/abstract11759.html Fri, 04 Dec 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/ISO-27002-(17799)/abstract11742.html In the rush to meet regulatory or customer mandates, organizations have spent millions of dollars implementing security and compliance measures either issue by issue or regulation by regulation. This has resulted in an asset-centric security approach, where we focus on the IT infrastructure and make sure that this is secure. However, in the current versatile user community, a user is no longer bound to any single device. So, although assets still need to be kept secure, the need arises for a user-centric security approach, where security rules are aligned with the use of those assets. This white paper presents an overview of both the asset-centric and the user-centric approaches to security. These approaches will be mapped towards the standard for Information Security: ISO 17799. http://www.compliancehome.com/whitepapers/ISO-27002-(17799)/abstract11742.html Tue, 03 Nov 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/ISO-27002-(17799)/abstract11690.html This paper covers the implementation, disclosure and ongoing evaluation of internal controls for SOX compliance with a focus on the role of IT, as well as the penalties for non-compliance. http://www.compliancehome.com/whitepapers/ISO-27002-(17799)/abstract11690.html Tue, 03 Nov 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/ISO-27002-(17799)/abstract11689.html Much has been written and discussed about Enterprise Risk Management (ERM) as it relates to compliance, corporate governance, financial controls and the Sarbanes-Oxley Act of 2002 (SOX). Until now, there was very little available to the risk manager on how to apply ERM to day-to-day operations. http://www.compliancehome.com/whitepapers/ISO-27002-(17799)/abstract11689.html Wed, 07 Oct 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/ISO-27002-(17799)/abstract11669.html In most organizations, an estimated 83 percent of all communications are electronic, with the vast majority of those communications going through an email system. In a 2004 survey of 840 U.S. companies, 21 percent of respondents had their email and instant message data subpoenaed, up from 14 percent in 2003. The cost of providing this data can easily run into the hundreds of thousands of dollars, for which the organization may be solely responsible. Besides the legal concern, regulatory compliance requirements, like those covered in HIPPA, Sarbanes-Oxley (SOX), and the Gramm-Leach-Bliley Act (GLBA), increase the need for a message archiving and retention solution. The last factor in supporting the need for such a solution is the IT overhead involved with the ever increasing size of mailboxes and messaging databases. http://www.compliancehome.com/whitepapers/ISO-27002-(17799)/abstract11669.html Tue, 29 Sep 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/ISO-27002-(17799)/abstract11659.html This paper demonstrates how you can bring FTP into a modern framework which increases IT manageability, while decreasing security exposures and adhering to growing compliance/auditing requirements. http://www.compliancehome.com/whitepapers/ISO-27002-(17799)/abstract11659.html Tue, 22 Sep 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/ISO-27002-(17799)/abstract11654.html You've heard it a million times: Do more with less. It may be good business, but as budgets shrink and IT demands grow, you may start to wonder if the people who are saying http://www.compliancehome.com/whitepapers/ISO-27002-(17799)/abstract11654.html Fri, 14 Aug 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/ISO-27002-(17799)/abstract11607.html IT organizations have historically purchased job scheduling solutions with limited real-time visibility or application awareness that reduces the business alignment of this important technology asset. It is only during the past few years that IT executives have realized that batch processing of critical business applications requires a new paradigm - a paradigm that centers around automation and event-based scheduling that understands and integrates with the underlying business application. The need to move to a more dynamic automation-enabled IT strategy has never been more necessary; globalization, compliance assurance pressure, real-time consumer and enterprise expectations, and the need to align technology investments with business outcomes are key requirements for business success. http://www.compliancehome.com/whitepapers/ISO-27002-(17799)/abstract11607.html Thu, 23 Jul 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/ISO-27002-(17799)/abstract11579.html Enterprises today must comply with an increased number of regulations and industry standards affecting IT security. Often the same organization must adhere to more than one of these mandates. This white paper describes a phased approach for reaching regulatory compliance by using the PCI DSS (Payment Card Industry Data Security Standard) and the FTP protocol as examples. IT security and compliance are not a one-off goal that can be achieved as a single contained project, but a continuous process and a culture of operations, where changes to the security-critical aspects of the environment are carefully controlled and monitored with change control processes and tools. This will reduce the risk of introducing security vulnerabilities and gaps in compliance as side effects of ad hoc IT administration tasks. http://www.compliancehome.com/whitepapers/ISO-27002-(17799)/abstract11579.html Fri, 03 Jul 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/ISO-27002-(17799)/abstract11542.html Getting control over desktop PCs is fast becoming a major strategic objective of CIOs and IT departments. There is no doubt that a fully controlled PC is easier to manage and therefore much less expensive, but there are actually several factors that are forcing companies to do away with overly lenient policies and strengthen their management capabilities of their Windows infrastructure http://www.compliancehome.com/whitepapers/ISO-27002-(17799)/abstract11542.html Fri, 03 Jul 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/ISO-27002-(17799)/abstract11540.html It seems that IT administrators and security professionals are always receiving notification of new rules, regulations and compliance codes that fall under their purview. And just when the necessary adjustments have been made, priorities shifted and new technology purchased, the rules are changed - yet again. The Payment Card Industry Data Security Standard (PCI DSS) is no different. This resource provides IT security professionals with the information needed to understand PCI compliance and specifically, one of the standards latest requirements, 6.6. In addition, the paper offer tips for successful PCI 6.6 compliance and highlights compliance successes from real-world companies. http://www.compliancehome.com/whitepapers/ISO-27002-(17799)/abstract11540.html Thu, 18 Jun 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/ISO-27002-(17799)/abstract11523.html Protecting enterprise networks from the ever-growing list of malware, intruders, insider threats, and other risks has never been more challenging. Network security policies must be frequently monitored and updated to protect against the ever evolving threat landscape whilst still enabling growth in scale and complexity. As a result, managing security policy change processes and effectively enforcing configuration policy compliance imposes a significant burden on enterprise IT departments. There is a growing requirement to implement an automated approach to controlling and analyzing network security changes and configuration management processes throughout their entire life cycle. This white paper discusses the challenge of enforcing and maintaining security policies in large-scale enterprise networks. It introduces the concept of network security life cycle management, which can help organizations address the need to effectively control network security configuration and change proces http://www.compliancehome.com/whitepapers/ISO-27002-(17799)/abstract11523.html Wed, 17 Jun 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/ISO-27002-(17799)/abstract11518.html ITIL Version 3 Best Practices has expanded the concept of IT service delivery from day-to-day operations of those services to the Service Lifecycle. ITIL Version 3 Best Practices includes five lifecycle phases (each with its own guidebook): Strategy, Design, Transition (which covers implementation and change), Operations and Continual Improvement. At the strategy level, Version 3 Best Practices specifically invites the business manager into the process by asking IT to base the design, maintenance and evolution of IT services on the business objectives of the organization. http://www.compliancehome.com/whitepapers/ISO-27002-(17799)/abstract11518.html Wed, 17 Jun 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/ISO-27002-(17799)/abstract11517.html IT and business leaders today can no longer look at IT simply as a cost center, it is now a vital part of business success. Improving the efficiency of IT and improving the measurement of its impact on business performance are at the forefront of managers' concerns. Access to ITIL books can be instrumental in providing the methodology for IT improvement. ITIL Version 2 was influential in identifying the key processes of its time; however, those processesshaping Service Management have changed drastically. IT leaders can confirm Service Management means more than just supporting the end product; it means establishing and working through a Service Lifecycle.ITIL Version 3 Best Practices has expanded the concept of IT service delivery from day-to-day operations of those services to the Service Lifecycle. ITIL Version 3 Best Practices includes five lifecycle phases (each with its own guidebook): Strategy, Design, Transition (which covers implementation and change), Operations and Continual http://www.compliancehome.com/whitepapers/ISO-27002-(17799)/abstract11517.html Sun, 31 May 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/ISO-27002-(17799)/abstract11503.html Today's enterprise needs an identity and access management infrastructure that clearly aligns with its business strategies and leverages IT innovation to enable future growth. Sun Identity Management delivers low-cost, open-source software solutions that offer the flexibility, manageability, and cost-reducing benefits your business needs. http://www.compliancehome.com/whitepapers/ISO-27002-(17799)/abstract11503.html Thu, 28 May 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/ISO-27002-(17799)/abstract11499.html Read this white paper to discover the current and emerging trends of stealth malware and protect your organization from potentially devastating data breaches. It covers new advances in network security technologies that use multi-phase heuristic and virtual machine analysis to detect and mitigate the damages that result from malware-related data thefts. Protect yourself from the Cyber Theft Pandemic! http://www.compliancehome.com/whitepapers/ISO-27002-(17799)/abstract11499.html Tue, 26 May 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/ISO-27002-(17799)/abstract11492.html This whitepaper provides an overview of the challenges midsize organizations face, and how Oracle products can help them overcome those hurdles. Read this whitepaper to learn how midsize organizations like yours can use Oracle software to improve customer relations, minimize risk, deal with change, and make the most of your existing resources. http://www.compliancehome.com/whitepapers/ISO-27002-(17799)/abstract11492.html Thu, 21 May 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/ISO-27002-(17799)/abstract11484.html This ExecBlueprint discusses ways that IT can step into this new role and, in the process, improve its ability to execute technology solutions that will most optimally drive business growth and productivity. Here, four IT leaders share the challenges and opportunities their own departments have faced, and how they (and their staffs) have addressed company technology needs by developing more systematic project management strategies during meetings with cross functional teams where IT is viewed as a true partner not just a service provider http://www.compliancehome.com/whitepapers/ISO-27002-(17799)/abstract11484.html Wed, 20 May 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/ISO-27002-(17799)/abstract11479.html Each month many companies, big or small, well known or unknown, experience a data security loss with the potential exposure of thousands to millions of sensitive customer or employee records. Recent regulatory actions have made such losses much more onerous. Corporations need to reduce the financial risks of a security breach as well as protect their brand reputation. As such, corporate management is looking to CIOs to minimize these risks with effective security for all sensitive corporate data, wherever it may reside. http://www.compliancehome.com/whitepapers/ISO-27002-(17799)/abstract11479.html Wed, 20 May 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/ISO-27002-(17799)/abstract11472.html Messaging has rapidly become the one, true business critical application in use today by many, probably most, enterprises. Even more so than Enterprise Resource Planning or other cross-business applications, any failure in the messaging system is noticed by, and affects everyone. If a person cannot get an e-mail to or from another person then they are immediately in contact with the help desk to report the problem. Users are far less inclined to be forgiving when it comes to an e-mail outage; they just expect it to work. As working patterns change, the availability requirements of this mission critical system change with them. http://www.compliancehome.com/whitepapers/ISO-27002-(17799)/abstract11472.html Wed, 20 May 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/ISO-27002-(17799)/abstract11471.html This white paper discusses how to make the leap from basic asset tracking to a more robust asset management program that can improve decision-making and service levels, reduce costs and mitigate risks. The focus is the CA IT Asset Management solution's ability to accelerate your IT Asset Management program's maturity by providing asset ownership information (the complement to discovery information). This solution helps to consolidate and expand your discovery data, leveraging an easy-to-use rules-based hardware reconciliation engine and import tool. http://www.compliancehome.com/whitepapers/ISO-27002-(17799)/abstract11471.html Mon, 18 May 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/ISO-27002-(17799)/abstract11470.html In this white paper, our authors discuss their tips for understanding compliance, monitoring its implementation and impact, best practice for ensuring successful compliance, and ITs role. They also look to the future and the industry standards they believe will be coming soon. Ultimately, this will help explain what Sarbanes-Oxley can mean to your company and how its effective implementation can increase efficiencies and save costs with a visible effect on the bottom line. http://www.compliancehome.com/whitepapers/ISO-27002-(17799)/abstract11470.html Mon, 18 May 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/ISO-27002-(17799)/abstract11468.html Web Application Threats Are Evolving. Are Your Security Efforts Keeping Pace? Today, Web application security threats are not only becoming more abundant than ever, but also more difficult to detect, and more complex to solve. Many organizations are responding to these unique vulnerabilities with traditional network security approaches. However, sophisticated Web applications threats require a more sophisticated security strategy. Whats worked in the past wont necessarily work today; and whats more, Web application security requires a comprehensive solution, not simply a series of a la carte provisions. For detailed steps toward improving your Web application security strategy http://www.compliancehome.com/whitepapers/ISO-27002-(17799)/abstract11468.html Mon, 18 May 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/ISO-27002-(17799)/abstract11464.html This whitepaper provides an overview of the challenges midsize organizations face, and how Oracle products can help them overcome those hurdles. Read this whitepaper to learn how midsize organizations like yours can use Oracle software to improve customer relations, minimize risk, deal with change, and make the most of your existing resources. http://www.compliancehome.com/whitepapers/ISO-27002-(17799)/abstract11464.html Tue, 12 May 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/ISO-27002-(17799)/abstract11457.html Grant Thornton needed to streamline IT asset management and reduce asset drift across 49 offices. The company used Computrace by Absolute Software to recover and wipe data from laptops before end-of-lease. With Computrace, the company has reduced costs by increasing asset visibility to 100%. http://www.compliancehome.com/whitepapers/ISO-27002-(17799)/abstract11457.html Tue, 12 May 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/ISO-27002-(17799)/abstract11455.html Securing access to sensitive corporate and customer data is critical, especially in industries that require a regulatory-compliant environment. While two-factor authentication is an effective security solution, traditional two-factor systems have been difficult to implement and administer, leading to limited adoption. PhoneFactor uses any mobile phone (or landline) as the second authentication factor. PhoneFactor CTO Steve Dispensa explains their proven approach to two-factor authentication using out-of-band authentication with real-time fraud alerts to dramatically increase security. Learn how this technology works, how to implement it, and compare it to other two-factor authentication solutions available on the market today. http://www.compliancehome.com/whitepapers/ISO-27002-(17799)/abstract11455.html Tue, 12 May 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/ISO-27002-(17799)/abstract11452.html Compliance efforts and security concerns have driven businesses to make substantial investments in threat control. Too often, however, these efforts pay far too little heed to the risks posed by poorly controlled access to administrative privilege in IT, which can have a hugely disproportionate impact on the business. Without putting more effective controls on high-privilege access such as Unix or Linux root account, enterprises not only expose the most business-critical IT assets to the most fundamental level of risk, they also expose trustworthy administrators to the consequences of privilege abuse by others. Commodity tools such as sudo often have gaps in the level of control, scalability and support the enterprise realistically needs. In this paper, analysts examine a more comprehensive solution designed to close these gaps for the enterprise with provable control. http://www.compliancehome.com/whitepapers/ISO-27002-(17799)/abstract11452.html Tue, 12 May 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/ISO-27002-(17799)/abstract11450.html Sarbanes-Oxley is a major compliance standard that companies need to follow in order to certify their financial records. HP has produced a number of Sarbanes-Oxley accelerators that work with our Business Technology Optimization (BTO). This white paper describes HP Sarbanes-Oxley IT Assessment Accelerator, a template of pre-defined information based on ITGI's COBIT, which is loaded into HP Quality Center to help your organization define and execute Sarbanes-Oxley testing, evaluate the results, and develop remediation plans. http://www.compliancehome.com/whitepapers/ISO-27002-(17799)/abstract11450.html Mon, 11 May 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/ISO-27002-(17799)/abstract11447.html As if existing IT investments weren't a large enough strain on provider and payor budgets, the U.S. health care industry is facing a new challenge: ICD-10 (International Statistical Classification of Diseases and Related Health Problems, Version 10) implementation. In 2011, per the mandate of Senate Bill 628, the United States will move from the ICD-9 system of disease classification to ICD-10, a much more complex system that reflects recent advances in disease detection and treatment via biomedical informatics, genetic research and international data-sharing. U.S. ICD-10 adoption has the potential to revolutionize the nation's health care system and produce a huge wave of IT spending. However, the process will require a massive overhaul of the nation's medical coding system. In fact, some industry observers say that ICD-10 could overtake Y2K in terms of impact and cost. ICD-10: Turning Regulatory Compliance into Strategic Advantage, a new paper from the Deloitte Center for Health Solu http://www.compliancehome.com/whitepapers/ISO-27002-(17799)/abstract11447.html Mon, 11 May 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/ISO-27002-(17799)/abstract11444.html The Payment Card Industry Data Security Standard (PCI-DSS) was created by the credit card companies and is intended to protect cardholder data wherever it resides, ensuring that merchants and service providers maintain the highest degree of information security for their customers. While the standard is meant to have a positive impact on merchants, consumers and the retail industry, many retailers are still questioning its effectiveness and necessity in light of the high-cost to comply. A recent poll of 201 information technology (IT) and PCI compliance professionals reinforces this point. http://www.compliancehome.com/whitepapers/ISO-27002-(17799)/abstract11444.html Mon, 11 May 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/ISO-27002-(17799)/abstract11438.html One of the most common security lapses uncovered in AS/400 (System i) audits is too many users with privileged access to data. Read this white paper to learn about managing, limiting, and auditing privileged and powerful user accounts on the AS/400. http://www.compliancehome.com/whitepapers/ISO-27002-(17799)/abstract11438.html Mon, 11 May 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/ISO-27002-(17799)/abstract11437.html Finding the right password for the right IT environment can be time-consuming, confusing, and a drag on a users workplace productivity no matter if theyre an employee, or an external partner, contractor, or customer. Recreating passwords when they expire is an even greater challenge. But worst of all is the combination of issues associated with finding and regularly recreating passwords on a multitude of applications all across the corporate network. http://www.compliancehome.com/whitepapers/ISO-27002-(17799)/abstract11437.html Mon, 11 May 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/ISO-27002-(17799)/abstract11433.html While wireless broadband delivers continuous access to enterprise networks and boosts the productivity of mobile professionals, it also makes it increasingly difficult for IT managers to ensure the health of mobile laptops and the security of the sensitive data they contain.Laptops that leave the enterprise fall into a mobile blind spot, outside the reach of ITs protective measures, vulnerable to loss, theft and intrusion. Read this paper to learn about a simple, secure way to bring visibility to the laptops caught in the mobile blind spot. This paper presents the Alcatel-Lucent approach to eliminating the mobile blind spot by extending security coverage and IT reach beyond the walls of the enterprise with 24/7 mobile laptop tracking, troubleshooting and management capabilities. http://www.compliancehome.com/whitepapers/ISO-27002-(17799)/abstract11433.html Fri, 08 May 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/ISO-27002-(17799)/abstract11430.html There are many key drivers for application security, such as managing the high levels of complexity in rapidly changing IT environments as well as regulatory and compliance demands. With recent high profile breaches and their consequences in the headlines, the direct line between insecure software and data insecurity has never been more clear. As a result, organizations with a strong commitment to data integrity and privacy are taking concrete, measurable steps to ensure the software systems that control data are developed securely. http://www.compliancehome.com/whitepapers/ISO-27002-(17799)/abstract11430.html Fri, 08 May 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/ISO-27002-(17799)/abstract11429.html Companies rely on knowledge assets, such as product formulas and customer databases. VPNs and network monitors can protect proprietary information from outsiders; but, they wont do much to prevent access by internal users. With the popularity of wireless networks, USB drives and other portable devices, it's all too easy for insiders to leak key data. This white paper explains how Trend Micro LeakProof 3.0 protects sensitive data at rest, in use, and in motion. http://www.compliancehome.com/whitepapers/ISO-27002-(17799)/abstract11429.html Fri, 08 May 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/ISO-27002-(17799)/abstract11427.html In this first chapter of http://www.compliancehome.com/whitepapers/ISO-27002-(17799)/abstract11427.html Tue, 05 May 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/ISO-27002-(17799)/abstract11408.html In this paper we will explore the meaning of GRC, how information technology (IT) GRC creates value within an organization, and why Intrusion Prevention Systems are a key part of a successful IT GRC strategy. As we begin to explore these IT GRC and Intrusion Prevention System (IPS) practices, think about your companys current GRC and IPS practices. Maybe you havent started a formal GRC program or automated IPS solution yet. Perhaps you are researching how to improve on your existing efforts. No matter where you are with your IT GRC and IPS initiatives, it is important that we have a common awareness of how the right technology and human resources can enable your success. http://www.compliancehome.com/whitepapers/ISO-27002-(17799)/abstract11408.html Tue, 05 May 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/ISO-27002-(17799)/abstract11396.html According to a study conducted by Ponemon Institute and Symantec, 4 in 5 companies lost data on laptops. To truly reduce the risk and impact of data loss, organizations must proactively secure data and be prepared to respond immediately in the case of a laptop theft or loss. The Symantec Data Loss Prevention solution has been proven at organizations in energy and utilities, federal agencies, financial services, insurance, healthcare, manufacturing, media and entertainment, retail, technology, pharmaceutical, and telecommunications. This report outlines specific steps to help you secure confidential data and minimize the impact of data loss resulting from stolen or missing laptops http://www.compliancehome.com/whitepapers/ISO-27002-(17799)/abstract11396.html Thu, 30 Apr 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/ISO-27002-(17799)/abstract11391.html This whitepaper provides an overview of the challenges midsize organizations face, and how Oracle products can help them overcome those hurdles. Read this whitepaper to learn how midsize organizations like yours can use Oracle software to improve customer relations, minimize risk, deal with change, and make the most of your existing resources. http://www.compliancehome.com/whitepapers/ISO-27002-(17799)/abstract11391.html Thu, 30 Apr 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/ISO-27002-(17799)/abstract11388.html Increasingly, high-value intellectual property such as trade secrets, credit card numbers, medical claims records and mortgage loan applications are part of a large outsourced IT projects. While the coast savings of outsourcing appears significant, the complexity of cross-border relationships increases security challenges and as a result, increases project cost. Costs increase again when a company (and its vendor providers) must comply with international breach disclosure or customer privacy. http://www.compliancehome.com/whitepapers/ISO-27002-(17799)/abstract11388.html Mon, 27 Apr 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/ISO-27002-(17799)/abstract11379.html The combined enterprise goal of simplifying the daily operations of today's data centers and ensuring comprehensive compliance with regulations plays a huge part in running a cost-effective and risk-free business. IT and compliance management can be improved by adopting an enterprise focus; one that is characterized by effective governance, management and security of IT services and enhanced by integration and automation. http://www.compliancehome.com/whitepapers/ISO-27002-(17799)/abstract11379.html Mon, 27 Apr 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/ISO-27002-(17799)/abstract11376.html Many of todays approaches to IT security fall along two principal lines. Access control focuses on managing user identities and privileges to access the network and it resources. Intrusion prevention targets preventing known or behavior-based network attacks based on exploiting known vulnerabilities. However, these two product areas leave a large gap unprotected: security threats posed by users, be it administrators, privileged users, contractors, outsource providers (and even service accounts), that have already been allowed access to network information assets. http://www.compliancehome.com/whitepapers/ISO-27002-(17799)/abstract11376.html Wed, 22 Apr 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/ISO-27002-(17799)/abstract11350.html IBM recently commissioned the Butler Group to discover the priorities of more than 100 senior IT professionals working in large organisations and enterprises.The results of the survey show what role ITSM will play in 2008, what the priorities will be and how capabilities are deployed. It also provides analysis and insight from Tim Jennings, Research Director, Butler Group.The research findings are an essential read for IT professionals developing or deploying Service Management capabilities. http://www.compliancehome.com/whitepapers/ISO-27002-(17799)/abstract11350.html Mon, 20 Apr 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/ISO-27002-(17799)/abstract11333.html Data loss prevention (DLP) technologies have proven to be a very important component of any companys overall security plan. However, many DLP deployments have gone awry, leaving the companies dissatisfied with the results. Complaints range from We spent a lot of money on DLP but overall the results have been moderate at best, to We cant be sure the solution is catching everything. Why are so many companies struggling with technology that was supposed to be such a boon? Like any security technology, DLP brings with it a host of issues that can cause serious problems with a deployment. Many companies have experienced these pitfalls and learned from them. Take advantage of their experiences and increase your own chances for success with DLP. http://www.compliancehome.com/whitepapers/ISO-27002-(17799)/abstract11333.html Mon, 20 Apr 2009 00:00:00 CST http://www.compliancehome.com/whitepapers/ISO-27002-(17799)/abstract11330.html This white paper by EMA takes an in-depth look at the problems associated with using multiple point tools to manage processing requirements driven by todays enterprise, and the growing need for dynamic workload automation. It will examine the ability of workload automation to manage the service experience in real-time, without human intervention. http://www.compliancehome.com/whitepapers/ISO-27002-(17799)/abstract11330.html