Microsoft on Friday issued an update of its Security Compliance Manager tool, which helps IT pros set security policies for some Microsoft software.
Microsoft announced a new mission-critical support option for organizations as part of its Microsoft Services consulting business.
The more information you have, the more you must worry about where it's stored and if your organization is in compliance with the global potpourri of industry and government regulations.
Twitter agreed to settle Federal Trade Commission charges that it put consumer privacy at risk.
Compliance efforts will also affect the security of your data. We explore the connection and what IT can do to protect its information assets.
We examine the remaining five challenges and how Active Directory provides a solution.
As more users need multiple identities to access the applications they need regularly, IT has its hands full maintaining security.
From the Sun/Oracle acquisition to radical changes in the server market, it's been a topsy-turvy year in IT. We take a look at the highlights.
Logs must do more than just record the facts
Where should an enterprise begin when undertaking a governance, risk, and compliance project, and how can IT avoid common project mistakes?
As awareness of SharePoint access control complexity grows, organizations are are focusing on security and compliance for their SharePoint deployments. We offer best practices to address these concerns.
Don’t overlook these seven steps you can take to complete your PCI compliance efforts.
Service-oriented IT processes and technologies will help managers bring the enterprise into line in 2008—perhaps not a moment too soon. We can't shake the feeling that something big and very bad is lurking 'round the corner. Grab a security blanket and carefully read on for the hopes and horrors of 2008.
While reacting to changes in the market, a health care services company has proactively tightened down security beyond HIPAA and aims for certification on the relatively tough ISO 27001 standard.
Learn the 10 best practices for access management collaboration.
Fines and fees are looming after the September 30 PCI compliance deadline. Still, less than half of merchants report full compliance with PCI security requirements, and encryption failures contribute to four out of five failed PCI audits. Why can't companies get encryption right? Here are five key steps for overcoming encryption hurdles.
If it seems that companies aren't learning anything from the front-page security mistakes of competitors, take heart: Consultants and security experts are. Based on their experience and observations, here are 10 security gaps the experts have observed over and over, along with advice for addressing them.
Records management, in the words of the related ISO 15489 standard, is the "creation, receipt, maintenance, use and disposition of records." An increasing number of regulations have driven companies to put their records management programs in order. Learn the top 10 best practices for ensuring the integrity of your records.
No single enterprise risk management framework is comprehensive enough to guide your company in meeting all of its compliance, governance, and risk management needs. Instead, you'll want to selectively combine standards by building around a central framework, such as COSO or AS/NZS 4360, and reinforcing it with one or more of these risk assessment standards.
Fact: Information systems are porous. Most companies will, despite their best efforts, allow some level of data exposure during the next year. Are you ready? Learn the tools and processes you need in place now to control data-breach damage, perform digital forensics, and gather the evidence required to recover and reduce risk.