| Title | Date Added | Company | |
|---|---|---|---|
 |
Extending PCI Compliance to the Mobile Workforce | 2008-05-07 | Fiberlink Communications |
| The Payment Card Industry (PCI) Security Standards Council developed an explicit Data Security Standard (DSS) which outlines the minimum controls necessary to protect the system components that support cardholder data environments. The Council added teeth to the security standard by enforcing it through regular audits and assessments conducted by authorized agencies. The controls outlined in the 12 requirements of PCI DSS specifically address system components - the point-of-sale devices, servers, network, applications and storage - that support cardholder data environments. Consequently, this is the network segment that organizations focus on when devising, implementing, maintaining and assessing their security controls.
Tags: Best Practices |
|||
|
Governance, Risk, and Compliance: A Practical Guide to Points of Entry | 2008-03-01 | Sun Microsystems |
| The implementation of new initiatives in Governance, Risk, and Compliance (GRC) may be an overwhelming prospect for many organizations. With multiple views and aspects of GRC, it can be difficult to know where to begin. This paper proposes that the solution is to break GRC initiatives into a number of constituent components that can be addressed one at a time, beginning with those that are easiest to plan for and implement. Choosing the first area on which to focus may mean drilling down from the big picture of enterprise GRC to the IT framework that enables it, and then to some manageable aspect of that framework. | |||
|
ICD-10: Turning Regulatory Compliance Into Strategic Advantage - Are U.S. Health Plans and Providers Ready for ICD-10 Adoption? | 2008-02-04 | Deloitte LLP |
| As if existing IT investments weren't a large enough strain on provider and payor budgets, the U.S. health care industry is facing a new challenge: ICD-10 (International Statistical Classification of Diseases and Related Health Problems, Version 10) implementation. In 2011, per the mandate of Senate Bill 628, the United States will move from the ICD-9 system of disease classification to ICD-10, a much more complex system that reflects recent advances in disease detection and treatment via biomedical informatics, genetic research and international data-sharing. U.S. ICD-10 adoption has the potential to revolutionize the nation's health care system and produce a huge wave of IT spending. However, the process will require a massive overhaul of the nation's medical coding system. In fact, some industry observers say that ICD-10 could overtake Y2K in terms of impact and cost. ICD-10: Turning Regulatory Compliance into Strategic Advantage, a new paper from the Deloitte Center for Health Solutions, part of Deloitte LLP, describes the impact of the proposed move to ICD-10 on U.S. health plans and providers and discusses the need to prepare for this change now. Specifically, it looks at the potential impacts of ICD-10 compliance on three camps of health care organizations: Pragmatists, Collaborators, and Innovators.
Tags: HIPAA |
|||
|
Meeting PCI DSS Merchant Requirements With a WatchGuard Firebox | 2008-02-01 | WatchGuard Technologies |
| The goal of the Payment Card Industry Data Security Standard (PCI DSS) is to create a framework for good security practice around the handling of cardholder data. A PCI-compliant operating environment is one in which the cardholder data exists (i.e., it does NOT refer to the whole corporate network), and PCI DSS defines the requirements for how access to this data must be controlled, monitored, logged, and audited. The objective of this white paper is to discuss those aspects of the PCI DSS standard that have an impact on a firewall deployment for a PCI DSS merchant.
Tags: Security Management |
|||
|
Payment Card Industry (PCI) Data Security Standard: Navigating PCI DSS | 2008-02-01 | PCI Security Standards Council |
| This paper describes the 12 Payment Card Industry Data Security Standard (PCI DSS) requirements, along with guidance to explain the intent of each requirement. PCI DSS requirements apply to all system components that are included in or connected to the cardholder data environment. The cardholder data environment is that part of the network that possesses cardholder data or sensitive authentication data, including network components, servers and applications.
Tags: Data Recovery - Security |
|||
|
Tripwire PCI DSS Solutions: Automated, Continuous Compliance | 2008-01-24 | Tripwire |
| The major credit card companies collaboratively developed the Payment Card Industry Data Security Standard (PCI DSS) to protect sensitive cardholder account data from theft and fraud. Compliance is no longer an option; it's a requirement for all payment card network members and failure to meet requirements can result in monetary penalties or even the suspension or revocation of a company's right to accept or process credit card transactions. Fortunately, these standards amount to best practices that keep the systems, hardware, and data secure - critical for maintaining customer trust and the reputation. That's why it is so important to keep IT systems in a known and trusted state.
Tags: Security Management |
|||
|
Pragma Systems: Using SSH for PCI Compliance | 2008-01-18 | Pragma Systems |
| The objective of this paper is to examine the federal and industry regulatory environment and to analyze the benefits of utilizing Secure Shell (SSH) in achieving PCI compliance. In addition, to review the role Pragma Systems, Inc. and its FortressSSH product can play in a robust, secure computing environment. In the wake of the first Sept. 30, 2007, Payment Card Industry (PCI) deadline for locking down networks and customer data, it's clear many companies - and more than half of smaller organizations - still fall short of prescribed security standards. As a result, the majority of Telnet-dependent companies are now scrambling to find cost-effective solutions for effecting full compliance with PCI Data Security Standards (PCI DSS).
Tags: Security Management |
|||
|
Improving Compliance and Efficiency With Sun Identity Auditing and Other Sun Identity Management Capabilities | 2008-01-01 | Sun Microsystems |
| Faced with increasing compliance requirements and related challenges since the passage of the Sarbanes-Oxley Act of 2002 and other regulations governing data integrity and privacy, Sun and its alliance partner Deloitte & Touche LLP (Deloitte & Touche) deployed Sun Java System Identity Manager and Java System Identity Auditor software to improve Sun's processes related to user account management and access controls and to achieve operational efficiencies. This paper recounts the process from solution criteria and selection through planning and deployment, and describes the benefits that have resulted for both Sun and its customers.
Tags: Security Management |
|||
|
Microsoft Security Solutions: Partner Pathway to Business Performance | 2008-01-01 | IDG (International Data Group) |
| Information Technology (IT) is penetrating more and more aspects of both business life and personal life. Expanded IT is resulting in a need for broader and more comprehensive security solutions, which in turn is impacting the overall economics of IT solution providers. Growth markets such as small to midsize enterprises are demanding simple, easy-to-use, and affordable products, leading to higher volumes but thinner margins. Security solution providers therefore are taking a comprehensive view of business performance, including business velocity, cost management, operational excellence, and bottom-line profitability. As an important vendor of security products, including the Forefront line of business security products, Microsoft recognizes the significance to its partners of continuing to make money in this changing industry.
Tags: Security Management |
|||
|
PCI Compliance Cost Analysis: A Justified Expense | 2007-12-12 | Solidcore Systems |
| The Payment Card Industry Data Security Standard (PCI-DSS) was created by the credit card companies and is intended to protect cardholder data wherever it resides, ensuring that merchants and service providers maintain the highest degree of information security for their customers. While the standard is meant to have a positive impact on merchants, consumers and the retail industry, many retailers are still questioning its effectiveness and necessity in light of the high-cost to comply. A recent poll of 201 information technology (IT) and PCI compliance professionals reinforces this point. |
Cutting-edge technology from premium sponsors
HP Simply StorageWorks D2D Backup System
Explore this disk-to-disk backup system that is fully automated and provides reliable data protection for your business.
Careers at Accenture
Immediate job opportunities at Accenture – Apply Now!
Webcast: Maximizing Data Protection with Disk-Based Backup
Register to attend this webcast and learn why data protection is critical to your business.
Compare your IT salary
Sign-up for free download of IT salary benchmark report 2008.
- ZDNet.com |
- ZDNet Japan |
- ZDNet.de |
- CNET UK |
- CNET.de |
- Tech Republic |
- BNET |
- MP3.com |
- activeTechPros |
- ZDNet UK |
- ZDNet Korea |
- ZDNet France |
- CNET Australia |
- CNET France |
- Download.com |
- Builder |
- GameSpot
- ZDNet Australia |
- ZDNet Taiwan |
- CNET |
- CNET Taiwan |
- News.com |
- Silicon.com |
- TV.com |
- GameSpot Korea
News |
Insight |
Reviews |
TechGuides |
Jobs |
Blogs |
Videos |
Community |
Downloads |
IT Library |
Copyright © 2008 CNET Networks, Inc. All rights reserved. Privacy Policy.
