Member Login

E-mail:    Password:  




 TitleDate AddedCompany
whitepaper TELUS Improves Compliance and Strengthens Security With the RSA enVision Platform2009-08-01 RSA Security
  TELUS is a leading national telecommunications company in Canada, with $9.7 billion of annual revenue and 11.6 million customer connections including 6.1 million wireless subscribers, 4.2 million wireline network access lines and 1.2 million Internet subscribers. The challenge was to comply with Payment Card Industry (PCI) security standards regulation by protecting card transactions across the network and to find and deploy an easy-to-use and maintain Security Information and Event Management (SIEM) solution to meet the PCI requirement for continuous monitoring of security logs. TELUS deployed RSA enVision simplifies compliance with comprehensive accounting of network activity, customized reporting and retention of and access to complete log and event records.

Tags: Security Administration		   
whitepaper RSA SecurID Helps NTT Europe Online Meet PCI DSS Compliance2009-08-01 RSA Security
  NTT Europe Online (NTTEO) provides managed hosting, security and application management services to enterprises globally. NTTEO wanted to become fully Payment Card Industry Data Security Standard (PCI DSS) compliant in all areas of its business, from its datacentres through to HR procedures and to meet one of the 150 PCI DSS recommendations; it needed to deploy a two-factor authentication solution for anyone accessing IT systems holding sensitive customer credit card data. NTTEO Deployed RSA SecurID two-factor authentication to provide NTTEO field engineers with secure remote access to the corporate VPN and RSA SecurID enables NTTEO to segregate different user IDs on the one platform.

Tags: Security Administration, Data Tools		   
whitepaper DbProtect and HIPAA Compliance2009-08-01 Application Security
  The Health Insurance Portability and Accountability Act (HIPAA), passed by Congress in 1996, is designed to safeguard all forms of personal health information (PHI) to include patient identities, medical records, and health insurance information. By defending the patients' rights to have their health information kept private and provide control over how their PHI data is used and disclosed, HIPAA mandates that all hospitals, health care providers, insurance providers, IT professionals, healthcare clearinghouses, business associates, and other involved parties meet compliance requirements.

Tags: Regulatory Compliance		   
whitepaper Financial Services Regulatory Highlights2009-08-01 PricewaterhouseCoopers
  Past June, the Department of Treasury released a White Paper on Financial Regulatory Reform calling on the SEC and CFTC to make recommendations to Congress for changes to statutes and regulations that would harmonize regulation of futures and securities. Specifically, the White Paper recommended that the CFTC and SEC complete a report to Congress by September 30, 2009, that identifies all existing conflicts in statutes and regulations with respect to similar types of financial instruments and either explains why those differences are essential to achieve underlying policy objectives with respect to investor protection, market integrity, and price transparency or makes recommendations for changes to statues and regulations that would eliminate the differences.

Tags: Business Functions		   
whitepaper PCI DSS Compliance and the Digi TransPort Router2009-07-27 Digi International
  This paper explains how Digi TransPort routers can be part of a PCI DSS compliant system. They comply with the PCI DSS version 1.2 requirements via these major features: Stateful inspection firewall, network segmentation via VLAN or Ethernet Port Isolation, MAC filtering to prevent unwanted client PCs on the network, encryption and authentication via IPsec, IKE, SSL, SSH and X.509 certificates, configurable user levels and remote authentication and full event logging, which can be stored via Syslog, including event alarm support.

Tags: Security Administration, Data Tools		   
whitepaper How the PCI Wireless Guidelines Apply to You2009-07-23 AirTight Networks
  PCI Council Wireless SIG published wireless guidelines for PCI DSS. PCI Security Standards Council has acknowledged that wireless is a clear and present danger to network security and those who collect, store or transmit card holder data must take steps to assure that it is secure, whether or not wireless is deployed in the cardholder data environment. Though the PCI DSS has included wireless security requirements, this is the first time that the requirements for wireless security have been described unambiguously for all cardholder data environments. The presenters will review the recently published guidelines by PCI's wireless Special Interest Group.   
whitepaper Achieving compliance with GSi Code Of Connection (CoCo)2009-07-23 Lumension
  In November 2005, The Government published 'Transformational Government - Enabled by Technology' which documents the steps necessary to achieve effective delivery of technology for Government. To develop the necessary trust and confidence within the Public Sector communities and between Government and the citizens, a common approach to risk management and the implementation of an Information Assurance framework becomes increasingly important . The aim of the Code of Connection (CoCo) is to develop the trust required both within and between communities, which then allows more effective use of shared systems and services. The CoCo provides a minimum set of security standards that organisations must adhere to when joining the GSi. This paper addresses some of the key challenges of achieving and maintaining compliance with the GSi Code of Connection (CoCo) for the GCSX.

Tags: Security Administration, Security Administration, Government, Homeland Security		   
whitepaper Security Reference Guide2009-07-22 CDW
  For better or worse, the security field changes rapidly. It differs from mainstream IT work in that predicting the next challenge proves quite difficult. Threats appear to come out of nowhere, and incidents seem to strike at random. On the other hand, like all areas of IT, security as a discipline constantly builds on itself, rarely taking a step backward. In particular, over the last year we've seen attacks used in new and complex combinations, growing sophistication in online criminal activities, and an escalation of the ongoing arms race between the developers of malicious software and the creators of defensive tools.

These developments have either overwhelmed some traditional security measures or made them irrelevant. As a result, organizations have had to change their tactics in order to cope.

Tags: Intrusion - Tampering, Security Administration, Security Administration, Security Administration		   
whitepaper PA-DSS Compliance and Commerce Toolkit for Applications2009-07-21 IP Commerce
  In 2004, the payment card brands aligned their individual cardholder data protection programs to create the Payment Card Industry Data Security Standard (PCI DSS) This alignment in standards provides an industry-wide framework that forms the basis of each association's individual security programs The objective of the individual programs is to compel merchants and payment service providers to enact measures that protect cardholder information. The goal of the PCI DSS is to specify the security controls required to protect cardholder data in the transaction-processing environment from end-to-end.

Tags: Security Administration, Data Tools		   
whitepaper Sustaining SOX Compliance: Best Practices to Mitigate Risk, Automate Compliance, and Reduce Costs2009-07-20 Tripwire
  To successfully sustain SOX compliance, organizations must implement best practices to ensure IT systems not only achieve a known and trusted state but they also maintain that state. Management must be more accountable and aware of the need for a continuous and proactive operational risk management environment that recognizes the links between its technology infrastructure, business processes, reputation, compliance, and internal controls.

It is vital that Tripwire configuration audit and control solutions are used as an integral element of sustained compliance initiatives. Learn how in this Tripwire whitepaper.

Tags: IT Infrastructure, Security Administration, IT Budgeting