Security Standards - IT Library : ZDNet Asia

Case Studies

Vendor Webcast

Show all content

Title Date Added Company

Encrypting Recordings Is Not Enough: Steps to Protect Your Most Sensitive Data 2007-06-01 Autonomy

As fraud and identity theft becomes more prevalent, businesses that record calls must adhere to the Payment Card Industry (PCI) Data Security Standards to prevent recorded transactions from becoming a target. The PCI Data Security Standards were created to protect the personal and financial data customers entrust to retailers, banks, service providers, and credit card companies. By not properly securing their call and desktop recordings, businesses are leaving an overwhelming amount of customer data unprotected. This whitepaper addresses which security features business should employ and offers a guideline for adhering to the PCI security standards.

Tags: Security Management, Data Recovery - Security

Regulating the Payment Card Industry 2007-05-22 Suomen Pankki

The payment card industry is subject to substantive regulatory pressure. Both the fees, especially the interchange fees, and the scheme rules have been scrutinized and in many jurisdictions also regulated. Taking this interest of authorities at its face value suggests that the payment card market is not functioning according to the best interests of at least some its participants. Especially merchants have complained about the high fees charged from them when accepting card payments. These complaints explain in part why most past and current propositions for regulation have targeted the relationship between the merchant and the payment card industry.

The Payment Card Industry Compliance - Securing Both Merchant and Customer Data 2007-05-01 Acunetix

This white paper introduces the Payment Card Industry Compliance standard, and the security threats which brought about the need to standardize the data protection of both merchants and customers. The internet is no longer just a source of information, but it is a trading universe where thousands of credit and debit card transactions are carried out every second. Private data is transmitted and stored online through systems which have been exploited numerous times, resulting in immense financial repercussions on both traders and buyers. PCI Compliance is a structured security checklist which aims at securing financial data, and helps to distinguish the secure and reliable businesses from the risky ones.

Tags: Security Management, Data Recovery - Security

Security Compliance Best Practices 2007-04-30 Hill Associates

There are numerous new laws related to corporate governance, financial reporting practices, protecting personal information, counter-terrorism, and the potential for litigation. These laws impact an organization's data backup and storage requirements, electronic documentation, and overall security strategy. Plain and simple, many organizations are not prepared to comply with these laws. This white paper discusses what organizations must do to get prepared.

Tags: Security Management, Best Practices

Compliance: The California Security Breach Notification Act (SB 1386) 2007-04-17 Biscom

The California Security Breach Notification Act states that any business or agency that uses a computer to store confidential personal information about a California resident must immediately notify that individual upon discovering any breach to the computer system upon which this information is stored. Failure to notify the individual(s) could subject the business/agency to civil damages and lawsuits. The statute became effective July 01, 2003. While lawsuits can be sufficiently damaging to a company's bottom line and reputation by themselves, failing to deal with the risks associated with SB 1386 could trigger violations of the Sarbanes-Oxley Act, which has serious consequences for violators.

Tags: Data Recovery - Security, Sarbanes-Oxley

Compliance: SEC 17a-4/NASD 3010/3110 2007-04-17 Biscom

In the wake of the 1928 stock market crash and the uncovering of widespread securities fraud, the U.S. Congress enacted the Securities Exchange Act of 1934. The Act seeks to protect investors from fraudulent or misleading claims in the securities industry and requires extensive record keeping, reviewing, and auditing by independent auditors, and administration of financial transaction records. NASD 3010/3110 are part of comprehensive regulations enacted and enforced by the National Association of Securities Dealers on behalf of more than 5,000 registered financial institutions and investment funds. All aspects of the SEC and NASD regulations are effective today.

Tags: Data Recovery - Security, SEC Rule 17A-4

Is Your WLAN Putting Your PCI Compliance at Risk? 2007-04-12 Colubris Networks

The Payment Card Industry (PCI) Data Security Standard was created in 2004 by major credit card companies - American Express, Discover Financial, JCB, MasterCard Worldwide, and Visa International - to provide security and privacy of customers' credit card data and personal information. The PCI standard sets specific guidelines for the storage, processing, and transmittal of all associated data in order to protect cardholders from identify theft. PCI compliance is mandatory for all merchants that store, process or transmit credit card data through retail stores, mail order, telephone order and online sites. Retailers that are not in compliance are subject to fines or suspension of credit card processing privileges.

Tags: Security Management

Improving Compliance and Efficiency With Sun Identity Auditing: Sun-on-Sun Case Study 2007-04-01 Sun Microsystems

Faced with increasing compliance challenges since the passage of the Sarbanes-Oxley Act of 2002 and other regulations governing data integrity and privacy, Sun deployed Sun identity auditing and other identity management capabilities to improve access control and to achieve operational efficiencies. This paper recounts the process from solution criteria and selection through planning and deployment, and describes the benefits that have resulted for both Sun and its customers.

Tags: Security Management

Advice on Enterprise Policy Management for Security and Compliance 2007-04-01 Enterprise Management Associates

Off late, the nature of network security has undergone a dramatic change. It was not that long ago those efforts focused primarily on securing a perimeter around the trusted network. Security policy was implemented by control points that filtered traffic passing between trusted and untrusted networks. These control points typically focused on packet filtering via a firewall, a router access control list, or a combination of both. The advantage of this approach was the ease of administration afforded by the centralization of controls, assuring the enforcement of a security policy on traffic moving between zones of trust.

Tags: Security Management,

Achieving PCI Compliance For: Privileged Password Management & Remote Vendor Access 2007-04-01 e-DMZ Security

Though PCI compliance is not a government driven requirement such as Sarbanes Oxley and HIPAA, noncompliance under PCI can have a devastating impact on any enterprise that relies on credit card transactions. The contract with credit card companies requires that as an organization one complies with PCI. Non-compliance with PCI can result in specific contractual penalties and/or revocation of the rights as an enterprise to process credit card transactions. Like all compliance and regulatory requirements, there is no single product or policy/procedure that will assure the compliance. THERE IS NO SILVER BULLET for PCI COMPLIANCE. PCI compliance requires that the enterprise deploy many security technologies, and have specific policies and procedures in place.

Tags: Security Management

Jump to 1 2 3 4 5 6 [7] 8 9 10

Title	Date Added	Company
Encrypting Recordings Is Not Enough: Steps to Protect Your Most Sensitive Data	2007-06-01	Autonomy
As fraud and identity theft becomes more prevalent, businesses that record calls must adhere to the Payment Card Industry (PCI) Data Security Standards to prevent recorded transactions from becoming a target. The PCI Data Security Standards were created to protect the personal and financial data customers entrust to retailers, banks, service providers, and credit card companies. By not properly securing their call and desktop recordings, businesses are leaving an overwhelming amount of customer data unprotected. This whitepaper addresses which security features business should employ and offers a guideline for adhering to the PCI security standards. Tags: Security Management, Data Recovery - Security
Regulating the Payment Card Industry	2007-05-22	Suomen Pankki
The payment card industry is subject to substantive regulatory pressure. Both the fees, especially the interchange fees, and the scheme rules have been scrutinized and in many jurisdictions also regulated. Taking this interest of authorities at its face value suggests that the payment card market is not functioning according to the best interests of at least some its participants. Especially merchants have complained about the high fees charged from them when accepting card payments. These complaints explain in part why most past and current propositions for regulation have targeted the relationship between the merchant and the payment card industry.
The Payment Card Industry Compliance - Securing Both Merchant and Customer Data	2007-05-01	Acunetix
This white paper introduces the Payment Card Industry Compliance standard, and the security threats which brought about the need to standardize the data protection of both merchants and customers. The internet is no longer just a source of information, but it is a trading universe where thousands of credit and debit card transactions are carried out every second. Private data is transmitted and stored online through systems which have been exploited numerous times, resulting in immense financial repercussions on both traders and buyers. PCI Compliance is a structured security checklist which aims at securing financial data, and helps to distinguish the secure and reliable businesses from the risky ones. Tags: Security Management, Data Recovery - Security
Security Compliance Best Practices	2007-04-30	Hill Associates
There are numerous new laws related to corporate governance, financial reporting practices, protecting personal information, counter-terrorism, and the potential for litigation. These laws impact an organization's data backup and storage requirements, electronic documentation, and overall security strategy. Plain and simple, many organizations are not prepared to comply with these laws. This white paper discusses what organizations must do to get prepared. Tags: Security Management, Best Practices
Compliance: The California Security Breach Notification Act (SB 1386)	2007-04-17	Biscom
The California Security Breach Notification Act states that any business or agency that uses a computer to store confidential personal information about a California resident must immediately notify that individual upon discovering any breach to the computer system upon which this information is stored. Failure to notify the individual(s) could subject the business/agency to civil damages and lawsuits. The statute became effective July 01, 2003. While lawsuits can be sufficiently damaging to a company's bottom line and reputation by themselves, failing to deal with the risks associated with SB 1386 could trigger violations of the Sarbanes-Oxley Act, which has serious consequences for violators. Tags: Data Recovery - Security, Sarbanes-Oxley
Compliance: SEC 17a-4/NASD 3010/3110	2007-04-17	Biscom
In the wake of the 1928 stock market crash and the uncovering of widespread securities fraud, the U.S. Congress enacted the Securities Exchange Act of 1934. The Act seeks to protect investors from fraudulent or misleading claims in the securities industry and requires extensive record keeping, reviewing, and auditing by independent auditors, and administration of financial transaction records. NASD 3010/3110 are part of comprehensive regulations enacted and enforced by the National Association of Securities Dealers on behalf of more than 5,000 registered financial institutions and investment funds. All aspects of the SEC and NASD regulations are effective today. Tags: Data Recovery - Security, SEC Rule 17A-4
Is Your WLAN Putting Your PCI Compliance at Risk?	2007-04-12	Colubris Networks
The Payment Card Industry (PCI) Data Security Standard was created in 2004 by major credit card companies - American Express, Discover Financial, JCB, MasterCard Worldwide, and Visa International - to provide security and privacy of customers' credit card data and personal information. The PCI standard sets specific guidelines for the storage, processing, and transmittal of all associated data in order to protect cardholders from identify theft. PCI compliance is mandatory for all merchants that store, process or transmit credit card data through retail stores, mail order, telephone order and online sites. Retailers that are not in compliance are subject to fines or suspension of credit card processing privileges. Tags: Security Management
Improving Compliance and Efficiency With Sun Identity Auditing: Sun-on-Sun Case Study	2007-04-01	Sun Microsystems
Faced with increasing compliance challenges since the passage of the Sarbanes-Oxley Act of 2002 and other regulations governing data integrity and privacy, Sun deployed Sun identity auditing and other identity management capabilities to improve access control and to achieve operational efficiencies. This paper recounts the process from solution criteria and selection through planning and deployment, and describes the benefits that have resulted for both Sun and its customers. Tags: Security Management
Advice on Enterprise Policy Management for Security and Compliance	2007-04-01	Enterprise Management Associates
Off late, the nature of network security has undergone a dramatic change. It was not that long ago those efforts focused primarily on securing a perimeter around the trusted network. Security policy was implemented by control points that filtered traffic passing between trusted and untrusted networks. These control points typically focused on packet filtering via a firewall, a router access control list, or a combination of both. The advantage of this approach was the ease of administration afforded by the centralization of controls, assuring the enforcement of a security policy on traffic moving between zones of trust. Tags: Security Management,
Achieving PCI Compliance For: Privileged Password Management & Remote Vendor Access	2007-04-01	e-DMZ Security
Though PCI compliance is not a government driven requirement such as Sarbanes Oxley and HIPAA, noncompliance under PCI can have a devastating impact on any enterprise that relies on credit card transactions. The contract with credit card companies requires that as an organization one complies with PCI. Non-compliance with PCI can result in specific contractual penalties and/or revocation of the rights as an enterprise to process credit card transactions. Like all compliance and regulatory requirements, there is no single product or policy/procedure that will assure the compliance. THERE IS NO SILVER BULLET for PCI COMPLIANCE. PCI compliance requires that the enterprise deploy many security technologies, and have specific policies and procedures in place. Tags: Security Management

Security

Featured Whitepapers

Member Login

HP Simply StorageWorks D2D Backup System

Industry Watch: Healthcare