Security Standards - IT Library : ZDNet Asia

Case Studies

Vendor Webcast

Show all content

Title Date Added Company

The Good, Bad and Necessary: The Complete Guide to PCI 6.6 Success 2009-06-01 Breach Security

It seems that IT administrators and security professionals are always receiving notification of new rules, regulations and compliance codes that fall under their purview. And just when the necessary adjustments have been made, priorities shifted and new technology purchased, the rules are changed - yet again. The Payment Card Industry Data Security Standard (PCI DSS) is no different. The PCI DSS is a requirement of any company or organization that stores, processes, transmits or comes into contact with cardholder data as of June 30, 2005. Most companies with an e-commerce or transactional component to their model fall under this umbrella. This resource provides IT security professionals with the information needed to understand PCI compliance and specifically, one of the standard's latest requirements, 8.6.

Tags: Data Tools

The Coming Storm of Regulation 2009-06-01 RSA Security

The continuing financial crisis that has gripped the world since mid-2008 is likely to cause a flood of new global regulations. The nature of this failure dictates a new approach to regulations that will drive transparency requirements and risk management adoption. Organizations throughout the world will need to effectively manage these new regulations in order to achieve compliance and remain competitive.

Tags: Security Administration

Achieving HIPAA Security Rule Compliance with LumensionÂ® Solutions 2009-06-01 Lumension

Healthcare organizations face a host of HIPAA Security Rule compliance challenges with the move to put patient medical records online. Lumension helps organizations address these compliance challenges by providing the proactive risk management and the required audit readiness to meet many aspects of the HIPAA Security Rule.

Tags: Security Administration, Financial Services, Regulatory Compliance

Achieving Federal Desktop Core Configuration Compliance (FDCC) with LumensionÂ® Solutions 2009-06-01 Lumension

The Federal Desktop Core Configuration (FDCC) is an Office of Management and Budget (OMB) mandated security configuration set applicable within United States Federal Government agencies. Private enterprises may also choose to utilize this established framework as a foundation for their own security configuration baselines. All federal agencies that utilize or plan an upgrade to either Windows XP or Vista must report compliance, with FDCC reporting requirements dictated by the standard FISMA reporting guidance. The FDCC specific configuration requirements are generally based on the "Principle of Least Privilege" restricting user and machine rights. This whitepaper examines the FDCC requirements, the compliance challenges including vulnerability management, change control, and system security management and also highlights how Lumension's SCAP Validated FDCC scanner is integrated with a complete vulnerability management solution to effectively enable compliance with these standards.

Tags: Security Administration, Regulatory Compliance, Regulatory Compliance, IT Infrastructure

Achieving NERC Cyber Security Standards Compliance with LumensionÂ® Solutions 2009-06-01 Lumension

The North American Electric Reliability Corporation (NERC) is a non-profit corporation chartered to ensure that the bulk electric system in North America is reliable, adequate and secure. NERC CIP standards and guidelines apply to all Responsible Entities (REs) within the bulk-power system, including investor-owned utilities, most generation and transmission (G&T) cooperatives, owners or operators of electrical power generation, transmission or balancing facilities in North America, primary entities ensuring compliance, such as NERC and the Regional Reliability Organizations. REs are required to retain 12 months of auditable data, documents and records on their information security controls and specific logs for 90 days in order to be compliant with the new CIP standards.

This whitepaper reviews each of the NERC Cyber Security Standards and maps the requirements to technical controls enforceable with Lumension solutions. Lumension helps REs address NERC CIP compliance challenges and ensures audit-readiness by delivering end-to-end vulnerability management, endpoint protection and data protection solutions that:

Automate vulnerability management to minimize the attack surface
Prevent malicious software with complete protection
And protect information from loss or theft

Tags: Security Administration, Security Administration, Security Administration, Security Administration

Using Qualysguard to Meet Sox Compliance & IT Control Objectives 2009-06-01 Qualys

The Sarbanes-Oxley Act of 2002 has fundamentally changed the business and regulatory landscape for all companies publically traded in the US. SOX is intended to instill confidence back into the investor community after several corporate scandals resulted in the loss of billions of dollars in invested capital. SOX does this by increasing corporate governance requirements through measures that will strengthen internal checks and balances and ultimately, provide transparency, as well as elevated corporate accountability. It is important to emphasize that section 404 does not require senior management and business process owners to merely establish and maintain an adequate internal control structure, but also to assess its effectiveness on an annual basis.

Tags: Security Administration, Regulatory Compliance

Generate Cost Savings and Improve Efficiency With Proper Compliance Efforts 2009-06-01 Quest Software

Compliance with regulations like such as SOX, PCI DSS, and FISMA does not need to be the resource drain that it often becomes in organizations. The key is avoiding a Â¨Dform over functionÂ¡Â¬ approach and focusing on the real intent of the requirements, which are actually well aligned with most organizations' business objectives. Armed with the right perspective and knowledge, the IT professional will be able to capitalize on the effort and technology investments made in the name of compliance to further IT's mission to deliver business value and reduce costs.

Tags: Security Administration

Magic Quadrant for Security Information and Event Management 2009-05-29 gartner

Broad adoption of SIEM technology is driven by compliance and security needs. New use cases in areas such as application activity monitoring are emerging. Security Information and Event Management (SIEM) technology provides real-time monitoring and historical reporting of security events from networks, systems and applications. SIEM deployments are often funded to address regulatory compliance reporting requirements, but organizations should also use SIEM to improve security operations, threat management and incident response capabilities.

Tags: Security Administration

Security Explorer for Exchange Version 7.0.2 2009-05-26 ScriptLogic

Security Explorer for Exchange is a powerful, graphical solution for real-time management of access controls and security in Exchange. This broad, real-time solution offers administrators the ability to manage, search, clone, backup, and recover permissions and security in Exchange. This solution provides consolidated management of mailbox and Active Directory permissions from one, simple to use interface.

30 day free trial download

(Security Explorer for Exchange requires Exchange Server 2000 / 2003 / 2007)

Tags: Security Administration, Security Administration, Security Administration, Security Administration

Enterprise Security Reporter Version 3.6.3 2009-05-26 ScriptLogic

Enterprise Security ReporterÂ is an agent-less, fast, comprehensive discovery and reporting solution for analyzing file security, group memberships and other security settings on Windows file servers, Active Directory servers, SharePoint servers, and SQL Servers.

Enterprise Security Reporter also provides the administrator with tools to compare, analyze, query and report on the security and configuration of the network. Enterprise Security Reporter includes numerous ready-made and customizable reports, with output in eight popular file formats.

30 day free trial download

(Discovery Console, Enterprise Security Reporter's Discovery Console can be installed on Windows 2000/XP/2003 and requires MSDE or SQL Server 2000 or higher.)

Tags: Security Administration, Security Administration, Security Administration, Security Administration

Jump to 1 2 3 4 5 6 [7] 8 9 10

Title	Date Added	Company
The Good, Bad and Necessary: The Complete Guide to PCI 6.6 Success	2009-06-01	Breach Security
It seems that IT administrators and security professionals are always receiving notification of new rules, regulations and compliance codes that fall under their purview. And just when the necessary adjustments have been made, priorities shifted and new technology purchased, the rules are changed - yet again. The Payment Card Industry Data Security Standard (PCI DSS) is no different. The PCI DSS is a requirement of any company or organization that stores, processes, transmits or comes into contact with cardholder data as of June 30, 2005. Most companies with an e-commerce or transactional component to their model fall under this umbrella. This resource provides IT security professionals with the information needed to understand PCI compliance and specifically, one of the standard's latest requirements, 8.6. Tags: Data Tools
The Coming Storm of Regulation	2009-06-01	RSA Security
The continuing financial crisis that has gripped the world since mid-2008 is likely to cause a flood of new global regulations. The nature of this failure dictates a new approach to regulations that will drive transparency requirements and risk management adoption. Organizations throughout the world will need to effectively manage these new regulations in order to achieve compliance and remain competitive. Tags: Security Administration
Achieving HIPAA Security Rule Compliance with LumensionÂ® Solutions	2009-06-01	Lumension
Healthcare organizations face a host of HIPAA Security Rule compliance challenges with the move to put patient medical records online. Lumension helps organizations address these compliance challenges by providing the proactive risk management and the required audit readiness to meet many aspects of the HIPAA Security Rule. Tags: Security Administration, Financial Services, Regulatory Compliance
Achieving Federal Desktop Core Configuration Compliance (FDCC) with LumensionÂ® Solutions	2009-06-01	Lumension
The Federal Desktop Core Configuration (FDCC) is an Office of Management and Budget (OMB) mandated security configuration set applicable within United States Federal Government agencies. Private enterprises may also choose to utilize this established framework as a foundation for their own security configuration baselines. All federal agencies that utilize or plan an upgrade to either Windows XP or Vista must report compliance, with FDCC reporting requirements dictated by the standard FISMA reporting guidance. The FDCC specific configuration requirements are generally based on the "Principle of Least Privilege" restricting user and machine rights. This whitepaper examines the FDCC requirements, the compliance challenges including vulnerability management, change control, and system security management and also highlights how Lumension's SCAP Validated FDCC scanner is integrated with a complete vulnerability management solution to effectively enable compliance with these standards. Tags: Security Administration, Regulatory Compliance, Regulatory Compliance, IT Infrastructure
Achieving NERC Cyber Security Standards Compliance with LumensionÂ® Solutions	2009-06-01	Lumension
The North American Electric Reliability Corporation (NERC) is a non-profit corporation chartered to ensure that the bulk electric system in North America is reliable, adequate and secure. NERC CIP standards and guidelines apply to all Responsible Entities (REs) within the bulk-power system, including investor-owned utilities, most generation and transmission (G&T) cooperatives, owners or operators of electrical power generation, transmission or balancing facilities in North America, primary entities ensuring compliance, such as NERC and the Regional Reliability Organizations. REs are required to retain 12 months of auditable data, documents and records on their information security controls and specific logs for 90 days in order to be compliant with the new CIP standards. This whitepaper reviews each of the NERC Cyber Security Standards and maps the requirements to technical controls enforceable with Lumension solutions. Lumension helps REs address NERC CIP compliance challenges and ensures audit-readiness by delivering end-to-end vulnerability management, endpoint protection and data protection solutions that: Automate vulnerability management to minimize the attack surface Prevent malicious software with complete protection And protect information from loss or theft Tags: Security Administration, Security Administration, Security Administration, Security Administration
Using Qualysguard to Meet Sox Compliance & IT Control Objectives	2009-06-01	Qualys
The Sarbanes-Oxley Act of 2002 has fundamentally changed the business and regulatory landscape for all companies publically traded in the US. SOX is intended to instill confidence back into the investor community after several corporate scandals resulted in the loss of billions of dollars in invested capital. SOX does this by increasing corporate governance requirements through measures that will strengthen internal checks and balances and ultimately, provide transparency, as well as elevated corporate accountability. It is important to emphasize that section 404 does not require senior management and business process owners to merely establish and maintain an adequate internal control structure, but also to assess its effectiveness on an annual basis. Tags: Security Administration, Regulatory Compliance
Generate Cost Savings and Improve Efficiency With Proper Compliance Efforts	2009-06-01	Quest Software
Compliance with regulations like such as SOX, PCI DSS, and FISMA does not need to be the resource drain that it often becomes in organizations. The key is avoiding a Â¨Dform over functionÂ¡Â¬ approach and focusing on the real intent of the requirements, which are actually well aligned with most organizations' business objectives. Armed with the right perspective and knowledge, the IT professional will be able to capitalize on the effort and technology investments made in the name of compliance to further IT's mission to deliver business value and reduce costs. Tags: Security Administration
Magic Quadrant for Security Information and Event Management	2009-05-29	gartner
Broad adoption of SIEM technology is driven by compliance and security needs. New use cases in areas such as application activity monitoring are emerging. Security Information and Event Management (SIEM) technology provides real-time monitoring and historical reporting of security events from networks, systems and applications. SIEM deployments are often funded to address regulatory compliance reporting requirements, but organizations should also use SIEM to improve security operations, threat management and incident response capabilities. Tags: Security Administration
Security Explorer for Exchange Version 7.0.2	2009-05-26	ScriptLogic
Security Explorer for Exchange is a powerful, graphical solution for real-time management of access controls and security in Exchange. This broad, real-time solution offers administrators the ability to manage, search, clone, backup, and recover permissions and security in Exchange. This solution provides consolidated management of mailbox and Active Directory permissions from one, simple to use interface. 30 day free trial download (Security Explorer for Exchange requires Exchange Server 2000 / 2003 / 2007) Tags: Security Administration, Security Administration, Security Administration, Security Administration
Enterprise Security Reporter Version 3.6.3	2009-05-26	ScriptLogic
Enterprise Security ReporterÂ is an agent-less, fast, comprehensive discovery and reporting solution for analyzing file security, group memberships and other security settings on Windows file servers, Active Directory servers, SharePoint servers, and SQL Servers. Enterprise Security Reporter also provides the administrator with tools to compare, analyze, query and report on the security and configuration of the network. Enterprise Security Reporter includes numerous ready-made and customizable reports, with output in eight popular file formats. 30 day free trial download (Discovery Console, Enterprise Security Reporter's Discovery Console can be installed on Windows 2000/XP/2003 and requires MSDE or SQL Server 2000 or higher.) Tags: Security Administration, Security Administration, Security Administration, Security Administration

Cutting-edge technology from premium sponsors

The Roots for a
Greener World

What are
Eco-Products? »

View Featured
Eco-Products »

Brought to you by:

More Tech Showcases:

Juniper Networks
Hitachi Eco-Products

IDC's Powering the Enterprise Cloud Event 2009

12 Nov - 17 Dec 2009

Grand Copthorne Waterfront Hotel, Singapore

Cloud Computing Summit 2009

9 Dec 2009

Hong Kong Convention and Exhibition Center

4th Annual GovTech 2010

27 - 28 Jan 2010

Amara Hotel, Singapore

ZDNet Asia Top Tech 50 Index

AT&T

Asustek

Canon

Convergys

Ericsson

Hewlett-Packard

Infosys

LogicaCMG

NTT

Samsung

SingTel Group

Toshiba

Xerox

Accenture

Atos Origin

Capgemini

Dell

France Telecom

Hitachi

Intel

Microsoft

Nokia

Satyam Computer Services

Sony

Verizon Communications

ZTE

Alcatel-Lucent

British Telecom

China Mobile

Deutsche Telekom

Fujitsu

Huawei Technologies

LG Electronics

Motorola

Oracle

Seagate Technology

Sun Microsystems

Western Digital

Apple

CSC

Cisco Systems

EMC

Google

IBM

Lenovo Group

NEC

SAP

Siemens IT Solutions & Services

Tata Consultancy Services

Wipro

ZDNet Asia's Top Tech Index will be next updated in 2010.

The Roots for a Greener World
Discover Hitachi's Environmental Vision 2025 and featured Eco-Products

The Desktop Virtualization Revolution is here!
Find our more with Citrix Simplicity is Power

Master in Organisational Leadership
Part-time masters program from Monash University. Find out more.

Lack of visibility into network issues and performance?
Find out today. Download SolarWinds FREE 30-Day Trial Software here.

IT Salary & Skills Report 2009
Join activeTechPros for free access to the report

More from CBS Interactive

CBS Interactive Inc Sites

About ZDNet Asia |

About CBS Interactive |

ZDNet Asia editorial calendar |

Advertise with us |

Jobs |

Partnership |

Contact Us |

CNET Direct |

CNET Asia |

CNET Asia mobile |

Sitemap

ZDNet.com |

ZDNet Japan |

ZDNet.de |

CNET UK |

CNET.de |

Tech Republic |

BNET |

MP3.com |

activeTechPros |

ZDNet UK |

ZDNet Korea |

ZDNet France |

CNET Australia |

CNET France |

Download.com |

Builder |

GameSpot

ZDNet Australia |

ZDNet Taiwan |

CNET |

CNET Taiwan |

News.com |

Silicon.com |

TV.com |

GameSpot Korea

News | Insight | Reviews | TechGuides | Jobs | Blogs | Videos | Community | Downloads | IT Library |

Get RSS feeds

Security

Featured Whitepapers

Member Login

The Roots for aGreener World

ZDNet Asia Top Tech 50 Index

The Roots for a
Greener World