Security Standards - IT Library : ZDNet Asia

Case Studies

Vendor Webcast

Show all content

Title Date Added Company

Oracle Applications 11i: Credit Cards and PCI Compliance Issues 2007-01-29 Integrigy

All Oracle Applications implementations that "Store, process, or transmit cardholder data" must comply with Payment Card Industry (PCI) Data Security Standard 1.1 regardless of size or transaction volume. The PCI Data Security Standard (DSS) 1.1 is a set of stringent security requirements for networks, network devices, servers, and applications. The standard details specific requirements in terms of security configuration and policies and all the requirements are mandatory. PCI DSS is focused on securely handling cardholder data, but also has a significant emphasis on general IT security. This paper will review the credit card processing features of Oracle Applications and will provide general guidance for Oracle Applications implementations on complying with relevant PCI DSS requirements.

Tags: Security Management

PCI Compliance: Are You Onboard? 2007-01-26 Tripwire

Payment Card Industry (PCI) establishes stringent standards on how merchants process, store or transmit cardholder data. These standards are a set of comprehensive security requirements that combine technology, policies, education, and awareness as well as industry best practices into an integrated framework. Adding to the compliance burden is the presence of "double jeopardy." Members are not only responsible for their own PCI DSS compliance, but also the compliance status of their Merchants and Service Providers across all payment channels, including in-store, mail/telephone-order, and e-commerce. PCI is a technical standard (not a regulation) that offers strong recommendations conforming to long-established security best practices.

Tags: Security Management

Live Webcast: Top Trends of 2007 Impacting VPN and Remote Access 2007-01-25 01:00:26 Positive Networks

This year the trends that are expected to have the greatest impact on businesses' VPN and remote access decisions include:

The proliferation of mobile devices and business users' demand for secure, anywhere-anytime access to corporate systems and data

Prioritization of initiatives to simplify regulatory compliance and reporting

Adoption of Windows Vista and growing concerns about Vista's compatibility with appliance-based VPNs

The Wi-max initiatives that are now underway in major metropolitan areas

An increasing awareness of the benefits of the Software-as-a-Service (SaaS) model

Increasing proliferation of two-factor authentication

Join Positive Networks' Jason Sloderbeck, VP of Security & Service Delivery, and Evan Conway, EVP of Channel Management, to learn about a secure and scalable VPN strategy that lets you leverage these and other technology trends to your advantage.

PLUS: Get your VPN strategy questions answered by leading industry experts during our live Q&A, moderated by James Hilliard of TechRepublic.
Pre-register today!

Note: This TechRepublic Webcast will be recorded and made available on an on-demand basis following the live event. So pre-register today—even if you're not sure you can attend on February 8th—and we'll notify you by e-mail when the on-demand version is available.

Meeting the 12 Rules of the PCI Data Security Standards: Employing CoreGuard to Meet Encryption and Access Control Requirements for Payment Card Industry (PCI) Standards 2007-01-22 Digital Pathways

Compliance with PCI (Payment Card Industry) data security requirements is a key initiative for any company that processes credit cards. PCI, an industry-wide adoption of Visa's CISP (Cardholder Information Security Program), is the credit card industry's standard for securing cardholder data. Visa's CISP and MasterCard's Site Data Protection standards merged into the PCI standard in December 2004. In Europe, compliance is mandatory, by June 2006, for any business that stores, processes, or transmits this data. The PCI guidelines provide a list of requirements to ensure that a company is providing the requisite level of security.

Tags: Security Management

Oracle Label Security - Best Practices for Government and Defense Applications 2007-01-17 Michigan State University

Units that accept payment (credit/debit) cards ("Merchant Units") must comply with this document and all the Payment Card Industry Data Security Standard (PCI DSS) requirements. Some of the PCI DSS requirements only apply to certain card processing environments. Therefore, the University has defined two types of card processing environments, based on the compliance efforts involved: simple and complex. A simple-compliance environment is defined as one where the Merchant Unit does not store, process or transmit cardholder data electronically.

Social Networking: Brave New World or Revolution from Hell? A look at the phenomenon of Social Networking and the implications for Businesses 2008-01-14 MessageLabs

According to recent surveys, employee social networking is growing rapidly, on hot sites such as Facebook, LinkedIn and more. Reactions among businesses vary widely, from outright bans on social networking to indecision to permissiveness. Learn the pros and cons of employee social networking, from forging new customer relationships to just plain goofing off. Also, learn how social networking is raising new challenges for enterprise security, as online criminals are exploiting social networking's openness and free-flowing information to launch highly targeted attacks on corporate networks. Finally, learn about the distinct advantages MessageLabs Web Services offer in addressing these challenges.

Tags: Network Security, Security Tools, Best Practices, Spyware, Security Management, Collaborative Web

Top 10 Reasons for Using Disk-based Online Server Backup and Recovery 2007-01-09 07:31:50 Iron Mountain Digital (LiveVault)

Data protection solutions that combine the latest advancements in disk-based backup with secure, integrated online technologies offer small and medium-sized businesses (SMBs) fast and assured data protection.

Learn the top ten reasons why SMBs are embracing online server backup and recovery for automatic, continuous backup, reliable server data disaster recovery and freeing limited technical staff for move value-driven tasks. Topics include:

Automatic and secure off-site electronic vaulting

Reliable data restores

Security for sensitive data

Ability to demonstrate regulatory compliance

Increased competitive advantage

Q4 Web Security Trends Report 2007-01-10 04:45:01 Finjan Software

Finjan's Malicious Code Research Centre (MCRC) is dedicated to the research and detection of web threats. This report describes recent specific incidents of sophisticated hacker attacks that take advantage of Web 2.0 technologies to embed malicious code in high-traffic web sites as well as including "in the wild" examples of malicious code and suggestions as to how companies can protect themselves.

Making Compliance Part of the 'IT DNA' 2007-01-08 Symantec

For today's enterprises, meeting the requirements of a variety of technical standards, IT governance frameworks, and laws related to security and administration has become a significant challenge. For today's enterprises, meeting the requirements of a variety of technical standards, IT governance frameworks, and laws related to security and administration has become a significant challenge. And as numerous industry experts have observed, the pressure to demonstrate compliance with such mandates will likely to increase in 2007.No one appreciates that better than the recently appointed Senior Director, Product Management, for Symantec's Compliance and Security Management group. A 14-year software industry veteran, likens today's compliance market to the security market of the mid-1990s.

Tags: Security Management

Malicious Intent: What Malware Writers are Planning Next 2007-06-11 15:19:04 Sophos

Malware authors are targeting smaller numbers of victims in attempts to sneak under the radar, and they're turning away from email-aware worms to other methods of infection like "ransomware"—holding users' files captive until demands for money are met! What are malware authors planning next?

With his access to tens of thousands of monitoring stations and analysis centers around the globe, Mark Harris, Global Director of SophosLabs, discusses how modern malware is composed, providing a glimpse into what you can expect with the next generation of threats.

This Sophos-sponsored TechRepublic Webcast, now available on demand, addresses these important security topics and more:

The top malware threats of 2006

What to expect with the next generation of malware

Best practices in threat protection

Listen today for practical tips and advice for combating the cybercrime that threatens your business' security and performance.

Jump to 1 2 3 4 5 6 7 8 [9] 10

Title	Date Added	Company
Oracle Applications 11i: Credit Cards and PCI Compliance Issues	2007-01-29	Integrigy
All Oracle Applications implementations that "Store, process, or transmit cardholder data" must comply with Payment Card Industry (PCI) Data Security Standard 1.1 regardless of size or transaction volume. The PCI Data Security Standard (DSS) 1.1 is a set of stringent security requirements for networks, network devices, servers, and applications. The standard details specific requirements in terms of security configuration and policies and all the requirements are mandatory. PCI DSS is focused on securely handling cardholder data, but also has a significant emphasis on general IT security. This paper will review the credit card processing features of Oracle Applications and will provide general guidance for Oracle Applications implementations on complying with relevant PCI DSS requirements. Tags: Security Management
PCI Compliance: Are You Onboard?	2007-01-26	Tripwire
Payment Card Industry (PCI) establishes stringent standards on how merchants process, store or transmit cardholder data. These standards are a set of comprehensive security requirements that combine technology, policies, education, and awareness as well as industry best practices into an integrated framework. Adding to the compliance burden is the presence of "double jeopardy." Members are not only responsible for their own PCI DSS compliance, but also the compliance status of their Merchants and Service Providers across all payment channels, including in-store, mail/telephone-order, and e-commerce. PCI is a technical standard (not a regulation) that offers strong recommendations conforming to long-established security best practices. Tags: Security Management
Live Webcast: Top Trends of 2007 Impacting VPN and Remote Access	2007-01-25 01:00:26	Positive Networks
This year the trends that are expected to have the greatest impact on businesses' VPN and remote access decisions include: The proliferation of mobile devices and business users' demand for secure, anywhere-anytime access to corporate systems and data Prioritization of initiatives to simplify regulatory compliance and reporting Adoption of Windows Vista and growing concerns about Vista's compatibility with appliance-based VPNs The Wi-max initiatives that are now underway in major metropolitan areas An increasing awareness of the benefits of the Software-as-a-Service (SaaS) model Increasing proliferation of two-factor authentication Join Positive Networks' Jason Sloderbeck, VP of Security & Service Delivery, and Evan Conway, EVP of Channel Management, to learn about a secure and scalable VPN strategy that lets you leverage these and other technology trends to your advantage. PLUS: Get your VPN strategy questions answered by leading industry experts during our live Q&A, moderated by James Hilliard of TechRepublic. Pre-register today! Note: This TechRepublic Webcast will be recorded and made available on an on-demand basis following the live event. So pre-register today—even if you're not sure you can attend on February 8th—and we'll notify you by e-mail when the on-demand version is available.
Meeting the 12 Rules of the PCI Data Security Standards: Employing CoreGuard to Meet Encryption and Access Control Requirements for Payment Card Industry (PCI) Standards	2007-01-22	Digital Pathways
Compliance with PCI (Payment Card Industry) data security requirements is a key initiative for any company that processes credit cards. PCI, an industry-wide adoption of Visa's CISP (Cardholder Information Security Program), is the credit card industry's standard for securing cardholder data. Visa's CISP and MasterCard's Site Data Protection standards merged into the PCI standard in December 2004. In Europe, compliance is mandatory, by June 2006, for any business that stores, processes, or transmits this data. The PCI guidelines provide a list of requirements to ensure that a company is providing the requisite level of security. Tags: Security Management
Oracle Label Security - Best Practices for Government and Defense Applications	2007-01-17	Michigan State University
Units that accept payment (credit/debit) cards ("Merchant Units") must comply with this document and all the Payment Card Industry Data Security Standard (PCI DSS) requirements. Some of the PCI DSS requirements only apply to certain card processing environments. Therefore, the University has defined two types of card processing environments, based on the compliance efforts involved: simple and complex. A simple-compliance environment is defined as one where the Merchant Unit does not store, process or transmit cardholder data electronically.
Social Networking: Brave New World or Revolution from Hell? A look at the phenomenon of Social Networking and the implications for Businesses	2008-01-14	MessageLabs
According to recent surveys, employee social networking is growing rapidly, on hot sites such as Facebook, LinkedIn and more. Reactions among businesses vary widely, from outright bans on social networking to indecision to permissiveness. Learn the pros and cons of employee social networking, from forging new customer relationships to just plain goofing off. Also, learn how social networking is raising new challenges for enterprise security, as online criminals are exploiting social networking's openness and free-flowing information to launch highly targeted attacks on corporate networks. Finally, learn about the distinct advantages MessageLabs Web Services offer in addressing these challenges. Tags: Network Security, Security Tools, Best Practices, Spyware, Security Management, Collaborative Web
Top 10 Reasons for Using Disk-based Online Server Backup and Recovery	2007-01-09 07:31:50	Iron Mountain Digital (LiveVault)
Data protection solutions that combine the latest advancements in disk-based backup with secure, integrated online technologies offer small and medium-sized businesses (SMBs) fast and assured data protection. Learn the top ten reasons why SMBs are embracing online server backup and recovery for automatic, continuous backup, reliable server data disaster recovery and freeing limited technical staff for move value-driven tasks. Topics include: Automatic and secure off-site electronic vaulting Reliable data restores Security for sensitive data Ability to demonstrate regulatory compliance Increased competitive advantage
Q4 Web Security Trends Report	2007-01-10 04:45:01	Finjan Software
Finjan's Malicious Code Research Centre (MCRC) is dedicated to the research and detection of web threats. This report describes recent specific incidents of sophisticated hacker attacks that take advantage of Web 2.0 technologies to embed malicious code in high-traffic web sites as well as including "in the wild" examples of malicious code and suggestions as to how companies can protect themselves.
Making Compliance Part of the 'IT DNA'	2007-01-08	Symantec
For today's enterprises, meeting the requirements of a variety of technical standards, IT governance frameworks, and laws related to security and administration has become a significant challenge. For today's enterprises, meeting the requirements of a variety of technical standards, IT governance frameworks, and laws related to security and administration has become a significant challenge. And as numerous industry experts have observed, the pressure to demonstrate compliance with such mandates will likely to increase in 2007.No one appreciates that better than the recently appointed Senior Director, Product Management, for Symantec's Compliance and Security Management group. A 14-year software industry veteran, likens today's compliance market to the security market of the mid-1990s. Tags: Security Management
Malicious Intent: What Malware Writers are Planning Next	2007-06-11 15:19:04	Sophos
Malware authors are targeting smaller numbers of victims in attempts to sneak under the radar, and they're turning away from email-aware worms to other methods of infection like "ransomware"—holding users' files captive until demands for money are met! What are malware authors planning next? With his access to tens of thousands of monitoring stations and analysis centers around the globe, Mark Harris, Global Director of SophosLabs, discusses how modern malware is composed, providing a glimpse into what you can expect with the next generation of threats. This Sophos-sponsored TechRepublic Webcast, now available on demand, addresses these important security topics and more: The top malware threats of 2006 What to expect with the next generation of malware Best practices in threat protection Listen today for practical tips and advice for combating the cybercrime that threatens your business' security and performance.

Security

Featured Whitepapers

Member Login

Webcast: Maximizing Data Protection with Disk-Based Backup

HP Simply StorageWorks D2D Backup System

Industry Watch: Healthcare