Security Management Strategies for the CIOAccess "Viewpoint: Let's add policy to GRC"
This article is part of the May 2008 issue of Seven questions to ask before committing to SaaS
How Do You Spell Data Governance? P-o-l-i-c-y Regarding the Perspectives column by Julie Tower-Pierce ("Think Like a Lawyer," March 2008) there is a very crucial word missing: policy. One of the most important aspects of any healthy e-discovery strategy is policy governing how data is handled, retained, destroyed and retrieved. Without standing policy (i.e., one you did not create after being served a subpoena) that spells out how your organization handles its data, you will find yourself on the very wrong end of a judge's orders requiring the (very expensive) production of records...and perhaps in need of refreshing your resume...or worse. Stephen Yelick Information technology security administrator, Macomb County, Mich. Open Source Does the Job I just finished reading "Encrypt Them All" (February 2008), and I have to admit that I am surprised that the open source solution, TrueCrypt, was never mentioned. We have been using SecureDoc for many years and recently decided to give TrueCrypt a try as an alternative. I must admit, I was thoroughly surprised. ... Access >>>
Access TechTarget
Premium Content for Free.
What's Inside
Features
-
-
SaaS Offering Handles SSO
TechFocus: New Password Hell?
- Viewpoint: Let's add policy to GRC
-
Product review: CodeArmor 2.2 for Microsoft .NET
APPLICATION SECURITY
-
Security Services: Webroot Email Security SaaS
At Your Service
-
Identity Management Suites Enable Integration, Interoperability
IDENTITY MANAGEMENT Feature-rich product suites are putting a face on integration and interoperability.
-
SaaS Offering Handles SSO
-
-
Secure Computing SafeWord 2008 product review
Secure Computing SafeWord 2008 delivers identity management and access control for Windows systems using tokens that generate secure single-use passcodes. Information Security magazine reviews these capabilities.
-
7 Security Questions to Ask Your SaaS Provider
Outsourcing software as a service (SaaS) puts control over an organization's applications in the hands of others. Learn what questions to ask your provider, how to define security policies, how to understand how service providers handle security and ensure enforcement of policies.
-
Product review: Symantec Database Security 3.1
DATABASE SECURITY
-
5 Steps for Developing Strong Change Management Program Best Practices
Poor change control and configuration management can affect the security of your systems and networks. Follow these five steps for a strong change management program.
-
Product review: Mandiant Intelligent Response 1.0
INCIDENT RESPONSE
-
Secure Computing SafeWord 2008 product review
-
Columns
-
Interview: Jim Kirkhope of NCR
PING: Jim Kirkhope
-
Face-Off: Is vulnerability research ethical?
Bruce Schneier and Marcus Ranum debate the ethics of vulnerability research
-
Reasearch on Coding Backdoors Presents Ugly Picture
Editor's Desk: Backdoor Bedlam
-
Security, Privacy Offices Must Combine Resources
Perspectives: Nowhere to Hide
-
Interview: Jim Kirkhope of NCR
More Premium Content Accessible For Free
Unlock new pathways to network security architecture
E-Zine
Network security architecture is showing its age at many organizations. With new technology, different data types, and use of multi-generations of ...
Emerging threat detection techniques and products
E-Handbook
Advanced persistent threat (APT) has been a used and abused term in the security industry, but security experts say targeted attacks are a growing ...
The rapid evolution of MDM solutions
E-Zine
Mobile device management (MDM) continues to grow at a feverish pace, both in terms of adoption and mobile security features. BYOD policies, and the ...