
	Home > Security Tips > Compliance Counselor > Separating fact from fiction: Security technologies for regulatory compliance

Security Tips:

EMAIL THIS

TIPS & NEWSLETTERS TOPICS

COMPLIANCE COUNSELOR

Separating fact from fiction: Security technologies for regulatory compliance

Diana Kelley
10.27.2005
Rating: --- (out of 5)

Digg This!

StumbleUpon

Del.icio.us

Diana Kelley, Burton Group analyst, presented this session at Information Security Decisions Fall 2005.

Many products tout "out-of-the-box" compliance capabilities for Sarbanes-Oxley, HIPAA and other regulations. SIM and ESM products, for instance, have introduced "snap-in" software modules designed to flag exceptions to security-oriented policy rules for various regulations. Vulnerability and configuration management products can be used to audit for the presence of security-related controls.

While there's no denying that technology can help automate the compliance process, purchasing a single tool that comes pre-configured for corporate compliance is not realistic. In this session, Burton Group analyst Diana Kelley explores what companies need to think about when creating policies for compliance and discusses selection criteria for some of the key technologies that aid in the process, such as documentation management, auditing and SIM tools. She also tackles the effectiveness of compliance "dashboards."

In addition to the specifics above, this presentation:

MORE INFORMATION

Visit our resource center for more tips and expert advice on regulatory compliance

View more presentations from some of the industry's foremost security practitioners

Learn more about Information Security Decisions

Shows you why compliance isn't a product
Demystifies compliance vendors' claims
Helps you create a compliance framework
Enables you to leverage tools and technologies for compliance

Download this presentation

Rate this Tip
To rate tips, you must be a member of SearchSecurity.com. Register now to start rating these tips. Log in if you are already a member.

BROWSE BY TAG

Compliance Counselor, Security Audit, Compliance and Standards, HIPAA, Sarbanes-Oxley Act, Gramm-Leach-Bliley Act (GLBA), FISMA, IT Security Audits, Technology, Tech strategy, Compliance, People & policy, Policy enforcement, Information Security Policies, Procedures and Guidelines, Enterprise Data Protection, Identity Theft and Data Security Breaches, Information Security Management, VIEW ALL TAGS

Digg This!

StumbleUpon

Del.icio.us

RELATED CONTENT

	Compliance Counselor
	Identity lifecycle management for security and compliance
	Interpreting 'risk' in the Massachusetts data protection law
	FTC Red Flags Rules: How to create an identity theft prevention plan
	Creating a HIPAA employee training program
	Data protection tips for corporate compliance leaders
	PCI DSS compliance requirements: Ensuring data integrity
	Understanding PCI DSS compliance requirements for log management
	Are 'strong authentication' methods strong enough for compliance?
	Strategies for using technology to enable automated compliance
	Common PCI questions: Web application firewalls or source code review?

HIPAA

Healthcare security spending remains sluggish, report shows

Creating a HIPAA employee training program

FTC extends breach notification to Web-based health repositories

Are there guidelines to create a HIPAA-compliant data center?

HHS HIPAA guidance on encryption requirements and data destruction

Writing a patient identifier policy to prevent common HIPAA violations

HIPAA compliance: New regulations change the game

HIPAA compliance manual: Training, audit and requirement checklist

Key elements of a HIPAA compliance checklist

Quiz: How to meet HIPAA compliance requirements

HIPAA Research

Sarbanes-Oxley Act

SOX compliance burdens midmarket security teams

Ex-SEC chief Pitt decries state of Sarbanes-Oxley, risk management

Information security book excerpts and reviews

Internal audits for Sarbanes Oxley and internal IT support

Internal auditors and CISOs mitigate similar risks

Implement security and compliance in a risk management context

Does password sharing in international branches violate SOX?

Consensus Controls project aims to set benchmarks for compliance

Security visualization helps make log files work

The Little Black Book of Computer Security, 2nd Edition

Sarbanes-Oxley Act Research

RELATED RESOURCES

2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems

Search Bitpipe.com for the latest white papers and business webcasts

Whatis.com, the online computer dictionary

DISCLAIMER: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.

Research Solutions for Network Security, Access Control and Security Threats

View this month\\'s issue and subscribe today.

Apply online for free conference admission.

SEARCH :

Site Index

TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.


TechTarget Corporate Web Site \| Media Kits \| Site Map All Rights Reserved, Copyright 2003 - 2009, TechTarget \| Read our Privacy Policy