Home > Security Tips > Compliance Counselor > Separating fact from fiction: Security technologies for regulatory compliance
Security Tips:
EMAIL THIS
 TIPS & NEWSLETTERS TOPICS 

COMPLIANCE COUNSELOR

Separating fact from fiction: Security technologies for regulatory compliance


Diana Kelley
10.27.2005
Rating: --- (out of 5)


Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   


Diana Kelley, Burton Group analyst, presented this session at Information Security Decisions Fall 2005.

Many products tout "out-of-the-box" compliance capabilities for Sarbanes-Oxley, HIPAA and other regulations. SIM and ESM products, for instance, have introduced "snap-in" software modules designed to flag exceptions to security-oriented policy rules for various regulations. Vulnerability and configuration management products can be used to audit for the presence of security-related controls.

While there's no denying that technology can help autom



ate the compliance process, purchasing a single tool that comes pre-configured for corporate compliance is not realistic. In this session, Burton Group analyst Diana Kelley explores what companies need to think about when creating policies for compliance and discusses selection criteria for some of the key technologies that aid in the process, such as documentation management, auditing and SIM tools. She also tackles the effectiveness of compliance "dashboards."

In addition to the specifics above, this presentation:

Download this presentation

Rate this Tip
To rate tips, you must be a member of SearchSecurity.com.
Register now to start rating these tips. Log in if you are already a member.




BROWSE BY TAG
Compliance Counselor,   Security Audit, Compliance and Standards,   HIPAA,   Sarbanes-Oxley Act,   Gramm-Leach-Bliley Act (GLBA),   FISMA,   Information Security Threats,   Identity Theft and Data Security Breaches,   IT Security Audits,   Technology,   Tech strategy,   Compliance,   People & policy,   Policy enforcement,   Information Security Policies, Procedures and Guidelines,   Identity Theft and Data Security Breaches,   Enterprise Data Protection,   Information Security Management,   VIEW ALL TAGS

Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   


RELATED CONTENT
Compliance Counselor
Common PCI questions: Web application firewalls or source code review?
PCI management: The case for Web application firewalls
The basics of enterprise GRC project management
PCI DSS: The structure of a standard
How to choose between source code reviews or Web application firewalls
HIPAA compliance: New regulations change the game
Data security best practices for PCI DSS compliance
Key elements of a HIPAA compliance checklist
A preview of PCI virtualization specifications
Strategies for email archiving and meeting compliance regulations

HIPAA
HIPAA compliance: New regulations change the game
HIPAA compliance manual: Training, audit and requirement checklist
Key elements of a HIPAA compliance checklist
Quiz: How to meet HIPAA compliance requirements
How to avoid HIPAA Social Security number compliance violations
HIPAA changes force healthcare to improve data flow
CVS pays $2.25 million HIPAA settlement
Is a lack of employee privacy a HIPAA violation?
Hacked dental school server compromises 300,000
What's the best strategy to catch up on HIPAA compliance quickly?
HIPAA Research

Sarbanes-Oxley Act
Ex-SEC chief Pitt decries state of Sarbanes-Oxley, risk management
Information security book excerpts and reviews
Internal audits for Sarbanes Oxley and internal IT support
Internal auditors and CISOs mitigate similar risks
Implement security and compliance in a risk management context
Does password sharing in international branches violate SOX?
Consensus Controls project aims to set benchmarks for compliance
Security visualization helps make log files work
The Little Black Book of Computer Security, 2nd Edition
RSA attendees see data classification, rights management projects stumble
Sarbanes-Oxley Act Research

RELATED RESOURCES
2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems
Search Bitpipe.com for the latest white papers and business webcasts
Whatis.com, the online computer dictionary

DISCLAIMER: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.



Research Solutions for Network Security, Access Control and Security Threats
More Security Resources for Resellers, VARs and OEMs
TechTarget Security Media
Information Security View this month\\'s issue and subscribe today.
Information Security Decisions Apply online for free conference admission.
SearchSecurity.com
HomeNewsMagazineMultimediaWhite PapersLearningAdviceTopicsEventsAbout Us
SEARCH :     Site Index Powered by: Search Powered by Google

About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.

TechTarget Corporate Web Site  |  Media Kits  |  Site Map




All Rights Reserved, Copyright 2003 - 2009, TechTarget | Read our Privacy Policy 		  TechTarget - The IT Media ROI Experts