IT GRC Forum

FacebookJoin our Linkedin Group!Follow us on Twitter!Subscribe to our Feeds!

Voltage WPProtecting Sensitive Data in Hadoop

Hadoop is a unique architecture designed to enable organizations to gain new analytic insights and operational efficiencies through the use of multiple standard, low-cost, high-speed, parallel processing nodes operating on very large sets of data. The resulting flexibility, performance and scalability are unprecedented. But data security was not the primary design goal.

Read more...
 

Data SheetData Sheet: Threat and Vulnerability Management

Streamline and accelerate threat and vulnerability lifecycle management across all assets, including those in cloud and virtualized environments.

Read more...
 

Voltage WPData Sheet: Voltage SecureData Suite for Test/Dev

Generating data for test and development environments presents serious challenges for enterprise security and risk management. When data is copied from production databases and used directly for test/development, large volumes of private data accumulate on unprotected servers and workstations. The use of outsourced and offshore QA and development services further increases the risks. An alarming number of data breaches, along with complex regulatory compliance requirements, highlight the need to de-identify sensitive data when moving from production to test, development, and training environments.

Read more...
 

Data SheetData Sheet: Bringing GRC Federation into IT Security

GRC, by definition, involves bringing together governance, risk and compliance disciplines from across an increasingly complex, extended enterprise with deep interlocks to customer and supplier eco-systems. While it's not realistic to expect organizations to converge on a common set of GRC processes across this complex landscape, there is huge value in taking a federated approach to GRC that leverages the common risk elements from each business unit, IT and security teams, and management of third parties.

Read more...
 

Coalfire WPSEC Cybersecurity Guidance... Critical Disclosure Considerations

SEC Cyber Risk Guidance Overview and SEC Cyber Risk Disclosure Issues.

Read more...
 

ArticleArticle: IT Risk Is Not About IT – It's About the Business

What to do: Be curious, ask questions about how risk is measured, educate yourself and your teams, and reflect back to your stakeholders on how IT components figure into the risk equation.

Read more...
 

SeagateFive Security and Risk Management Questions to Ask Your Cloud Provider

For many CIOs and IT managers, the benefits of moving to the cloud—increased efficiency, reduced cost, excellent scalability, pay-as-you-go pricing, the latest technology without the capital expense—are offset by concerns about security and service quality.

Read more...
 

Prime FactorsFive Key Management Fundamentals for Unlocking Encryption Success

Prime Factors spoke with some of the best minds in data security to get their take on what kinds of data encryption management problems customers run into. They identified several common threats to key management and secure data access which they see over and over again, That advice is condensed and organized here for professionals responsible for effectively protecting sensitive data in their enterprises.

Read more...
 

Inside SecureInside Secure WP: EMV migration in the US: how to choose the best suited OS?

In the payment market, chip card providers are optimizing the hardware offer alongside with software to minimize production costs. The choice of an OS to run EMV cards is one of the most important for financial institutions, as it directly impacts the overall personalization and issuance costs.

Read more...
 

Prime FactorsPrime Factors WP: PINs: PIN Technology and Management

PINs (Personal Identification Numbers) are those ubiquitous numbers we all know. They are used to authenticate cardholders, protecting personal accounts and issuers from fraudulent activities. The technology used in the creation, use, and management of PINs can be overwhelming and confusing.

Read more...
 

Voltage SecuritySuccess Story: Top 5 Global Internet Retailer

A top five, global, Internet retailer faced several challenges as it sought to comply with PCI DSS requirements, enhance its data security beyond the level typically achieved by complying with those requirements, and create a next generation, flexible and scalable security platform to support company growth. The retailer also needed to ensure the business continuity of its existing systems to maintain uninterrupted sales and cash flow.

Read more...
 

Prime FactorsPrime Factors WP: Best Practices for Anonymizing Data in Development and QA Testbeds

Practices for IT development and quality assurance have foundations that extend much further back than the original invention of information technology.

Read more...
 

CoalfireWhite Paper: HIPAA and HITRUST - FAQ

The objective of this document is to provide guidance to Covered Entities, Business Associates, and subcontractors (as defined by HIPAA), and to assist in identifying the best overall approach to becoming compliant and secure in the healthcare industry.

Read more...
 

CoalfireRisk Analysis versus Risk Assessment... What's the Difference?

Risk analysis.....risk assessment.....compliance assessment. Are these concepts as confusing to you as they are for most IT professionals?

Read more...
 
  • «
  •  Start 
  •  Prev 
  •  1 
  •  2 
  •  3 
  •  4 
  •  5 
  •  6 
  •  7 
  •  8 
  •  9 
  •  10 
  •  Next 
  •  End 
  • »
Page 1 of 22

  Most Popular | All