Qmunity: Your Colleagues. Your Connections. Your Content.
Sign in
|
Join
|
Help
|
NetIQ.com
H
OME
B
LOGS
F
ORUMS
N
OTIFICATIONS
G
ROUPS
N
ETIQ
S
UPPORT
Security Web
»
All Tags
»
Compliance
(
RSS
)
Security Web
Home
Contact
Follow Us
Follow us on Twitter
Follow us on Facebook
Syndication
RSS for Posts
Atom
RSS for Comments
Email Notifications
Go
Recent Posts
Can Compliance Provide Good Enough Security?
Is BYOD Now a Done Deal?
Consumer Cloud Services Have Gained a Poor Reputation for Security. Is it Justified?
Putting the “Who” in Your Who-Dunnit
Getting to Lower Risk without Breaking the Bank (or your Back!)
Tags
Access Control
BYOD
Cloud
Cloud Computing
cloud security
Compliance
Data Breach
Data Security
David Shephard
Geoff Webb
IAM
Identity and Access Management
IdM
IT process automation
IT Security
JeffCutler
Michael F. Angelo
NetIQ
PCI DSS
Renee Bradshaw
RSA
SaaS
Security
Security Web
SIEM
View more
Archives
May 2013 (5)
April 2013 (5)
March 2013 (3)
December 2012 (3)
November 2012 (8)
October 2012 (6)
September 2012 (6)
August 2012 (16)
July 2012 (5)
May 2012 (2)
March 2012 (8)
February 2012 (2)
January 2012 (2)
December 2011 (2)
November 2011 (2)
October 2011 (3)
July 2011 (7)
June 2011 (7)
May 2011 (7)
April 2011 (13)
March 2011 (6)
February 2011 (6)
December 2010 (2)
November 2010 (3)
October 2010 (1)
September 2010 (1)
August 2010 (4)
July 2010 (2)
June 2010 (7)
May 2010 (3)
April 2010 (3)
March 2010 (9)
February 2010 (4)
January 2010 (1)
December 2009 (1)
November 2009 (1)
October 2009 (1)
September 2009 (2)
August 2009 (3)
July 2009 (3)
June 2009 (3)
May 2009 (5)
April 2009 (7)
March 2009 (6)
February 2009 (8)
January 2009 (10)
Access
Access Management
Audit
Audit Reporting
Auditors
Audits
Automation
Big Data
Breach
Breaches
Bring Your Own Device
BYOD
Change Control
Change Guardian
CISO
Cloud
Cloud Computing
cloud security
Compliance Automation
Continuous Monitoring
corporate risk
Credit Card Data
Data Breach
Data Breach Report
Data Breaches
Data Protection
Data Security
David Shephard
Deloitte
Deprovisioning
File Integrity Monitoring
FIM
Forrester Research
Gartner
Geoff Webb
hacker
hacking
Healthcare
Heartland
Heartland Breach
HIPAA
IAM
Identity
Identity and Access Management
Identity Management
IdM
Information Security
InfoSec
InfoSec11
InfoSecurity
Insider Attack
Internet Kill Switch
iPad
ISO 27000
IT Security
IT Audit
IT Budget
IT process automation
IT Security
IT Staffing
JeffCutler
Mandate
Michael Colson
Michael F. Angelo
Mike Chapple
Mobile
Mobile Computing
Mobile Devices
Mobile Security
NERC
NERC CIP
NetIQ
Novell
PA-DSS
password policy
PCI
PCI DSS
PCI Standard
PCI Standards Council
PCI-DSS
Public Cloud
regulation
Regulations
Renee Bradshaw
Risk
risk assessment
Risk Management
SC Magazine
Secure Configuration Manager
Security
Security Breach
Security Management
Security Policy
Security Web
SIEM
SOX
Standard of Good Practice
user monitoring
Verizon Breach Report
Virtualization
Can Compliance Provide Good Enough Security?
Compliance with legislation is mandatory for a company planning to operate in a particular territory – this includes supra-national organisations such as the EU . However, compliance with security legislation is often complex and usually expensive...
Published
Mon, May 05 2013 9:10 AM
by
David Shephard
Filed under:
Credit Card Data
,
Geoff Webb
,
NetIQ
,
Cloud Computing
,
Compliance
,
HIPAA
,
File Integrity Monitoring
,
SOX
,
regulation
,
legislation
,
PCI-DSS
,
IT Security
,
Audit
,
EU
,
David Shephard
,
Breaches
,
Security Web
Is BYOD Now a Done Deal?
We like to think of Bring Your Own Device (BYOD) as a new phenomenon but nothing could be further from the truth. In the 1980s when the PC was introduced, employees started buying them on departmental budgets and running spreadsheets because of the difficulty...
Published
Wed, May 05 2013 9:22 AM
by
David Shephard
Filed under:
Data Breach
,
Compliance
,
Cloud
,
iPad
,
BYOD
,
Bring Your Own Device
,
David Shephard
,
Security Web
,
PC
,
Salesforce.com
,
Lotus 1-2-3
Consumer Cloud Services Have Gained a Poor Reputation for Security. Is it Justified?
For most consumers, Dropbox has established itself as the go-to name for online storage. It’s fast to set up, easy to use, and is cross-platform. What’s not to like? For IT admins, cloud services aimed at consumers fall short in many areas...
Published
Wed, Apr 04 2013 2:02 PM
by
David Shephard
Filed under:
Encryption
,
NetIQ
,
Cloud Computing
,
Compliance
,
cloud security
,
IT Security
,
DropBox
,
Two Factor Authentication
,
David Shephard
,
Security Web
,
IDG Connect
,
SSL
,
Consumer Cloud
Putting the “Who” in Your Who-Dunnit
In today's world, just managing identities isn't enough for most organizations anymore. With increasing regulations both internally and externally, automated provisioning and deprovisioning is just the beginning of what any identity management...
Published
Fri, Nov 11 2012 8:47 AM
by
Wes Heaps
Filed under:
Compliance
,
user monitoring
,
IT Security
,
Identity
,
Identity Management
,
SIEM
,
Identity and Access Management
,
Identity-Centric
,
Provisioning
,
Access Management
,
Security Information and Event Management
,
Identity is the Foundation
,
Security Intelligence
,
Deprovisioning
,
Breaches
,
Wes Heaps
,
Security Web
Getting to Lower Risk without Breaking the Bank (or your Back!)
There’s been a siege mentality in the security community for a while now. Day after day of highly visible and damaging breaches, coupled with a steady diet of security vendor “quick fixes”, have left us battle weary, and oh-so jaded...
Published
Wed, Nov 11 2012 1:57 PM
by
Renee Bradshaw
Filed under:
Cloud Computing
,
Compliance
,
InfoWorld
,
Risk Management
,
Verizon Breach Report
,
Data Security
,
File Integrity Monitoring
,
FIM
,
Password
,
Data Breach Report
,
IT Security
,
Cloud
,
Public Cloud
,
Risk
,
IT Budget
,
Information Security
,
Renee Bradshaw
,
Cloud Data
,
Cloud-Based Data
,
Mobile Devices
,
Data Breaches
,
Mobile Security
,
Passwords
,
Compliance Automation
,
Best Practice
,
Mobile Computing
,
IT Security
,
IT Staffing
,
Breaches
,
Continuous Monitoring
,
Eric Knorr
,
Security Web
2013: The Year of Continuous, Real-time Threat Monitoring in Business Context
2013 Prediction: Threat detection and management will be required to monitor continuously and in business context with regard to level of risk. Given the rapid change, information requirements, environment complexity, growing devices, explosive data growth...
Published
Tue, Nov 11 2012 9:02 AM
by
Michele Hudnall
Filed under:
Heartland Breach
,
Change Control
,
Compliance
,
Heartland
,
Gartner
,
Risk Management
,
Verizon Breach Report
,
Data Security
,
Vulnerability
,
Threat
,
Log Files
,
Certification
,
Breach
,
IT Audit
,
Security Management
,
Security Breach
,
Access
,
SIEM
,
Outage
,
Data Breaches
,
ZDNet
,
Big Data
,
BYOD
,
Threat Detection
,
security incidents
,
Compliance Automation
,
Bring Your Own Device
,
'Anton Chuvakin'
,
IT Security
,
Michele Hudnall
,
Huff Post Live
,
Analytics
,
Breaches
,
BSM
,
Business Service Management
,
Continuous Monitoring
,
DevOpsSec
,
Networkworld
,
DHS
,
Availability
,
Department of Homeland Security
,
Threat Monitoring
,
Security Web
Cloud Security Starts at Home
The cloud can bring great benefits to your business, yet there is little doubt that it can also affect the security of your sensitive data and systems. It introduces huge complexity to your IT environment, leading to increased risks of breach or compliance...
Published
Tue, Nov 11 2012 9:35 AM
by
Renee Bradshaw
Filed under:
Security
,
Compliance
,
cloud security
,
Cloud
,
Risk
,
Breach
,
Renee Bradshaw
,
Automation
,
Security Intelligence
,
IT Environment
,
Security Web
Compliance & Regulations - Not Shielding You from Breaches
In speaking with many IT Security Managers, CISOs and system administrators over the last year, I know that more industry regulations, breach notification requirements, and increasing penalties haven’t shielded anyone from experiencing a serious...
Published
Wed, Oct 10 2012 9:06 AM
by
Renee Bradshaw
Filed under:
NetIQ
,
Compliance
,
Secure Configuration Manager
,
Security Policy
,
IT Security
,
CISO
,
Renee Bradshaw
,
Provisioning
,
BYOD
,
Michael Colson
,
Mobile Computing
,
IT Staffing
,
System Administrator
,
Deprovisioning
,
Breaches
,
Security Web
10 IT Security Considerations - No.5 Manage Risk
This is part of a blog series. For more details, start with the intro . Manage risk appropriately, not compliance If it was all about compliance, we wouldn’t be hearing about the constant data breaches supposedly PCI compliant organisations keep...
Published
Mon, Sep 09 2012 9:29 AM
by
Ian Yip
Filed under:
PCI DSS
,
Compliance
,
Risk Management
,
IT Security
,
Risk
,
Information Security
,
Audits
,
Ian Yip
,
Trust
,
Security Web
Security a Top Concern for Healthcare Providers Implementing Mobile Solutions
If we look back a couple of years Gartner was saying that healthcare CIOs needed to take immediate steps toward implementing a sound wireless and mobile device strategy . I’m not convinced that those CIOs listened to Gartner. Rather, in my humble...
Published
Fri, Aug 08 2012 7:04 AM
by
David Shephard
Filed under:
Access Control
,
NetIQ
,
Compliance
,
Gartner
,
Regulations
,
IT Security
,
CIO
,
IAM
,
Novell
,
IdM
,
Identity Management
,
Identity and Access Management
,
iPad
,
Identity Manager
,
Mobile Devices
,
Mobile Security
,
Access Manager
,
BYOD
,
Smartphone
,
Healthcare
,
Bring Your Own Device
,
HIMSS Conference
,
Hospital
,
Remote Care Treatment
,
Netherlands
,
Porter Research
,
TMDi
,
Physicians
,
Information Systems
,
Wireless Medical Devices
,
Arkin
,
Patients
,
EMR
,
Security Mandates
,
Electronic Medical Records
,
Billian's HealthDATA
,
David Shephard
,
Mobile Computing
,
Nurses
,
Mobility Strategy
,
Monitoring Devices
,
Doctors
,
Security Web
Seussian Adventures in BYOD
Funny things happen when you’ve had a long day of work at a security software company and then go home and read “The Cat in the Hat” to the kids at bedtime. After I’ve been chatting all day with beleaguered IT managers about their...
Published
Wed, Aug 08 2012 12:56 PM
by
Renee Bradshaw
Filed under:
Security
,
Data Breach
,
Change Control
,
Compliance
,
Secure Configuration Manager
,
Risk Management
,
Regulations
,
File Integrity Monitoring
,
user monitoring
,
regulation
,
Consumerization
,
IT Security
,
Renee Bradshaw
,
Requirements
,
Audits
,
Monitoring
,
Security Breach
,
SIEM
,
Identity and Access Management
,
Sentinel
,
Change Guardian
,
Mobile Devices
,
Data Breaches
,
Mobile Security
,
Audit Reporting
,
BYOD
,
risk assessment
,
Healthcare
,
Cisco
,
Fortinet
,
Bring Your Own Device
,
Thing 2
,
iHealthBeat
,
Notify Technology
,
Osterman Research
,
Dr Suess
,
Thing 1
,
Security Web
You’re Fired!
A colleague sent me a reference to a posting recently where after reading the first paragraph, I immediately burst into laughter. Without calling the writer out (which is not the point), I’ll just state that it questioned the purpose and effectiveness...
Published
Wed, Aug 08 2012 5:29 PM
by
Michael Colson
Filed under:
Security
,
Data Breach
,
Compliance
,
Data Security
,
regulation
,
Information Security
,
Audit
,
hacker
,
password policy
,
corporate risk
,
Mandate
,
policy
,
PwC
,
Michael Colson
,
Vulnerabilities
,
Security Awareness Training
,
Procedure
,
Job Security
,
Security Posture
,
Environment
,
PricewaterhouseCoopers
,
Privacy Practices
,
Security Web
Security & Legal Confusion
As some have noticed, I have been holding off on posting over the past six months. This is because I have become confused with respect as to what to comment on and what to motivate changes for. If we look at the areas I typically track (certifications...
Published
Thu, Aug 08 2012 9:02 AM
by
Michael F. Angelo
Filed under:
Compliance
,
Microsoft
,
NIST
,
hacking
,
Michael F. Angelo
,
Internet Kill Switch
,
Certification
,
Common Criteria
,
NIAP
,
Common Criteria Certification
,
security incidents
,
cyber legislation
,
security technology
,
cyber security
,
civil liability
,
risk assessment
,
key validation
,
Council on Critical Infrastructure Components
,
S3414
,
CBW
,
quantum cryptography
,
EAL
,
National Cyber Security Council
,
1024 bit
,
evaluation assurance levels
,
cryptographic analysis tools
,
S.3414
,
Cyber Security Act of 2012
,
Mat Honan
,
Security Web
Managing Your IT Resources for Continuous Compliance
If you’re like me, you’re confused about the current state of the IT job market. A quick Internet search yields conflicting and discouraging headlines, such as: “IT Job Market Sees Improvement in 2012” “IT Job Market Shows...
Published
Wed, Aug 08 2012 8:41 AM
by
Renee Bradshaw
Filed under:
IT process automation
,
PCI DSS
,
SCAP
,
PCI Standards Council
,
Compliance
,
Policy Management
,
Secure Configuration Manager
,
HIPAA
,
PCI
,
Risk Management
,
PCI Standard
,
PA-DSS
,
Regulations
,
HIPPA: NERC CIP
,
SOX
,
NERC CIP
,
NERC
,
Standards
,
HITECH
,
regulation
,
PCI-DSS
,
IT Security
,
Standard of Good Practice
,
LinkedIn
,
Personally Identifiable Information
,
IT Budget
,
Security Certifications
,
IT Audit
,
Auditors
,
Security Management
,
Audit
,
Renee Bradshaw
,
Requirements
,
Audits
,
Automation
,
SIEM
,
Sentinel
,
Change Guardian
,
Audit Reporting
,
Sentinel 7
,
mandates
,
Mandate
,
Compliance Automation
,
Security Web
Compliance is dead. Long live Compliance!
A few weeks ago, as I was deleting bogus emails from a few friends whose accounts had been hacked and working with my bank to replace a credit card, I began reflecting on security and compliance over the past year and comparing that to trends I see coming...
Published
Thu, Aug 08 2012 9:18 AM
by
Michael Colson
Filed under:
Security
,
Data Breach
,
PCI DSS
,
Compliance
,
Verizon Breach Report
,
regulation
,
Information Security
,
Audit
,
Mike Colson
,
hacker
,
password policy
,
corporate risk
,
Mandate
,
Michael Colson
,
Security Web
1
2
3
Next >
Home
|
Terms of Use
|
Privacy Policy
|
NetIQ.com
|
Attachmate.com
NetIQ, an Attachmate Business