Email Alerts
-
Quiz: Must-have compliance technologies
A five-question multiple-choice quiz to test your understanding of the content presented by expert Trent Henry in this lesson of SearchSecurity.com's Compliance School. Quiz
-
PCI assessor and CISO: Work together for the best PCI ROC
In a session at the SOURCE Boston conference, a PCI assessor and a CISO explain that there are ways to arrive at a report on compliance they can both appreciate. News | 19 Apr 2012
-
New Jersey bank fined $1 million for BSA violations
FinCEN penalty against Pamrapo Savings Bank comes two months after the bank pleaded guilty to conspiracy to violate the Bank Secrecy Act. Article | 03 Jun 2010
-
PCI DSS checklist: Mistakes and problem areas to avoid
Experts share lessons learned by midmarket companies trying to comply with PCI DSS in areas such as self assessment questionnaires, encryption, policy creation and application security Article | 26 Jan 2010
-
Avoid compliance mistakes as you outsource
Providers may be required to be compliant with PCI, but that doesn't liberate merchants from liability in the event of a breach. Article | 06 Jul 2009
-
PCI 6.6 Web application security mandates burden smaller companies
Expensive source code reviews, or complex Web application firewalls, are required for PCI compliance, but many midmarket companies don't have the money or expertise to buy and run these tools. Article | 01 Jul 2009
-
Choosing the best security certifications for your career
Whether starting your career or planning your next step as an IT security professional, this tip will guide you toward the best certifications for your interests and experience. Tip
-
Security management plan reveals essential business security upgrades
As companies create their security management plan for the coming year, they should look to upgrades in Linux and Windows operating systems, Adobe applications and Internet browsers to improve their overall security position. Tip
-
PCI DSS 2.0 and virtualization compliance for SMBs
PCI DSS 2.0, which debuts this month, includes key changes for SMBs in the areas of virtualization and vulnerability assessments. Expert Mike Chapple details the changes and explains what midmarket firms must do to comply. Tip
-
PCI DSS requirement: Maintaining a vulnerability management program
The third PCI DSS focus area requires antivirus software, secure coding practices, patch management and change control processes be in place. Tip
-
How to create a compliance, audit program
When it became difficult for everyone to keep up with internal audit obligations, Diane Kissel, IS risk and compliance manager at the facility, helped create a compliance program. Tip
-
PCI DSS requirement: Building and maintaining a secure network
The first PCI focus area requires a set of documented configuration standards, perimeter and endpoint protection. Tip
-
Encryption basics: How asymmetric and symmetric encryption works
Before you encrypt your files, emails and Web transactions, make sure you know the cryptography basics. Tip
-
Five things to do before your first PCI DSS compliance audit
Put these steps in motion before your organization's first PCI DSS compliance audit. Tip
-
How to choose an external compliance auditor
Headed for a PCI DSS, HIPAA or Sarbanes-Oxley audit? Picking the right auditor is a key decision; select one who becomes a business partner, ally and educator. Tip
-
PCI DSS: Writing an information security policy
The final set of PCI requirements relates to maintaining a security policy, and also addresses awareness training, personnel screening and managing service provider relationships. Tip
- See more Tips on Audit and compliance planning
-
Inside Ryder Truck Rental's PCI compliance project
In 2007, Julio Gonzalez, director of IT, GRC and network operations at Ryder Truck Rental, kicked off a PCI project aimed at addressing any credit card exposures. Podcast
-
Bringing compliance under control
Regulatory and contractual compliance are key considerations for all enterprises. And there's no shortage of vendors claiming to have the silver bullet for solving compliance woes. This lesson will explore which technologies really work. Video
-
Fact or fiction: Building upon existing compliance infrastructure
In a fast-paced "fact or fiction" format, Burton Group's Trent Henry will discuss the must-have compliance technologies and how an organization can piggy-back existing infrastructure to satisfy the regulators. Podcasts
-
PCI assessor and CISO: Work together for the best PCI ROC
In a session at the SOURCE Boston conference, a PCI assessor and a CISO explain that there are ways to arrive at a report on compliance they can both appreciate. News
-
Choosing the best security certifications for your career
Whether starting your career or planning your next step as an IT security professional, this tip will guide you toward the best certifications for your interests and experience. Tip
-
Security management plan reveals essential business security upgrades
As companies create their security management plan for the coming year, they should look to upgrades in Linux and Windows operating systems, Adobe applications and Internet browsers to improve their overall security position. Tip
-
PCI DSS 2.0 and virtualization compliance for SMBs
PCI DSS 2.0, which debuts this month, includes key changes for SMBs in the areas of virtualization and vulnerability assessments. Expert Mike Chapple details the changes and explains what midmarket firms must do to comply. Tip
-
PCI DSS requirement: Maintaining a vulnerability management program
The third PCI DSS focus area requires antivirus software, secure coding practices, patch management and change control processes be in place. Tip
-
New Jersey bank fined $1 million for BSA violations
FinCEN penalty against Pamrapo Savings Bank comes two months after the bank pleaded guilty to conspiracy to violate the Bank Secrecy Act. Article
-
How to create a compliance, audit program
When it became difficult for everyone to keep up with internal audit obligations, Diane Kissel, IS risk and compliance manager at the facility, helped create a compliance program. Tip
-
Inside Ryder Truck Rental's PCI compliance project
In 2007, Julio Gonzalez, director of IT, GRC and network operations at Ryder Truck Rental, kicked off a PCI project aimed at addressing any credit card exposures. Podcast
-
PCI DSS requirement: Building and maintaining a secure network
The first PCI focus area requires a set of documented configuration standards, perimeter and endpoint protection. Tip
-
Encryption basics: How asymmetric and symmetric encryption works
Before you encrypt your files, emails and Web transactions, make sure you know the cryptography basics. Tip
- See more All on Audit and compliance planning
About Audit and compliance planning
Meet your audit and regulatory compliance needs with expert advice and training that will help your midmarket IT organization keep compliance costs down and comply with Sarbanes Oxley, HIPAA, PCI DSS and other regulations relevant to your midmarket IT organization. Also, find resources on auditing, testing and assessment for compliance including third-party and self-assessment advice and audit preparation help.