Audit and compliance planning, Choosing security services, End user training and awareness, Risk assessments and metrics, Writing and enforcing security policies
Microsoft Windows configuration and patch management, Microsoft endpoint security management, Microsoft identity and access management, Microsoft security integration and centralized management, Microsoft security threat management
Detecting and preventing network intrusions, Integrating security into networks, Managing firewalls, Network access controls, Wireless network security management
Antivirus, antispyware management, Configuration and patch management, Integrated security appliances and systems, Security vulnerability management
Most midmarket IT organizations are heavily invested in Windows. Rather than bolt on security, those IT teams must extend the capabilities offered in Windows Server, Windows Vista and Windows XP to simplify management and keep costs in check. Here you'll learn more about identity and access management, configuration and patch management, endpoint security management, threat management and security integration and centralized security management within Windows.
HIPAA compliance services can lead to solid business growth for solution providers. Kevin McDonald's HIPAA security checklist has 10 ways to begin.
VARs expect customers to increase spending on security more than any other IT area in 2012. See which security segments will grow the most.
Blogging can produce new leads for security solution providers. Focus on content in your computer security blog that connects with customers.
The SAS 70 report has been replaced by the SSAE 16, but how does it stack up as a tool to measure a provider’s security?
Data privacy, cloud security standards among the topics to be discussed.
Organizations face a March 1 deadline for ensuring their cloud and other service providers comply with Massachusetts’ data protection regulation.
High-profile attacks on Nortel, RSA and others have thrust cyberespionage attacks into the spotlight ahead of RSA Conference 2012
Understanding IPv6 security issues can be a challenge, but the protocol's co-inventor says enterprises can no longer afford to ignore IPv6 security concerns.
BYOD policy issues are a big concern for enterprises grappling to secure employee smartphones and tablets, say analysts previewing RSA 2012.
Concerned about the PECR regulations for website tracking cookies? Learn how to audit cookies on your site to find out if you are in compliance.
The free Burp Suite proxy tool can be used for good or for bad. Expert Rob Shapland provides usage scenarios for both.
A reader asks how to judge the security of open source software products. Expert Michael Cobb lists three areas to check.
An IT exec schooled in database design chooses a "bottom-up" BI platform developed expressly for his ERP system, with a little help from an outsider.
Are businesses chasing Hadoop and Teradata just because they're the hot new thing? CEO John Weathington advises CIOs to stop and think before they jump into big data analytics.
CIO Tom Gainer found that deploying virtualized desktops and disaster recovery was the quicker path to cost savings and recovery times. Server virtualization, not so much.
In this Q&A, EPIC Consumer Protection Fellow David Jacobs discusses the organization’s objections to Google’s privacy policy and how to improve online consumer privacy.
Although information technology audits can uncover GRC gaps, lower-level issues are often overlooked when relying on them for security assurance, says contributor Kevin Beaver.
With the number and severity of breaches increasing, data protection strategies are vital. To help, the Online Trust Alliance has released a guide to online data protection.