Home » Topics » Security and risk management

Security and risk management

Security and risk management

The security and risk management topics page provides IT management with up-to-date information and resources on IT asset management, data security and privacy, IT security management, disaster recovery and risk management.
Sub-Topics

Compliance strategies and best practices

Compliance doesn't begin and end with the Sarbanes-Oxley Act (SOX). Company must also keep up with the various security standards, the Health Insurance Portability and Accountability Act (HIPAA) and numerous other regulations and guidelines. It's a tall order, but it's one company must face in order to protect their customers and stay in line with standards set by the IT industry as well as the government.

Data security and privacy

Managers and CIOs face regular data security and privacy issues as they are expected to effectively use technology to share data while still following specific rules and regulations to protect personal information.

HIPAA

Health Insurance Portability and Accountability Act (HIPAA) protects health insurance coverage for workers and their families when they change or lose their jobs.

Information security management

Information security describes activities that relate to the protection of information and information infrastructure assets against the risks of loss, misuse, disclosure or damage. Information security management is controls that the organizations need to implement to ensure that it is sensibly managing these risks.

IT asset management

IT asset management is the set of business practices that join financial, contractual and inventory functions to support life cycle management and strategic decision making for the IT environment. Assets include all elements of software and hardware that are found in the business environment.

IT auditing

IT auditing is the process of collecting and evaluating evidence of an organization’s information systems, practices, and operations. The evaluation of obtained evidence determines if the information systems are safeguarding assets, maintaining data integrity, and operating effectively and efficiently to achieve the organization's goals or objectives.

IT laws

Information technology law is a set of recent legal enactments, currently in existence in several countries, which governs the process and dissemination of information digitally. These legal enactments cover a broad gambit of different aspects relating to computer software, protection of computer software, access and control of digital information, privacy, security, internet access and usage, and electronic commerce.

Security Standards

SOX compliance management

The Sarbanes-Oxley (SOX) Act was signed into a US federal law on 30 July 2002. The Act is designed to oversee the financial reporting landscape for finance professionals. Its purpose is to review legislative audit requirements and to protect investors by improving the accuracy and reliability of corporate disclosures. The act covers issues such as establishing a public company accounting oversight board, auditor independence, corporate responsibility and enhanced financial disclosure.

IBM shares tips for disaster preparation

With the onset of the hurricane season in the US Midwest and Southeast, combined with earthquakes on the East Coast, Colorado and Peru, IBM has released six tips that individuals and businesses can use to help prepare their IT environments for natural disasters and a wide range of other threats.

Explosion of Web 2.0 technologies boosts web application firewall market

The Asia-Pacific web application firewall (WAF) market is poised for growth, with compound annual growth rate (CAGR) pegged at a strong 38.6 percent until 2015, up from the 28.4 percent year-on-year growth it posted in 2010.

Think before jumping on the social media bandwagon

Before diving head first into the social media pool and put yourself at risk, jump in feet first and follow these tips from Luichi Robles, Senior Country Manager, Symantec Philippines, to protect your valuable business information.

Protecting customers from 'Man-in-the-Browser' and 'Man-in-the-Middle Attacks'

In the last few years, two new types of Internet threats have appeared -- “Man-in-the-Browser” (MITB) and “Man-in-the-Middle” (MITM) -- and use sophisticated techniques to circumvent traditional multi-factor authentication technology like one-time password (OTP) tokens to compromise user accounts and commit financial fraud. This White Paper discusses how to protect customers from these types of attacks.

CIOs must take steps to manage risk, unexpected costs of cloud sourcing

As cloud computing and offshoring become mainstream, CIOs should take steps to manage inherent risks and unexpected costs during the cloud services revolution, research firm Gartner Inc. said.

Chia Nan University of Pharmacy in Science implements next-generation firewall

A campus network face all kinds of challenges from virus threats, intellectual property rights violations and traffic management issues. Chia Nan University of Pharmacy and Science takes network security seriously and implemented the next-generation firewall from Palo Alto Networks. It has since achieved a third-party BSI ISO 27001 Information Security Management certification.

Singapore cites collective responsibility for cyber security

The inaugural Cyber Security Awareness Day in Singapore highlighted collective responsibility for information security.

Intel AES-NI now available in new Xeon processor 5600 series

Enabling data security means enabling data encryption at the server level. This white paper discusses how Intel Advanced Encryption Standard-New Instructions (Intel AES-NI), a set of new instructions available in the Intel Xeon processor 5600 series, streamlines execution of AES encryption/decryption algorithms.

Two-factor authentication recommended to protect VPN access

Many organizations provide access via a Virtual Private Network (VPN) over existing Internet connections. Security experts, however, recommend strong, two-factor authentication to protect remote access. This white paper discusses solutions that retains ease-of-use and deployment simplicity of username/password authentication.

63% of US schools plagued by IT Security breaches, says Panda Security

Panda Security recently announced the results of its inaugural Kindergarten-12 Education IT Security Study, showing, among other things, that 63 percent of US schools experience malware outbreaks or unauthorized user access at least twice a year.

Knowledge Central Multiple

Knowledge Central
White Papers
More more

Strategic solutions for government IT

This white paper discusses security requirements of large IT environments, including data center and cloud interoperability, mobile device access, virtualization and open collaboration.

Successful agencies share best practices on social media use in government

With the increasing adoption of social media, and pervasive mobile and broadband access by constituents, government agencies cannot afford to ignore the social media channels.
Case Studies
More more

California LGU secures vendor and employee access to applications

The City of Diamond Bar in Southern California provides a host of online services to businesses and residents. Solutions from F5 Networks provide secure, remote access to applications for IT vendors and city personnel managing the ecosystemm.

Thunderbird School supports new online business model with efficient storage system

To support global availability of its applications across virtual and physical systems 24x7, the Thunderbird School of Management upgraded its network backbone to 10 gigabit Ethernet (GbE), consolidated storage, and virtualized servers for continuous data availability.

Our Partner
Content Partner
Newsletter