This expert E-Guide offers an in-depth look at the security of cloud computing. Discover a risk versus benefits comparison, learn why it may be difficult to satisfy compliance auditors if security controls are obscured, and see why cloud vendors aren’t very concerned with security. 

This video describes how organizations can effectively interpret particular requirements from regulations such as HIPAA and PCI and implications these interpretations have on compliance activities, administration, and auditors. 

Read this report to learn about the business side of data security as we build a justification model to help you determine where, and how much, to invest in protecting your information assets. 

Your small business has distinct needs that differ from either consumers or larger businesses. Here are ten steps to help you to protect your data if your resources are limited? 

In this white paper, we take a look at how strong authentication can benefit eCommerce and online services. We will evaluate the risks that identity fraud, phishing and cybercrime pose for online service providers and discuss how strong user authentication can alleviate these risks. 

As ORCS introduced Windows Server 2008 into the network, they sought new ways to improve efficiency. The need for an improved patch management system, combined with the requirements for PCI compliance, presented a dual challenge that they hoped they could address with a single technology solution. And they did. Read this case study to learn how. 

You know you have to protect your sensitive data, but in order to do that, you have to find it. Data classification consists of identifying what information is confidential, then deciding how to store and secure that information. In this video, Adrian Lane of Securosis gives insight into the data classification process. 

This tech brief presents eight recommendations to help you proactively address the difficulties of access control in a Microsoft-centric environment, and avoid the common pitfalls, risks and costs. 

This paper describes seven practical steps information security professionals can take to integrate controls into IT production operations, to simultaneously achieve NERC compliance goals, and also IT operational and security goals. 

When you outsource cloud computing, you are putting your data in the hands of a third party. In this video, Rena Mears of Deloitte & Touche LLP reviews how cloud computing is effecting data classification and security. She answers some of the toughest questions about service provider agreements, compliance, and what’s next for data management. 

In a typical healthcare organization, hundreds to thousands of medical and support staff need to access patient data to do their job. How do you effectively enforce access controls to hospital information systems without hampering medical care efficiency and effectiveness? Read this paper and learn how. 

Whether the economy is doing well or not, business leaders are always looking for the technological edge to bump up productivity and get more out of their workers. But new innovations always introduce new risks. The hallmark of a good C-level executive is the ability to balance the benefit of innovation with solid risk mitigation. 

As IT commoditization continues to increase audit and control activities, IT gets better at identifying and documenting the causes of significant outages. In an increasing number of cases, these ITIL efforts show the source of the outage to be action from the security department, and the BSM processes show the impact to be devastating.