This article discusses some aspects of a new regulation -- 201 CMR 17:00 -- and offers suggestions on how data security best practices can help with compliance. Companies should discuss the regulation in detail with their legal consul to examine how it affects their unique circumstances and the best course of action to be taken. 

This Pocket E-Guide examines using one or more of the compliance regulations as a framework rather than relying solely on the traditional information security guides to build a security framework. 

In this white paper, learn how with Tripwire Enterprise, organizations can quickly achieve IT configuration integrity by proactively assessing how their current configurations measure up to specifications as given in ISO 27001. 

This collection of slides from the Information Security Decisions Conference presents a practical 5 step plan toward achieving greater standards of database security and compliance. These steps consist of discovering, securing, monitoring, protecting and managing your databases. Download the slides to learn more. 

This white paper outlines considerations and recommendations for reducing business risk through the use of an effective enterprise information security program. 

IT managers are looking to governance structures and the discipline of risk management to help them make decisions and create sustainable processes around regulatory compliance. Read this E-book to learn more about risk management and evaluating GRC solutions. 

In the past, identity management and information security solutions were often procured, implemented, and managed independently with different tools, processes, and organizational units. This separation is quickly becoming a thing of the past. Why? Read this white paper for the answer. 

This collection of slides from the Information Security Decisions Conference focuses on change management and keeping change from creating unnecessary risks. The slides offer tips on getting people to accept change, participate in change, and finally manage change. Read on to learn more about managing change to mitigate risks. 

Security information management systems can now be used for proactive risk management and business intelligence. This Essentials Guide explains how this can be achieved. Read on to find articles that cover topics like today's SIM trends, incident response, threat management, and data analysis. 

This study looks at what senior executives think about the value of corporate data protection efforts within their organizations. It is important for those individuals charged with managing a data protection program to understand how key decision makers in organizations perceive the importance of safeguarding sensitive and confidential information. 

This issue of information security magazine provides a step-by-step guide to securing database systems, explores the important factors in selecting a SaaS provider, presents a whole new approach to security management that has nothing to do with structure-driven policy architecture, and more. 

Read this paper to learn about a new approach to compliance that seeks to move beyond the short-term goal of passing an audit and to incorporate compliance into an organization's operations in a more proactive sense utilizing the Capability Maturity Model. 

Corporate databases are in constant danger. Outside criminals can exploit web applications and employees with malicious intent present an even greater threat. This webcast traces the steps involved in breaking into a database and presents a reference architecture and checklist for implementing iron-clad database security measures.