News

• Medical firm avoids Exchange nightmare with outside help

  By Tim Greene | 22 May, 2012 05:31

  International medical vendor Mediq was expanding in a big way by acquisition and needed a standard email platform across its business, but the project's cost and the complexity of doing it alone was so daunting that the company called on outside help that costs it less in the long run.

• 5 signs that you've lost control over your Cloud apps

  By Carolyn Duffy Marsan | 12 March, 2012 21:28

  CIOs are waking up to the reality that they've lost control over access to data stored in software-as-a-service applications purchased by other departments.

• IETF explores new working group on identity management in the cloud

  By Carolyn Duffy Marsan | 09 March, 2012 22:35

  Proponents of a common scheme for managing user identity in cloud-based applications will pitch their idea to the Internet's premier standards-setting body at a meeting in Paris later this month.

• Use Analytics to Create a Greener Business

  By Elana Varon | 01 November, 2011 04:51

  Saab Group, a defense and aerospace company with a global supply chain and customers in 100 countries, must comply with a growing set of local environmental regulations and with customer requirements that it run a greener business. Plus, the $3.7 billion company has its own goals: cut its greenhouse gas emissions by 2 percent a year, save energy and water, increase recycling and reduce its use of hazardous chemicals.

• Start up offers Saas app to manage data-breach incidents

  By Ellen Messmer | 08 September, 2011 02:33

  If your company suffered a data breach, would you know what to do to comply with state, federal and local law? Start-up Co3 Systems is offering a software-as-a-service (SaaS) application to tackle that unhappy task, tracking how a corporate data-loss incident is handled.

• IIIS: More pictures from the Implementing Information Infrastructure Symposium

  By Computerworld Staff | 03 August, 2011 12:06

  Data governance, risk, compliance and much more

• Vulnerability analysis tools add compliance features

  By Joel Snyder | 20 June, 2011 14:56

  Compliance is a natural extension of a vulnerability analysis tool. Normal vulnerability scanning includes searching for unpatched systems, unprotected directories and other errors in configuration.

• Companies explore private virtual worlds

  By Maria Korolov | 13 May, 2011 08:49

  Meetings, conferences and training programs in a 3D virtual world such as Second Life can be more engaging and productive than traditional online sessions and phone calls, and much less expensive than face-to-face meetings requiring travel. But some companies aren't willing to take on the security and compliance risks of using a public platform and are instead opting for private virtual worlds created behind the corporate firewall.

• Legal risks of hosting data offshore highlighted

  By Hamish Barwick | 14 January, 2011 09:58

  Australian Cloud providers have been given a boost following warnings from a legal expert on the risks associated with hosting data offshore.

• Encryption adoption driven by PCI, fear of cyberattacks

  By Ellen Messmer | 17 November, 2010 03:19

  A survey of more than 900 IT managers shows that adoption of encryption in their organizations is being driven by two main factors, anxiety about possible cyberattacks and the need to meet the payment-card industry (PCI) data security standards.

• Upgraded retail security standard ignores mobile payments

  By Ellen Messmer | 29 October, 2010 02:21

  The second version of the Payment Card Industry (PCI) Data Security Standard (DSS) is being released this afternoon by the organization PCI Security Standards Council, which sets the network and security requirements for merchants and service providers handling sensitive cardholder data.

• SecTor 2010: Why security is the enemy of privacy

  By Bill Brenner | 27 October, 2010 03:28

  As we noted in last year's CSO article, "Six ways we gave up our privacy," people are increasingly -- and willingly -- throwing their privacy to the wind, thanks to an addiction to Google apps, GPS devices, the BlackBerry, iPhone and Android, and social networking sites like Facebook and Twitter. Some security experts believe privacy is dead already.

• Meeting the new PCI wireless requirements

  By Ajay Kumar Gupta | 25 September, 2010 03:34

  Beginning Sept. 30, Visa will require merchants and related businesses to conduct wireless security scans to prove compliance with version 1.2 of the PCI Data Security Standard (PCI DSS) which is designed to safeguard cardholder data from wireless threats.

• IT departments need software compliance officer: BSAA

  By Lisa Banks | 15 September, 2010 08:54

  Having a member of an IT department responsible for software asset management is vital if businesses are to avoid mistakenly using pirated software or losing track of licences.

• 10 steps to easier access management

  By Tim Greene | 15 September, 2010 01:36

  NEW YORK -- A CISO who spent two years organizing identity and access management for the 15,000 users on his network boiled the whole experience down into a 10-step process he presented at the Security Standard Conference this week.