ROI Calculator: Evaluate Efficiency of Investment in Security Software

Every business leadership team wants to see a return on its investments. From hiring valuable employees who deliver on projects to securing resources that allow those employees to do their jobs, every cost needs to have a purpose — and investing in security software is no different. Why does any IT department need ROI evaluation? IT … Continued

Plan Effective SIEM First, Compliance Second

Security information and event management (SIEM) is a major priority for large companies. It’s a reporting process that provides a holistic view of the health of an organization’s IT security as well as important details for various kinds of compliance regulations, including GLBA, PCI, FISMA, HIPAA, and more. But while SIEM helps your organization by … Continued

4 Business Cases to Support Privileged Identity Management

Privileged Identity Management (PIM) is often dismissed as an exclusively tech priority; after all, making it easier to monitor and support changes within an IT environment has a direct effect on its efficiency and productivity. However, the value of PIM spreads far wider than a single department. In large, established organizations, PIM plays an important … Continued

GLBA Compliance to Secure Consumer Data

The Gramm-Leach-Bliley Act (GLBA) was enacted to protect consumer financial information from mistakes within companies that industry process, transfer, and store massive amounts of consumer data. Disregarding the GLBA requirements for secure consumer data can result in a number of serious consequences: catastrophic data loss, loss of reputation among customers, a $100,000 fine for each … Continued

2 October Medical Data Breaches That Could Have Been Prevented

The IT industry fights to reduce and eliminate its overall risk for security breaches year in and year out. That’s why it’s so disheartening to read about recent breaches in the news. It always comes down to one concerning question: Could that have been me? The most productive thing we can do is learn from … Continued

4 Tips for Maintaining SOX Compliance in 2015

If you run a public business in the United States, you are required to comply with the Sarbanes-Oxley Act (SOX). This piece of legislation was implemented to improve the accuracy of corporate disclosures and protect shareholders and the general public from the security threats of accounting errors and fraudulent activity in enterprise businesses.  While SOX … Continued

A 4-Point Summary of FISMA Compliance in 2015

Federal agencies, subcontractors, service providers, and organizations that operate IT systems on behalf of Federal agencies need to be aware of their compliance with the Federal Information Security Management Act (FISMA). This Act exists to safeguard the importance of information security related to the economic and national security interest of the United States. Despite serious … Continued

3 Ways to avoid HIPAA Violations in a Healthcare Office

The Health Insurance Portability and Accountability Act (HIPAA) defines and establishes compliance regulations for healthcare providers surrounding protected health information (PHI) within healthcare organizations. The consequences of non-compliance are dire, as unsecure PHI can significantly increase the risk of identity theft for patients and have long-reaching professional consequences for individuals with compromising medical histories. Of … Continued

Understanding and Achieving PCI DSS Compliance

The Payment Card Industry Data Security Standard (PCI DSS) establishes compliance regulations that affect businesses accepting credit, debit, or prepaid cards as payment online, by telephone, or by individual terminals. Because so many businesses use credit, debit, and prepaid cards as a core business function, the standards and regulations set forth for PCI DSS compliance … Continued

Four Ways to Create Secure Passwords in a Team Environment

Any number of unknowns can threaten the security of your environment, but the leading common denominator in threat scenarios is how your team manages their passwords within your environment. Creating and maintaining secure passwords within a team environment comes with unique challenges. You need to monitor not just the quality of the passwords and their … Continued