This white paper reviews the basics of PCI, including who must comply, compliance requirements, validation requirements and penalties. It also examines key things to look for when selecting a PCI network testing service and introduces QualysGuard PCI.

Managing IT risk is part of running any business, helping you increase security, reduce management costs and achieve greater compliance. Corporate leaders who fail to identify, assess and mitigate IT risk are setting themselves up for security breaches and financial losses. Read this paper to learn how to effectively assess IT risk and manage compliance.

This whitepaper will examine PCI DSS and explain how Lumension® Compliance and IT Risk Management can help organizations reduce the cost of addressing compliance by streamlining and automating the IT audit process, unifying control and compliance frameworks, automating assessment and remediation processes, and enabling continuous monitor­ing of their compliance and IT risk management posture.

A FISMA compliance approach that relies on a manual and labor-intensive process can produce mountains of paper and electronic documents that no one can organize and make sense of. Such a compliance strategy results in overwhelming confusion where the assumption is that everything is in place because personnel are too busy to make sense of it all: that is, until things break down and all the fingers are pointed at the agency. This whitepaper highlights the six critical elements agencies should keep in mind in order to reduce the burden of FISMA compliance, while achieving greater control and security.

By March 1, 2010, all organizations with operations and/or customers in the state of Massachusetts will be required to follow comprehensive information security requirements regarding both paper and electronic records containing personal information. These requirements include enforcing password security, encrypting all personal information stored on laptops and removable devices and ensuring up-to-date firewall protection, operating system patches and the latest versions of security agent software. Read this whitepaper to learn how your organization can meet the necessary requirements and improve its security practices.

Published: Feb, 2010 - Business is complex, and requires agility to stay competitive. Risk and compliance measures can work against business agility, when managed manually and/or across numerous siloed initiatives. Success in today's business environment requires the organization to integrate, build, and support business process with an enterprise view of risk and compliance.

Traditional IPS and firewalls fall short of providing effective threat containment and can expose the enterprise to unacceptable levels of risk. As the majority of threats now originate from inside the organization rather than outside, security needs to be everywhere, rather than just at select perimeter locations.