NetIQ Security Compliance Suite - White Papers
|
|
|
 |
Featured White Papers |
| Apr 3, 2009 |
A Practical Approach to Automated Compliance Assessment and Remediation In this white paper we demonstrate how to manage necessary exceptions with a closed-loop and automated process; reduce the cost of these exceptions with automation; correlate security events with detected changes in configurations for improved security; and automate entitlement reporting review and approval. |
| Feb 12, 2009 |
Driving Down Security and Compliance Costs: Learning from the Federal Government This white paper will examine the FDCC standard, and how businesses and non-Federal government organizations can learn from the experience of implementing FDCC in order to reduce costs and improve efficiency. |
| Sept 16, 2008 | In this white paper, you will learn how to reduce overall security expenses through automation, relieve pressure from over burdened security teams, improve policy compliance with automated responses. and create consistent and repeatable incident responses. |
| Aug 22, 2008 | In this white paper, we will discuss protecting critical hosts and their associated data by controlling and auditing system configurations, monitoring and managing user activity and controlling change. We will then discuss the next logical step, the integration and automation of these processes to enhance security of the critical data, improve incident response times and provide a consistent, repeatable and cost effective remediation process. |
| Jul 2, 2008 | This white paper will examine some of the opportunities, challenges, and solutions to accelerate security maturity and operational efficiencies, as well as the three most important considerations when defining these processes. |
| Feb 25, 2008 | This whitepaper describes the drivers for better IT security auditing, the problems with current approaches and how to leverage NetIQ Secure Configuration Manager to automate IT security audits on key distributed platforms. |
| May 23, 2007 | Rebecca Herold speaks with Chris Pick, Vice President of Corporate Strategy, and Wayne Crane, CIO, from NetIQ about a wide range of compliance issues, and what—from their perspectives and based on their experiences—they believe businesses need to know about the whole concept of compliance. |
| Apr 5, 2007 |
What Healthcare Organizations Need to Know about HIPAA, Minors and Privacy Industry compliance expert Rebecca Herold discusses HIPAA’s specific requirements related to handling the protected health information (PHI) for minors and for the types of access that can be allowed to this information, even to parents and guardians. She also discusses the importance for organizations to know what is expected for compliance, document their decisions, and implement appropriate systems, applications, and procedures to support those decisions. |
| Apr 5, 2007 | Industry compliance expert Rebecca Herold reviews the history of legislation aimed at better protecting personal information, the challenges to passing such bills into law and the benefits and detriments of such laws. She also discusses the benefits of being proactive about preventing personal information breaches. |
| Apr 5, 2007 |
The Business Leader’s Primer for Incorporating Privacy and Security into the SDLC Process Industry compliance expert Rebecca Herold discusses the importance for business leaders throughout the enterprise to understand the system development life cycle (SDLC) and how decisions made can impact, negatively or positively, the entire business. Incorporating information security and privacy considerations and activities from the very start of the SDLC will not only result in more secure and compliant applications and systems but also help the business by being less expensive and more effective than trying to band-aid information security and privacy onto the final application or system. |
| Apr 5, 2007 | Industry compliance expert Rebecca Herold discusses the importance of establishing a formal Information Security Management System and looks at how BS7799-2 specifically outlines and details the implementation and documentation requirements for an ISMS. |
| Apr 5, 2007 | Many laws and regulations exist throughout the world that require specific retention time periods and associated safeguards for a wide range of data types. Organizations need to be aware of these data retention requirements and plan to meet the compliance challenges. |
| Mar 27, 2007 | This whitepaper examines the top ten issues in infrastructure security today. It also provides practical means for you to improve the security of your operating systems, databases, web/application servers and applications. It is a must read for both IT security and IT operations professionals, including security analysts, systems administrators and internal auditors. |
| Mar 15, 2007 | Industry compliance expert Rebecca Herold and Christopher Grille provide a very helpful checklist addressing outsourcing and partnering security and privacy considerations. It details what you must know about your business partner’s information security and privacy program and discusses how you can demonstrate to regulators that you are in compliance when someone else possesses your data. |
| Mar 6, 2007 |
Using NetIQ Secure Configuration Manager for Unix Assessments NetIQ Secure Configuration Manager helps you protect your IT infrastructure and meet compliance requirements in the IT controls areas of entitlement reporting and segregation of duties. This holds across many different platforms, none more important than Unix and Linux. |
| Jan 25, 2007 | Significantly fewer United States-based organizations are pursuing formal ISMS certification than in many other countries. In this article, I share my discussions with 10 chief information security officers (CISOs) from U.S.-based organizations about whether they are going to pursue ISMS certification and why. I also share the feedback given to me from a U.S.-based ISMS certification preparer group. |
| Jan 16, 2006 | This white paper takes a close look at the aspects of Unified Compliance that can be addressed with NetIQ solutions. With NetIQ, companies can implement and manage controls that make compliance programs sustainable and repeatable, while gaining visibility into sources of vulnerability and risk exposure. |
| Mar 3, 2008 | This whitepaper provides background and information on the Federal Desktop Core Configuration that was mandated by the Office of Management and Budget on March 22, 2007. It is intended for those individuals who are tasked with implementing the Federal Desktop Core Configuration or for those who are overseeing the implementation. |
| Jan 28, 2008 | This whitepaper describes an effective approach for IT compliance – NetIQ’s compliance and risk management methodology – and how to leverage NetIQ’s methodology and solutions to consistently achieve better results. |
| Jan 24, 2007 | Security requirements have undergone constant growth during the past decade. At the same time, regulatory and general business requirements are broadening the territory that must be secured. This white paper addresses some of the most important issues creating impediments to a comprehensive security management solution. |
| Mar 13, 2006 | This whitepaper provides a comprehensive overview of NetIQ Security Manager and how it reduces threat exposure times, improves security knowledge, increases overall security protection levels, boosts operational performance and assures compliance with regulations. |
| Dec 1, 2005 | This white paper presents the Top 10 IT Compliance Reports that can help organizations address their compliance and risk management requirements, as well as how and where NetIQ’s Knowledge-Based Service Assurance solutions can aid in creating an automated infrastructure to repeatedly and easily create those reports. |
