NetIQ Secure Configuration Manager - White Papers
 |
This paper discusses the challenges introduced to systems management as the result of VMware. In addition, it describes NetIQ’s approach to Operational VMware Management, an approach that addresses the hybrid physical / virtual environment. |
|
This white paper examines some trends in compliance and security management and suggests approaches to reducing the cost and operational burden of compliance in the future. |
|
This whitepaper describes the drivers for better IT security auditing, the problems with current approaches and how to leverage NetIQ Secure Configuration Manager to automate IT security audits on key distributed platforms. |
|
This whitepaper discusses both the challenges of meeting PCI DSS compliance, as well as the ways in which organizations can leverage that work to provide better security, more easily meet future compliance requirements, and create operational efficiencies within their IT organization. |
|
This document lists each PCI security audit requirement, followed by the appropriate NetIQ products and a brief description of how each product addresses that requirement. |
|
NetIQ solutions can help you establish and ensure the requirements of PCI DSS v1.1 are met on a continuing basis. In this white paper you will learn more about the key challenges of PCI DSS v1.1 and how NetIQ Security Management, Configuration Control and Enterprise Administration solutions help you demonstrate PCI compliance. |
|
Rebecca Herold speaks with Chris Pick, Vice President of Corporate Strategy, and Wayne Crane, CIO, from NetIQ about a wide range of compliance issues, and what—from their perspectives and based on their experiences—they believe businesses need to know about the whole concept of compliance. |
|
What Healthcare Organizations Need to Know about HIPAA, Minors and Privacy Industry compliance expert Rebecca Herold discusses HIPAA’s specific requirements related to handling the protected health information (PHI) for minors and for the types of access that can be allowed to this information, even to parents and guardians. She also discusses the importance for organizations to know what is expected for compliance, document their decisions, and implement appropriate systems, applications, and procedures to support those decisions. |
|
Industry compliance expert Rebecca Herold reviews the history of legislation aimed at better protecting personal information, the challenges to passing such bills into law and the benefits and detriments of such laws. She also discusses the benefits of being proactive about preventing personal information breaches. |
|
The Business Leader’s Primer for Incorporating Privacy and Security into the SDLC Process Industry compliance expert Rebecca Herold discusses the importance for business leaders throughout the enterprise to understand the system development life cycle (SDLC) and how decisions made can impact, negatively or positively, the entire business. Incorporating information security and privacy considerations and activities from the very start of the SDLC will not only result in more secure and compliant applications and systems but also help the business by being less expensive and more effective than trying to band-aid information security and privacy onto the final application or system. |
|
Industry compliance expert Rebecca Herold discusses the importance of establishing a formal Information Security Management System and looks at how BS7799-2 specifically outlines and details the implementation and documentation requirements for an ISMS. |
|
Many laws and regulations exist throughout the world that require specific retention time periods and associated safeguards for a wide range of data types. Organizations need to be aware of these data retention requirements and plan to meet the compliance challenges. |
|
Industry compliance expert Rebecca Herold and Christopher Grille provide a very helpful checklist addressing outsourcing and partnering security and privacy considerations. It details what you must know about your business partner’s information security and privacy program and discusses how you can demonstrate to regulators that you are in compliance when someone else possesses your data. |
|
Using NetIQ Secure Configuration Manager for Unix Assessments NetIQ Secure Configuration Manager helps you protect your IT infrastructure and meet compliance requirements in the IT controls areas of entitlement reporting and segregation of duties. This holds across many different platforms, none more important than Unix and Linux. |
|
In this white paper, Dorian Cougias of Network Frontiers and Bob Tesh of NetIQ share practical tips for demonstrating compliance to regulations and policy standards. These ten tips will not only help you pass those initial audits, but also sustain compliance over time. |
|
Significantly fewer United States-based organizations are pursuing formal ISMS certification than in many other countries. In this article, I share my discussions with 10 chief information security officers (CISOs) from U.S.-based organizations about whether they are going to pursue ISMS certification and why. I also share the feedback given to me from a U.S.-based ISMS certification preparer group. |
|
The Business Need for Information Security and Privacy Education Authored by information security expert Rebecca Herold, this whitepaper can help you protect the confidentiality, availability, and integrity of sensitive data. Discover how to prevent mistakes and actions based upon lack of knowledge, prevent deliberate fraud and disruption, and determine the needs of different groups and target training accordingly. |
|
When you entrust business partners with your company’s confidential data, you are placing all control of security measures for your organization’s data completely into their hands. That trust cannot be blind. Many recent security incidents have resulted from inadequate security practices within outsourced organizations handling another company’s customer or employee data. |
|
This white paper explores some of these privacy concerns and what is going on in the world with regard to protecting personal information. It will then go over the challenges that face organizations and what they need to do to protect the privacy of information wherever it is in the world as well as the appropriate actions organizations must take to meet legal and contractual requirements. |
|
Do Compliance Requirements Help or Hurt Information Security Seven seasoned information security and privacy professionals to get their opinions about whether regulatory compliance requirements help or hurt information security initiatives. |
|
This white paper takes a close look at the aspects of Unified Compliance that can be addressed with NetIQ solutions. With NetIQ, companies can implement and manage controls that make compliance programs sustainable and repeatable, while gaining visibility into sources of vulnerability and risk exposure. |
|
This white paper presents the Top 10 IT Compliance Reports that can help organizations address their compliance and risk management requirements, as well as how and where NetIQ’s Knowledge-Based Service Assurance solutions can aid in creating an automated infrastructure to repeatedly and easily create those reports. |
 |
This whitepaper provides background and information on the Federal Desktop Core Configuration that was mandated by the Office of Management and Budget on March 22, 2007. It is intended for those individuals who are tasked with implementing the Federal Desktop Core Configuration or for those who are overseeing the implementation. |
|
This whitepaper describes an effective approach for IT compliance – NetIQ’s compliance and risk management methodology – and how to leverage NetIQ’s methodology and solutions to consistently achieve better results. |
|
NetIQ Secure Configuration Manager – Built for the Enterprise This document describes the architecture, features and other aspects of NetIQ NetIQ Secure Configuration Manager that ensure it is capable of supporting large scale enterprises (ones with tens of thousands of managed servers). |
|
Businesses must always be vigilant about data security, particularly in the global information-based economy. Businesses are dependent upon information technology (IT). The risks that are an inherent part of IT make it necessary for IT leaders and IT personnel to know the data protection laws and regulations more than ever before. It is with this knowledge that they can incorporate information security and privacy within all the IT processes, throughout the entire systems development life cycle (SDLC). |
|
This guide describes many of the greatest security challenges the largest NetIQ federal sector customers are addressing. |
|
This guide describes many of the challenges financial services institutions face in the area of regulatory compliance. It also describes the comprehensive solutions that NetIQ provides for addressing these key challenges. |
|
From Project to Process: Policy-Based Vulnerability Management Battling a constant barrage of worms, viruses and attacks on enterprise systems, IT and security administrators are seeking more efficient and effective ways to protect information assets. Vulnerability management is a critical but very challenging discipline. Unfortunately, many organizations rely on ineffective reactive approaches, treating vulnerability management as distinct, infrequent projects and failing to establish meaningful metrics with which to manage it as a process. NetIQ supports a more holistic, policy-based vulnerability management approach. This white paper describes how NetIQ policy-based solutions establish a more effective, mature vulnerability management capability. |
