Protecting IP with RSA DLP Policy Workflow Manager

Written on August 31, 2011 by SMInsights

Comments

Whether its data that’s governed by regulations or vital to a company’s competitive advantage, every organization has information they’d like to protect from outsiders. One logical place to start when looking to protect this information is with a Data Loss Prevention (DLP) tool. But, what many companies struggle with is how to figure out what information is sensitive for different groups and how it should be handled. Everyone knows that there is highly sensitive data across the organization that needs to be protected, but how do business managers let the IT security team know what specific data needs to be protected?

Advanced Persistent Threats – Looking for Answers at All Levels of the Organization

Written on August 2, 2011 by Mischel Kwon

Comments

APT has become a buzz of security professionals for the past few years, but now has legitimate attention among all levels of the organization. Why? Because executive leadership knows that buzzword has now become a clear and present danger even among private sector organizations.

How to Make a Mobile Payment App Comply with PCI DSS

Written on May 30, 2011 by Branden Williams

Comments (One)

The PCI Security Standards Council recently made news when they announced that they would no longer be accepting mobile payment applications for PA-DSS compliance consideration. This means that vendors looking to certify new mobile applications or devices are now left in the lurch.

Control Clusters: Breakfast of Champions

Written on November 30, 2010 by Steve Schlarman

Comments

The “team sport” theory can be applied to a company’s control environments as well. The classical “defense in depth” approach quickly comes to mind. Controls always depend on a collection of activities. As Risk and Compliance professionals, we all know the “single point of failure” is a verboten persona non gratis.