compliance - News, Features, and Slideshows

News

• Buried in the Budget: $82.3M to fix government payroll mess

  The "Wellbeing Budget" released yesterday includes millions of dollars to fix flawed departmental payroll systems.

• EU data supervisor probes EU bodies' software deals with Microsoft

  The 28-country European Union adopted the landmark General Data Protection Regulation (GDPR) about a year ago, giving Europeans more control over their online information and privacy enforcers the power to impose hefty fines

• Regulation as a platform: How Data61 is turning text into APIs to serve the burgeoning RegTech industry

  As one Australian Securities and Investments Commission employee put it at a RegTech event in Sydney earlier this week: “If fintech start-ups are tech rich and the banks are data rich then I think it’s fair to say that ASIC is text rich. Our regulatory guidance is all text based.”

• Wynyard launches compliance solution for NZ govt agencies

  Wynyard Group has launched an advanced risk management and compliance software solution specifically designed to help New Zealand government departments comply with the New Zealand Information Security Manual (NZISM).

• Enterprise anti-virus software test puts Kaspersky software out front, Microsoft at bottom

  Dennis Technology Labs, the London-based organisation which runs tests to evaluate anti-virus software, yesterday released its latest test results on products for three distinct product segments--enterprise, home and small-to-mid-sized business (SMB). Its tests are not sponsored by vendors, the lab says.

• Viewpoint: When it comes to enterprise security, is it better to focus on compliance or risk?

  A CIO once quipped, "Security isn't hard, compliance is." And in fact many companies focus their security efforts on meeting compliance requirements. But if you are audit compliant, have you in fact addressed all of your risks, or are you just kidding yourself? Is it better to focus on the risks presuming that doing so will cover you off on the compliance side? Network World Editor in Chief put the question to two practitioners, both of whom come down on the side of risk.

• PCI Council Releases Guidelines for Cloud Compliance

  A new set of guidelines from the PCI Security Standards Council is intended to help merchants and cloud services providers comply with the PCI DSS when handling payment card data on the web.

• Startup service targets electronic workplace compliance, training

  Startup Convercent officially debuted today with a software-as-a-service (SaaS) offering that lets employers make available to employees in electronic form, via computer or mobile device, the workplace ethics and compliance terms the business supports.

• EMC Offers Online File Sharing With On-Premise Storage Product

  EMC is building on its acquisition of the Syncplicity file-sharing and collaboration service by combining it with its Isilon scale-out NAS to provide the enterprise what the storage giant claims provides the convenience of a cloud-based file-sharing service with the administrative and governance capabilities of an on-premise solution.

• Many global organizations flub electronic-records requests

  More companies are tackling how to best set up their electronic records to be able to respond to any legal requests related to "electronic discovery" to quickly find internal documents for court purposes, but this "e-discovery" process is still a struggle, a survey published today indicates.

• PCI Council publishes risk-assessment rules for card-processing networks

  The Payment Card Industry (PCI) Security Standards Council today issued guidelines on how businesses storing, processing or transmitting payment-card information should look at doing an annual risk assessment.

• Keeping up with PCI hasn't improved much: Verizon

  Businesses aren't getting much better at meeting payment card industry (<a href="http://www.networkworld.com/news/2011/011211-survey-on-pci.html">PCI</a>) standards year-to-year, perhaps because they get cocky about passing one year and figure they will breeze through the next, according to a study by Verizon PCI and Risk Intelligence teams.

• Warning: HIPPA has teeth and will bite over health-care privacy blunders

  Healthcare organizations that are performing risk assessments as a way to craft patient-privacy policies might want to consider a new potential attack vector: federal regulators.

• Black Hat: Apple does well but Microsoft does better with enterprise security

  While still not great, the operating systems behind Apple desktops, laptops and phones are getting more secure, <a href="http://www.networkworld.com/news/2011/080411-blackhat-overview.html?hpg1=bn">researchers at Black Hat</a>  say.While not recommended for corporate use unless it’s in islands within larger networks, the OSX operating system has made strides, says Alex Stamos, who lead a team of researchers from iSec Partners that researched the OSX and Windows 7 operating systems.

• Financial services firms increasing IT spending: survey

  IT execs in the financial services industry say they plan to increase tech spending and use more <a href="http://www.networkworld.com/supp/2011/enterprise1/020711-ecs-main.html">managed services</a> as they struggle to process data faster, less expensively and more reliably.