recentpopularlog in

cote : compliance   66

Pivotal Cloud Foundry 2.4 Boosts Security With Compliance Scanner
Two big features:

> So how does zero downtime actually work in production? Seroter explained that, for example, an organization could deploy an application (v1) with Cloud Foundry and then perhaps a second app (v2). After the v2 application is deployed, an administrator could then just simply switch the network route to enable the new version. The same basic method is now being scaled in an automated approach.

> "Let's say I have five instances of my app and when I deploy the next version, under zero downtime deploy, as each instance of that app comes up in that same bucket, one of the old one comes out," Seroter said. "I always have five running and I may be in a state where both versions are serving traffic, but at no point is there any disruption because in that same sort of app container, across all the different VMs [virtual machines] and Cloud Foundry, the application instances are swapping out for each other automatically."


> "What the scanner does for the customers is basically ensure that the configuration of the OS matches the best practice recommendations for a cloud-native deployment," John Field, security architect at Pivotal, told eWEEK.
PivotalCloudFoundry  pivotal  compliance 
january 2019 by cote
GDPR requests to take thousands of hours a month, says survey
“Large enterprises expect to get an average 246 GDPR enquiries per month, for which they will need to search 43 databases (seven minutes per search). They will spend more than 1,259 hours on this, which equates to nearly 60 hours of searches per working day or 7.5 employees dedicated solely to GDPR enquiries.”

It’s a database management company doing the survey, but still a good wet finger in the wind
privacy  compliance  surveys  eu  GDPR  numbers 
january 2018 by cote
Architecting for GDPR
Data protection leads back to security, and then there you are back in that mess.
security  privacy  logmanagement  compliance 
january 2018 by cote
Lax Security to Blame For Record Pace of HIPAA Breaches, Feds Say
“The 221 major breaches reported under HIPAA regulations so far this year mark a 66-percent increase over the 133 breaches reported for all of 2016, according to our analysis of records from the U.S. Department of Health and Human Services Office of Civil Rights (OCR).”
security  compliance  healthcare 
november 2017 by cote
How the US Air Force Made Its ISR Network Cheaper to Run and Easier to Upgrade - Defense One
"We’ve also dramatically cut the time that it takes to certify software as secure enough for DCGS. By testing throughout the development cycle, and deploying onto an accredited platform, DCGS is able to apply the existing accreditation model using a software’s Certificate-to-Field with a Security Impact Analysis for each new capability. DCGS now operates with an established battle rhythm that has slashed the time for security accreditation/certification from 18 months to 30 working days. In several cases, we’ve done it in 10 working days."
IFTTT  via:Instapaper  cases  govt  military  ato  compliance  digitaltransformation  airforce 
october 2017 by cote
IBM Acquires BigFix for Data Centers
"BigFix's platform includes a range of modules for areas such as patch management, security configurations and power management. The software's workload is distributed over all devices under management, and a special query language BigFix developed minimizes performance hits to the machines under management, according to its Web site."
redmonkpressquotes  Tivoli  patchmgmt  assetmgmt  BigFix  compliance  IBM  itmanagement  itmanagementguys 
july 2010 by cote
New Regulatory Requirements Require Data On-Demand by Wall Street & Technology
No "On-Demand" as in cloud, but more "getting good data quickly." Interesting hook to sell mashup, database, and ESB-driven SOA here: help banks and financial co.'s meet pressures and regulations to provide up-to-data data in standard(ish) formats instantly.
wallstreet  data  ondemand  reporting  compliance  BaselII  SOA 
november 2009 by cote
Novell, SAP bring together security, compliance wares
"In essence, the two are creating a hub for defining security, identity and GRC across a network. 'Users can synchronize across not only SAP applications but across all applications,' says Jim Ebzery, senior vice president and general manager for identity and security at Novell. 'So processes and policies in SAP Access Control can be mapped to another enterprise application with the same access controls tightly linked.'"
novell  SAP  compliance  GRC  partnerships  sapteched09 
october 2009 by cote
The XBRL mandate is here: Is IT ready?
Another regulation for IT folks to worry about. This one doesn't look so bad, but vendors have a chance to up the price.
qtr_calls  XBRL  standards  enterprisesoftware  financials  grc  compliance 
december 2008 by cote
Pssst: Stop Spending So Much On SarBox, Pass It On
"...Robert Frances Group which finds that companies will be able to reduce their SOX compliance costs by at least 20% under the new more relaxed rules. The firm notes that corporate profits could actually get a 2% across-the-board"
sox  qrt_calls  compliance  grc 
september 2007 by cote
Enterprise Software and GRC
In the words of Mark Crofton: "Amit Chatterjee, who founded SAP's GRC business unit and is one of the unit's driving forces, finally launched his blog today."
sap  grc  compliance  audit  via:markcrofton 
may 2007 by cote
LogLogic Aims to Ease Log Data Crunch
Note that there are canned compliance reports and the coming of a platform/SOA/API for people to build on-top of it.
configuration  logs  loglogic  compliance  enterprisesoftware  search 
march 2007 by cote
Playing the SOX Card
"[W]e can argue about what level of detail needs to be reported and how many controls need to be in place, but that proverbial silver lining is that many IT organizations are better run and better aligned with the business of regulatory crackdown. Would i
bsm  regulation  accountablity  compliance  sox 
february 2007 by cote
Big Blue Buys a Corporate Traffic Cop
"[C]ompliance and security audit software that helps companies detect and investigate unauthorized activity on computer systems by IT administrators or other users within the company."
ibm  consul  m&a  compliance  security  audit  mainframe  systemz 
january 2007 by cote
IBM to buy audit, compliance firm [consul]
Tivoli's 6th acqusition this year...also, jgovernor says, ties to BMC...
compliance  ibm  m&a  logmanagement  tivoli  bmc  security 
december 2006 by cote
Understanding SOA Governance
Discusion of what SOA Governance is.
soa  governance  compliance  it 
august 2006 by cote
Doc Or Die: The Joy of SOX - Upcoming book
"I especially enjoyed the many examples of how controls, business models, and information technology come together."
sox  compliance  soa 
august 2006 by cote
EMC secures record-management environments
"EMC Documentum Information Rights Management (IRM) Services allow IT to determine how files transmitted over e-mail are treated."
emc  drm  documentum  compliance 
august 2006 by cote
Governing for Enterprise Security
"This technical report examines governance thinking, principles, and approaches and applies them to the subject of enterprise security."
sei  compliance  enterprisesoftware  enterprise  to_read  via:JamesGovernor 
august 2006 by cote
IBM Press room - 2006-08-01 IBM Helps Small and Mid-Sized Businesses Tackle E-Mail Governance - United States
I was pre-briefed on this, and it looks good. Of course, it was all slides and ideas that I saw.
ibm  email  compliance  archiving 
august 2006 by cote
Yet Another Software Blog: HP acquires Mercury
Zedlewski's take on the acquisition: governance, HP is now more softwarey.
hp  mercury  m&a  sysmgmt  lifecycle  compliance 
july 2006 by cote
Master data management is key to compliance
"[MDM] is the key to corporate compliance. MDM refers to the infrastructure, tools and best practices for governance of official corporate records that may be scattered across diverse databases and other repositories."
mdm  compliance 
july 2006 by cote
IT Operations Management Software on the Rise - Gartner numbers of growth in systems management
"It would appear that despite consolidation the huge demand for systems management and particularly types of manage that address compliance are hot."
sysmgmt  compliance  numbers  gartner 
june 2006 by cote
CA Acquires MDY, Leading Provider of Records Management Software and Services
"MDY's innovative solutions help organizations to centrally manage physical and electronic records distributed across the enterprise, regardless of location or origin."
ca  mdy  documents  compliance  m&a 
june 2006 by cote
Ettus Research LLC
The GPL radio transmitter...? The FCC won't like this.
compliance  gpl  via:mray  radio 
june 2006 by cote
Justice Department to Internet firms: Keep your records
"You might think, from the number of times that 'child pornography' is mentioned by the Justice Department, that the US is a nation of pedophiles."
records  compliance  isp  usa  privacy 
june 2006 by cote
Windows Adds Rights Management Protection for Enterprise Information
Users "can define who can open, modify, print, forward and/or take other actions with the information within a limited timeframe"
rms  windows  microsoft  drm  security  compliance  windows2003  enterprisesoftware 
may 2006 by cote
NextPage, Workshare Ease Document Management
"For organizations whose documents may need to adhere to regulatory requirements, such as investment organizations, Workshare is a good fit because of its ability to track and report on collaboration."
workshare  redmonkclients  security  compliance  documents 
may 2006 by cote
Workshare keeps sensitive information out of e-mail | InfoWorld | Review | 2006-04-20 | By Mike Heck
"For organizations that distribute a lot of Word and PDF files, Workshare Protect 4.5 successfully follows the ABCs of document security: Alerting users of violations, Blocking where appropriate, and Curing the problem when possible."
workshare  security  compliance  ms-office  redmonkclients 
may 2006 by cote
TRACE! by Workshare: Document Security Software
Freeware from RedMonk client Workshare to find "privacy and compliance violations" in your MS-Office docs.
compliance  security  privacy  workshare  redmonk  redmonkclients  freeware  office 
may 2006 by cote
Quest Software Introduces Compliance Portal for a Consolidated Web-Based View of Regulatory Compliance Status; New Compliance Portal Enhances Quest Compliance Suite for Windows
"Most importantly, the products alert appropriate personnel in real time to changes that may represent compliance or security vulnerabilities."
questsoftware  compliance 
march 2006 by cote
Exclusive: Infravio brings structure to unwieldy SOA | InfoWorld | Review | 2006-01-19 | By Phillip J. Windley
"At the heart of X-Registry is an access control system and a rules engine. The interaction between these two components results in sophisticated workflow management for SOA governance."
infravio  soa  compliance  x-registry  uddi 
february 2006 by cote
CA Nabs Remote Control Provider Control-F1
The nut: remote desktop capabilities that have auditing functionality, e.g., log that Johnny Sysadmin remotely logged into some work addition, of course, to letting them log into some work station.
ca  m&a  control-f1  remotedesktop  regulation  compliance 
january 2006 by cote
Enterprise compliance software...otherwise known as "those long web pages you don't read with the 'Accept' button at the bottom."
compliance  to_read 
november 2005 by cote
IT Compliance Institute - Case Study: Tracking Software Changes for Compliance
Looks like white-paper material, but given my recent interest in search and an InfoCMDB, I'll keep it for later reading.
infowork  infogeneration  infocmdb  compliance  cmdb  documents  to_read 
november 2005 by cote
CA buys e-mail archiving software
"It will give CA the ability to manage e-mail as an information life-cycle management application, according to regulatory requirements."
ca  m&a  email  messaging  compliance  storage  unicenter 
october 2005 by cote
Symantec ties up BindView buy
An interesting data-point in the agent/agentless systems domain: this time for document compliance.
compliance  symantec  agentless  agents 
october 2005 by cote

Copy this bookmark:

to read