Monday, February 8, 2010

Top Five Corporate Compliance Challenges for 2010 and Beyond

Corporate compliance will become an ever bigger concern in 2010 and beyond. Existing regulations are maturing - meaning that certain ones, like HIPAA, are beyond their grace period and now audit organizations for compliance, while others, such as PCI DSS, are increasing their fines in the coming year.

Meanwhile, Congress will likely add more regulations to worry about, especially if you are in the financial sector.

Fines and new regulations won't be the biggest challenges in 2010, however. No matter what industry you are in, expect to encounter these challenges in forthcoming years.

More...

Tuesday, November 24, 2009

Managing the document sensitivity paradox: When the most confidential documents have the most readers outside the enterprise

If you think about your most confidential documents - such as audit reports, strategy presentations, board communication or M&A due diligence documents - they have one thing in common: They need to be shared with other parties, not only internally but also across corporate boundaries. These documents have to be reviewed and sometimes modified by auditors, management consultants or board members. Often, the more critical the information is, the more it needs to leave the secure environment of the enterprise.

More...

Wednesday, November 18, 2009

The Challenge of Collaboration AND Security

In the past I have had often contentious conversations with IT executives about security and collaboration. One of these conversations ended with "not on my network you're not" referring to a collaboration application I suggested they use. Today, with the variety of SaaS collaborative applications out there, it is easy to get around IT. But is that the best route? Is there a way you can combine security AND collaboration without having to compromise either?

More...

Thursday, November 12, 2009

Alaskan Utility Gets SOX Compliant

Doing business as an electric utility in Alaska has its special challenges, such as bad weather and sometimes uncertain fuel supplies. But as the leaders of Chugach Electric Association, Alaska's largest electric utility, will tell you, regulatory compliance is much the same there as in the Lower 48.

Chugach (pronounced chew-gatch), based in Anchorage with $288 million and 330 employees, provides electricity to 70,000 retail customers in and around Alaska's largest city. It also sells wholesale energy to smaller utilities stretching around the "Rail Belt" connecting Homer, Anchorage, Fairbanks, and points between.

More...

Tuesday, October 13, 2009

Playing the Human Factors

According to Gartner, 84% of data loss incidents involve authorized parties distributing content externally. This data factoid was contained in a CERT Insider Threat Study titled Understanding the Risks & Defending the Enterprise. The cost of that loss according to 30% of survey respondents exceeded $500,000.

The CERT study dates from the early part of this decade. There is little reason to believe the situation has improved much. Organizations are exchanging data more than ever as collaboration and partnering become strategy bywords and the human factors behind most bad security factors have changed.

More...