You can't secure what you don't acknowledge.SM

Monday, October 11, 2010

Got compliance? Here are some tips for moving ahead.

Tired of "compliance"? Me too. But, it's still one of those necessary (arguably sometimes unnecessary) evils we must deal with in business today.

Here are some new pieces I've written for the fine folks at SearchCompliance.com that will hopefully be of some benefit to you and your business.:

Priorities for your sound regulatory compliance management policy


Put compliance management back into server virtualization

Achieving compliance is about more than secure data encryption

What compliance professionals shouldn't do after data breaches

Can mobile device security include risk management and compliance?

....and finally, any discussion on compliance wouldn't be complete without talking about THE approach we need to take to any security/compliance project: risk management. Here's a bit a wrote about metrics you can use ensure your efforts aren't in vain.

Using metrics to enhance information risk management

For further reading on all the fun things about compliance check out my compliance resources page.