-
FAQ: How do corporate social media policies hold up against labor law?
Corporate social media policies are designed to protect against employees posting job complaints online, but cases show labor laws’ interpretation of these rules is fuzzy at best. FAQ
-
Test your social media risk management IQ: A SearchCompliance.com quiz
Proliferating social networks have cast a spotlight on social media risk management. Take our quiz to find out if you are up to speed on social media. Quiz
-
Compliance Briefing: A guide to social media risk management strategy
Social media is valuable, but it’s also risky. Here are strategies for corporate social media policy, social network monitoring and risk management to protect sensitive information. Tutorial
-
FAQ: How will the Epsilon security breach influence email regulations?
The Epsilon security breach put a spotlight on email regulations, or the lack thereof. In this FAQ, learn what caused the breach, its cost to customers and the potential impact. F.A.Q.
-
GRC management strategies: Test your IQ
Are you up to speed on the latest governance, risk and compliance management strategies? Take our GRC quiz and find out. Quiz
-
FAQ: What is the Federal Information Security Management Act?
The Federal Information Security Management Act aims to improve information security by requiring federal agencies to comply with standards. Learn more with this FISMA FAQ. FAQ
-
FAQ: What impact do mobile computing devices have on IT compliance?
More mobile computing devices means more security threats. Here are things to consider in adjusting your IT compliance strategy to meet challenges brought by iPhones and the like. FAQ
-
What is NERC CIP, and IT's role in critical infrastructure protection?
Under the NERC CIP, power generators and suppliers must prove NERC compliance on critical infrastructure protection provisions by the end of the second quarter. Will you be ready? FAQ
-
Google, EU put online privacy policies in spotlight
Online privacy policies are making news again, after the EU made sweeping changes to its data protection rules and Google released a new policy. News | 30 Jan 2012
-
Critics: SOPA antipiracy legislation should target the real bad guys
Detractors of SOPA and other antipiracy legislation say new regulations are needed -- but they must be better targeted. To do so, they say regulators simply need to follow the money. News | 27 Jan 2012
-
SEC stresses importance of social media guidelines and compliance
The SEC has released new "risk alerts" that outline how financial firms can use social media guidelines to protect their business from fraud and comply with federal regulations. News | 16 Jan 2012
-
With influx of gifted gadgets, mobile device security top of mind for IT
After the holidays, many companies are facing an influx of mobile devices that could affect compliance with various regulations. Is your mobile device security strategy ready? News | 03 Jan 2012
-
Mobile malware, targeted attacks top online security threats in 2012
In 2011, mobile malware and targeted attacks against big-name companies were among the top online security threats. Here’s why you need to prepare for more of the same in 2012. News | 23 Nov 2011
-
Sony announces service restoration, enhanced customer data protection
After a cyberattack put Sony's protection of personal information under a microscope, the company has announced increased security measures and enhanced customer data protection. News | 06 May 2011
-
Epsilon breach shows lack of email regulations, consumer protection
The Epsilon data breach may have exposed thousands of customer email addresses to cybercriminals, highlighting the lack of corporate email security to protect consumers. News | 08 Apr 2011
-
Compliance Q&A: Chief audit executives seek credibility with C-suite
With corporate scandals elevating the importance of chief audit executives, now is the time for CAEs to strategically partner with the C-suite, says Deloitte veteran Shayne Gregg. News | 25 Oct 2010
-
Financial reforms won't fix the computer terrorism on Wall Street
Was the mayhem of Thursday's stock market plunge caused by an act of computer terrorism? News | 08 May 2010
-
The FTC offers tips on fending off P2P security risks
As more legislation on P2P file-sharing security risks makes its way into the Senate, the FTC offers guidance to protect against data breaches. Article | 16 Mar 2010
- See More: News on Vulnerability assessment for compliance
-
Vulnerabilities exposed during disposal of used computers
Upgrading equipment? Proper disposal of used computers is necessary to reduce risk, because sensitive data is vulnerable when old electronics go out the door. Tip
-
Act now to prevent smartphone security risks at your organization
Smartphone security risks have become a huge compliance challenge for many enterprises, but being proactive and implementing security policies can help prevent smartphone hacking. Tip
-
How protecting against the OWASP Top 10 helps prevent compliance risk
Mapping security processes to protect against the OWASP Top 10 could ease Web application vulnerabilities and help some companies stay compliant. Tip
-
Social media monitoring solutions track sites, protect your brand
Social media's popularity has left some companies vulnerable to bad word of mouth or leaks of confidential information. But social network monitoring tools are available to help. Tip
-
Compliance in flux as confusion surrounds social network monitoring
As companies increasingly use social media to promote business, social media policies and social network monitoring are gaining popularity. But compliance questions remain. Tip
-
Set social media risk management policies by preparing for the worst
With social media, mistakes can (and do) happen. When developing a social media risk management strategy, it's best to prepare for worst-case scenarios. Here are four of them. Tip
-
Lax enterprise mobile device management hampers e-discovery
Enterprise mobile device management hasn’t kept pace with the proliferation of mobile devices, a shortcoming that can complicate e-discovery. Tip
-
A thorough data retention strategy needs more than just IT oversight
A data retention strategy is often considered IT's responsibility. But adhering to today's data retention requirements depends on input from many departments across the enterprise. Tip
-
Before cloud deployment, consider risks of e-discovery in the cloud
The economic case for cloud deployment is compelling for many enterprises. But the risks surrounding e-discovery in the cloud need to be addressed by your e-discovery solutions. Tip
-
Like past efforts, new cybersecurity legislation could get complicated
The Cybersecurity and Internet Freedom Act of 2011 is the latest attempt at cybersecurity legislation but, like past cybersecurity efforts, it could have unintended consequences. Tip
- See More: Tips on Vulnerability assessment for compliance
-
internal control
An internal control is a business practice, policy or procedure that is established within an organization to create value or minimize risk. Definition
-
Vulnerabilities exposed during disposal of used computers
Upgrading equipment? Proper disposal of used computers is necessary to reduce risk, because sensitive data is vulnerable when old electronics go out the door. Tip
-
Google, EU put online privacy policies in spotlight
Online privacy policies are making news again, after the EU made sweeping changes to its data protection rules and Google released a new policy. News
-
Critics: SOPA antipiracy legislation should target the real bad guys
Detractors of SOPA and other antipiracy legislation say new regulations are needed -- but they must be better targeted. To do so, they say regulators simply need to follow the money. News
-
SEC stresses importance of social media guidelines and compliance
The SEC has released new "risk alerts" that outline how financial firms can use social media guidelines to protect their business from fraud and comply with federal regulations. News
-
With influx of gifted gadgets, mobile device security top of mind for IT
After the holidays, many companies are facing an influx of mobile devices that could affect compliance with various regulations. Is your mobile device security strategy ready? News
-
FAQ: How do corporate social media policies hold up against labor law?
Corporate social media policies are designed to protect against employees posting job complaints online, but cases show labor laws’ interpretation of these rules is fuzzy at best. FAQ
-
Mobile malware, targeted attacks top online security threats in 2012
In 2011, mobile malware and targeted attacks against big-name companies were among the top online security threats. Here’s why you need to prepare for more of the same in 2012. News
-
Act now to prevent smartphone security risks at your organization
Smartphone security risks have become a huge compliance challenge for many enterprises, but being proactive and implementing security policies can help prevent smartphone hacking. Tip
-
How protecting against the OWASP Top 10 helps prevent compliance risk
Mapping security processes to protect against the OWASP Top 10 could ease Web application vulnerabilities and help some companies stay compliant. Tip
-
Test your social media risk management IQ: A SearchCompliance.com quiz
Proliferating social networks have cast a spotlight on social media risk management. Take our quiz to find out if you are up to speed on social media. Quiz
- See More: All on Vulnerability assessment for compliance
About Vulnerability assessment for compliance
Organizations must effectively use technology to share data while protecting personal information from identity theft. Learn how to assess vulnerabilities, including how to analyze data security and privacy issues, with the latest news, advice, commentary and best practices for regulatory compliance professionals.