News Stay informed about the latest enterprise technology news and product updates.

Windows compliance: Resources on data retention and data protection

As any CIO or compliance officer knows, compliance affects multiple parts of IT infrastructure and the organization as a whole. Strategy, security, storage, networking, records keeping and human resources are all part of the mix. As an editor at, that means I scan the RSS feeds of all of TechTarget’s sites for relevant content, along with those of other compliance news sites from around the Web. Starting today, I’ll be posting a roundup of the resources I think you’ll find useful at this blog.

Recent research into the buying habits of you, our readers, showed that half of our midmarket CIOs are running Windows shops. That information comes as no shock to anyone. Most of the world lives on a Windows desktop, despite the recent inroads made by Mac OS X and Linux. There’s no question that heterogeneous computing environments are a concern for many a sysadmin. That said, Windows compliance is the crucial topic of the day.

So here’s a question for you: Are there unique issues that arise out of Windows compliance?

I’m certain that the answer is “yes” but I’d like to hear more about what system administrators, CCOs and CIOs are experiencing in their everyday working lives. Let me know what you think in the comments or at

In the meantime, here’s that roundup:

If you’re looking for a comprehensive resource, try The Windows Manager’s Guide to IT Compliance e-book. Chapter 1, for instance, offers best practices on establishing an event log audit trail, maintaining the event log, encrypting email or files and keeping an inventory of stored data. You can also download each of the three chapters separately:

Rebecca Herold has been a prolific contributor on the topic of Windows compliance as well. She’s an adjunct professor for the Norwich University Master of Science in Information Assurance program and is well into writing her 11th book. Her articles can be found at, and, of course, at (You’ll note she’s in our blogroll, down to the right.)

Earlier this month, Herold explained how to keep Windows shops in compliance with data protection laws. Protecting personally identifiable information is a key aspect of compliance in 2009, given new regulations coming down the (Mass) pike. Even if the Massachusetts data protection and encryption law deadline has been extended, it needs to be on your radar.

In past articles, Herold has also explored how to meet data retention compliance in a Windows environment. In her view, Windows managers must take an active role in learning data retention policies and creating procedures to support them.

Similarly, in her tip on meeting compliance requirements in a SharePoint Server environment, Rebecca suggests that before deploying SharePoint Server, IT managers should examine the compliance implications of using the collaboration tool in their Windows environment .

Herold also has written about how the service desk can help Windows shops meet SOX compliance objectives by using IT governance frameworks like COBIT and Microsoft Operations Framework.

Finally, if you’re still procrastinating on completing your IT compliance documentation, do it now.

Reblog this post [with Zemanta]

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.