|
Issue: Volume 11 Number 12 |
June 1, 2008 |
|
|
|
|
Data Breach & Network Intrusion Detection Tools
When the Dam Breaks Most are Not Ready |
|
 Data privacy compliance continues to bedevil executive management, especially chief information officers. The list of businesses and other organizations confronted with high-profile data security breaches is extensive and touches many sectors: ChoicePoint, Circuit City, the Department of Veterans Affairs, Wells Fargo, Emory University, the Georgia Technology Authority, Aetna, Hotels.com and, most recently, the retailer TJX (T.J. Maxx and Marshalls), among many others.
Breaches of data privacy - whether due to unauthorized access or accidental disclosure - impose specific obligations upon the entity holding the data under what is currently a patchwork of somewhat unclear state laws.
Data breaches are a fact of life with the advance of Wi-Fi, 3G, and remote computing as it is done in today's flexible business environment.
Data breaches and network intrusions occur because the personal information compromised includes data elements useful to identity thieves, such as Social Security numbers, account numbers, and driver's license numbers. Some breaches do not expose such sensitive information; however, they still expose individuals to identity theft and business to a compromise of their electronic assets and that must be disclosed under Sarbanes-Oxley and various state laws.
Read on.... |
|
Mapping Business and IT Requirements
IT Needs to be Able to Adapt to Enterprise Need Quickly |
|
The IT Productivity Center has identified five basic business requirements and the necessary IT capabilities and responses to see the requirements are met.
- Quick Time-to-Market - Ability to roll our new applications and technology is expanded with the use of System-Oriented Architecture (SOA)
Solution - http://www.itproductivity.org/itsm.htm
- Restructuring business due to merger, acquisition, or divestiture - Ability to add, change and eliminate IT operations through an effective design and implementation of a structured IT Infrastructure for both networks and data centers
Solution - http://www.itproductivity.org/Infrastructure.html
- Integration of IT technology with business operations - Ability to implement and operate on a 7 by 24 basis for all application, application support, network, and processing operations. This includes having integrated Business Continuity and Disaster Recovery Plans implemented
Solution - http://www.itproductivity.org/DisasterPlanning.htm
- Compliance with mandated security and financial reporting requirements - Defined policies, procedures, and processes which quickly and efficiently support business operations without hindering to overall effectiveness of the processes that are put in place to support them
Solution - http://www.itproductivity.org/Security.php
- Maintain an ROI which is supports the long-term objectives of the business - Metrics that are tied to the Critical Success Factors (CSFs) the enterprise and are supported by defined Service Level Agreements (SLAs)
Solution - http://www.itproductivity.org/metrics.htm
http://www.itproductivity.org/sla.htm
Read on ...
|
|
| |
|
|
|
|
Are you paying too much or too little to your information technology staff? Are you earning what you're worth? Whether employer or employee, it is important to know what other companies are paying in total compensation for a similar position in your area. Learn how your company compares in the area of compensation.
Read on ... |
|
|
|
Productivity Tools |
|
The complete set of tools that are needed for the CIO and CTO to exceed management's expectations.
Read on.... |
|
|
