AKIBIA'S PRACTICAL GUIDE TO ENTERPRISE TECHNOLOGY

Thursday, September 03, 2009

IT Needs Turbo Compliance

IT executives are exhausted by the compliance challenge. Managing so many complex rules and requirements takes time, budget and resources, and even still executives can’t be sure they have done everything necessary to ensure compliance.

While compliance solutions in and of themselves are not new, the fact remains that no current solution solves the whole issue at once. Multiple solutions must be patched together with manual work— whether done by consultants or IT staff. As is history with the technology industry, new solutions are created to solve the same challenges, until one solution is ultimately effective. As an industry, we aren’t there yet with a compliance solution, but we are compliant. As a result, complete compliance solutions will be a hot topic as we head into the next year.

Today reporting tools like Shavlik and RSA Envision provide detailed reports on the data, and that is helpful, but it does not address the complete needs of the audit. Instead, security experts are required to put the last piece in place – matching the data reports to the Audit requirements and assessing compliance readiness. Often the approach tackles one regulation at a time instead of leveraging the similarities between different regulations, such as PCI, FISMA and FERPA, for example. This adds time and cost to the compliance process unnecessarily.

The ultimate solution will be able to do for compliance what Turbo Tax did for the tax industry. Turbo Tax took what was once a complex process that required expensive consultants and understanding large amounts of rules and made it a much simpler, cost efficient and easier process. IT needs Turbo Compliance.

At Akibia we believe we are close to Turbo Compliance with a Managed Service that understands compliance gaps, incorporates data reports, reads them and produces an output that matches the audit requirements. As regulations change, the Managed Service can consistently suggest relevant updates and modifications while simplifying internal processes.

What’s your solution for managing the multiple compliance requirements?

LABELS:

Practical Use,

Compliance

Post a Comment

BLOG ARCHIVE

• 2012 (2)
  • April (2)
    • SecureWorld 2012 – Security of Mobile Devices
    • Data leakage concerns for sensitive information in files and using mechanisms such as classification
• 2010 (5)
  • March (1)
    • Why HP is Worried about Third Party Maintainers
  • February (1)
    • Has the Sun Set on Flexible Support Options?
  • January (3)
    • You Inherited Your Cisco Infrastructure, But Do You Know Why You are Still Buying It?
    • Your Workers are Surfing While Snacking on a Big Mac - Time to Revisit Managing Your End-Point.
    • Ensuring Security in the Virtualized Environment
• 2009 (34)
  • December (1)
    • Monitoring Via the Cloud
  • November (2)
    • Sun Makes More Changes Amid Uncertainty
    • Sky High Cloud Chatter
  • October (2)
    • Improving Vulnerability and Patch Management
    • A Couple Quick and Easy Green IT Steps
  • September (3)
    • Don’t Put off Until Tomorrow…
    • Boston's Missing Email Case Has Many People Asking Questions about Digital Forensics
    • IT Needs Turbo Compliance
  • August (3)
    • Take Full Advantage of System Monitoring
    • Implement, educate and enforce strict Social Media usage policies – in that order
    • Preparing for a Return to Growth? It’s Not Too Soon to Make Process Improvements
  • July (2)
    • Death by A Thousand Processes: Getting Compliance Right Requires a Change in Thinking
    • Wrest Control of Your Data Center Back From the OEM
  • June (3)
    • Getting Ready for Cloud Computing
    • A Letter to Ralph Szygenda, the CIO of General Motors
    • Lax Web Site Security: The Site Owner's Responsibility
  • May (3)
    • The Checklist Approach to IT Security is Failing You
    • Financial Strength of Your Vendors…Show Me the Money!
    • PCI DSS v1.2 and its Requirement from WEP to WPA Wireless Encryption
  • April (4)
    • The Near-Term Impact of Oracle Buying Sun
    • On the Path to the Cloud... Walk Before You Run
    • CIOs Need to Manage Up, Broadcast Successes
    • Consolidate Support Vendors?
  • March (4)
    • A Potential Sun Acquisition - Impact on Service
    • April 14 is Decision Day for Those Running Microsoft Exchange 2003
    • HIPAA Revitalized in 2009 and Beyond
    • Ten Steps for the Mass Data Security Law
  • February (7)
    • Tightening Budgets and Their Impact on IT Security
    • Recent Breaches Remind us to Focus on Security
    • The Training You Need Vs. The Training You Receive
    • Emphasizing Virtualization Security
    • DNS Audits: A Practical Guide
    • Practical Green IT
    • "Practical Use" Fills the Gap Between Idea and Implementation

BLOGS WE LIKE

• CIO - Blogs and Discussion - Best Practices
• InformationWeek’s Global CIO Weblog