Page 32 - White Papers in Standards, Regulations & Compliance

FATCA: Key Impacts and Achieving Compliance

The US Foreign Account Tax Compliance Act (FATCA) is a key piece of US federal legislation intended to improve tax compliance involving foreign financial assets and offshore accounts. FATCA requires Foreign Financial Institutions (FFIs) to identify any US account or policy holders and disclose their balances,...

Tokenization Broker for PCI DSS Compliance

This case study focuses on a large Canadian airline that covers all destinations in North America. It discusses the preparations the airline took towards Payment Card Industry Data Security Standard (PCI DSS) assessment and compliance. It explains how the airline built a system using Intel Expressway Tokenization...

PCI DSS Tokenization Buyer's Guide

In this paper, Payment Card Industry Data Security Standard (PCI DSS) expert and QSA Walter Conway takes you on a deep dive tour of tokenization techniques and their merits. He also demystifies tokenization by discussing use cases, comparing it to encryption and providing various alternatives for implementing...

Using PCI DSS Criteria for PII Protection

Payment Card Industry Data Security Standard (PCI DSS) is a widely accepted standard that applies internationally to any organization that accepts, captures, stores, transmits or processes credit and debit card data. Many organizations, however, have mandates to protect Personally Identifiable Information (PII). In...

Risk Assessments for Health Care Providers

Since the inception of the Health Insurance Portability and Accountability Act (HIPAA), healthcare organizations have been challenged to protect patient data and comply with regulations while supporting other business initiatives. Most organizations do not have a risk methodology that would conduct an accurate and...

Risks Associated with Missing Documentation for Health Care Providers

Healthcare organizations are challenged to protect patient data and comply with regulations governing healthcare entities. Having well-documented policies and controls, along with expert recommendations, is an important part of reducing risk and achieving compliance with the Health Insurance Portability and...

Managing Privileged Users on IBM i

Data breaches are more likely to come from inside your walls than outside. Without a way to manage user access, a privileged user can endanger your system at length before you discover it. To protect against that risk - and the chance of failing a PCI or SOX audit - you need to ensure privileged users can't abuse...

Survey Report: Mobile Content Security and Productivity

This report provides the key findings taken from a survey conducted by AIIM (an advocate and supporter of information professionals) between June and July 2013 with individual members of the AIIM community surveyed. The respondents cover a representative spread of industry and government sectors. This report...

Meaning-less: Why Many Meaningful Use Claims Today Are False

As regulations evolve, many healthcare providers who have attested to Meaningful Use may have done so falsely, whether or not that was their intent. Consequently, they may lose Meaningful Use funds and face heavy fines and HIPAA violations. Why? Because they've missed a key requirement of both Meaningful Use...

The Convergence of Security and Compliance

This new white paper explains how a single, positive security solution, such as Bit9, facilitates the convergence of compliance and security - one agent that provides visibility, detection, response and protection and can automate and manage compliance for PCI-DSS, SOX, HIPAA, FISMA, GLBA, GPG 13, NERC CIP and other...

HIPAA! HITECH! HELP! Mobile Device Management in Healthcare

Data security is of paramount importance in the healthcare industry, where regulations are numerous and fines are serious. With MDM, your staff can use the smartphones and tablets they need to provide the best possible care and IT can rest easy that devices comply with policies that protect confidential data. Read...

How to Stay Compliant with FDIC Audit Requirements

Financial institutions today have vast quantities of data available that can be used to flag potential fraudulent transactions, but many struggle to effectively leverage this data to fight fraud. This inability to make sense of available data not only reduces the amount of fraud activity detected, but can put the bank...

Leverage Continuous Monitoring to Achieve PCI-DSS Compliance

In the financial services industry, in-depth log analysis is essential to maintaining enterprise-wide security and meeting compliance requirements, including PCI-DSS regulations. In addition to being required to meet compliance standards, continuous monitoring of customers' financial data activity logs helps to detect...

How to Earn or Maintain ISO 27001 Compliance

Achieving ISO 27001 compliance demonstrates a mastery of information security, and is a rare and prestigious certification for an organization to attain. A compliant organization must demonstrate a well-defined and scalable process for detecting and preventing breaches of network security, which can be achieved by...

Controlling IT Risk in Financial Institutions

Starting with the Federal Financial Institutions Examination Council (FFIEC) requirements, this white paper describes how Tenable's unified security monitoring platform meets and exceeds these requirements, ensuring continuous compliance, lower total cost of ownership, tangible security risk reduction and the ability...