editor's choice
Addressing Compliance Initiatives with Tripwire and the Center for Internet Security (CIS)
Security benchmarks provide a roadmap to apply best practices to protect your organization's IT systems. Learn how to create and execute compliance initiatives that help you get the most from your security investment. Read the white paper »
-
The Lowdown
Sustaining SOX Compliance: Best Practices to Mitigate Risk, Automate Compliance, and Reduce Costs
Today's regulatory environment requires proactive risk management along with greater accountability. Learn how Tripwire can help your organization identify, track and validate its business processes to comply with Sarbanes-Oxley. Get the white paper »
-
IT Service Management: Metrics That Matter
Learn how your IT organization measures up against the best performing IT organizations and what you can do to improve efficiency, sustain compliance and security, increase system availability, and reduce the frequency of outages. Read the white paper »
-
CARFAX Drives IT Success with Tripwire Enterprise
When CARFAX needed to prevent rogue changes from disrupting system availability and increase visibility into change activity across the enterprise, it turned to Tripwire Enterprise. As a result, it experienced an 87% reduction in annual downtime. Read the case study »
RECOMMENDED READING
-
Optimizing Infrastructure Control
An investment in configuration assessment and change auditing solutions can stabilize IT operations, lowering the operational costs associated with the IT infrastructure; and provide a solid foundation that increases the effectiveness of the investment in information security. Discover why IDC Research says TripWire can claim complete configuration control as its own domain. Read the whitepaper »
-
Beyond Disaster Recovery: Using Configuration Audit and Control to Develop an Effective BCP
The biggest threats to a successful failover are inadequate change control, infrequent testing of systems, configuration drift and unknown software dependencies. Find out how configuration audit and control solutions provide the detailed change audit trail that helps organizations maintain the known states so vital to recovering system data after a sudden outage. Read the white paper »
-
Configuration Audit and Control: 10 Critical Factors to CCM Success
Using change and configuration tools is a great start in controlling dynamic IT environments, but you need to audit data if you truly want to enforce a change policy. This whitepaper discusses how to monitor change in real-time and fix problems quickly to ensure a stable, productive IT service stack. Read the white paper »
IN-DEPTH RESOURCES
-
Configuration Auditing: Failure is Not an Option
Join two of the leading experts on Configuration Auditing, Gartner VP Distinguished Analyst Ronni Colville, and Dan Schoenbaum, Chief Operating Officer of products at Tripwire, as they discuss configuration auditing and how it can help ensure maximum effectiveness and efficiency from your IT operations. Watch the webcast »
-
Seven Practical Steps for Federal Cyber Security and FISMA Compliance
Federal computer systems have long been a favorite target of hackers. This paper explores why federal efforts to improve security have often fallen short and how IT professionals can address this challenge. Tripwire CTO Gene Kim suggests seven actionable steps to improve cyber security based on a long-term study of information security organizations. Read the white paper »
-
HIPAA Security Provisions: Is Your Network Ready for a Physical?
If your company is subject to HIPAA, its IT systems also need a clean bill of health. To prevent a painful examination by federal regulators, you need to know what your responsibilities are and how to ensure that your network's "vital signs" are in compliance. Read the white paper »
About the Sponsor | Tripwire
Tripwire Configuration Audit &Control solutions help you achieve and maintain the Integrity of IT Configurations. Tripwire Enterprise is the first solution to combine configuration assessment with configuration auditing, so you can proactively reduce enterprise risk and ensure efficient, compliant and secure IT operations. http://www.tripwire.com/
Webcasts
-
SOX, GLBA and HIPAA: Multiple Regulations, One Compliance Solution
SOX, GLBA and HIPAA regulations all require technical safeguards to protect or guarantee the veracity of critical information. What all three have in common is the requirement for specific IT controls. Learn about these regulations and how Tripwire automates manual processes with an integrated change auditing and configuration control solution. Read the white paper »
-
While You Were Sleeping: Did Your IT System Fail?
During off hours, when all the changes, migrations, and patches are most likely being processed, a single unauthorized or unintended change can quickly, and frighteningly easily, bring down your company's ability to remain in compliance or do business the next day. Learn how one CIO tackled this IT nightmare by implementing enforceable change control policies and tools, nearly eliminating the source of problems that cause 80% of system failures. Watch the webcast »
Ask the Expert
Q.
How have the risks facing organizations' IT infrastructure changed in recent years?
A.
The rise of the Internet has made business IT infrastructures vulnerable to exploitation by the entire online global community. The distinction between traffic internal and external to a network has become blurred, constantly threatening IT systems with moving them away from a known and trusted state.
The wide range of platforms, applications and processes in today's evolving computing culture, creates complexity that adds to risk. The pressure to launch and upgrade applications as quickly as possible opens the door to undetected changes being made to IT configurations.
The rise of virtualization also poses a threat to infrastructure security by increasing the number of entry points for hackers to attack physical machines. And the portability of virtual disk images makes it easy for employees to copy, email or remove them from the premises.
Organizations today typically require so many security tools to control their IT environments that they need specialized solutions to manage these products. On top of all this, IT groups are facing increased pressure to comply with best practices standards set by organizations like the Center for Internet Security.
Ultimately, inadvertent or intentional employee actions that cause poorly configured applications and hardware are responsible for more than 65 percent of security vulnerabilities, according to a recent analyst report.
Related News
-
You Can't Always Be Proactive
— October 8, 2009 | Dark ReadingExperience teaches us that addressing small problems before they become large ones or multiply is the smart thing to do. But whether we actually do the smart thing is another matter entirely.
-
Federal Taskforce to Focus on Cybersecurity Metrics
— October 5, 2009 | InformationWeek GovernmentCross-agency taskforce will emphasize cybersecurity outcomes over compliance, says federal CIO Kundra.
-
Top Cyber Security Risks Revealed
— September 15, 2009 | InformationWeekA report issued by The SANS Institute finds enterprise security efforts focused on fixing low-priority flaws at the expense of serious application vulnerabilities.
-
Privacy Group Coalition Urges Data Regulation
— September 1, 2009 | InformationWeekTen consumer and privacy groups are urging Congress to limit the way online information can be used for advertising and profiling.
-
Five Security Lessons from Real-World Data Breaches
— August 29, 2009 | InformationWeekForensic investigations of stolen data incidents shed light on how security breaches happen and what do do about them.