You are here: silicon.com > Resources > White Papers > Security > Security Administration > Security Standards

Security Standards White Papers

FISMA: Achieving and Maintaining Compliance to Ensure Security of Systems and Data

Tags:
security standards

Overview This paper is intended to show how Tripwire Enterprise can continue to help federal agencies, as well as the organizations that store, process or transmit federal information, and the contractors that do business with the federal government, by providing an automated method for meeting many of the most critical regulatory IT security standards of FISMA compliance. This paper contains case studies from three fictional federal agencies, each capturing the perspective of a key stakeholder in the FISMA compliance process. The case studies highlight how a CIO, Information Systems Owner and Authorizing Officer approach and manage the internal issues of demonstrating FISMA compliance, and how they meet many of those challenges with Tripwire configuration audit and control solutions.

Further White Paper Details
Publisher	Tripwire	File Format	PDF
Date Published	April 2008
Format	White Papers
Topics	Security Standards, Security Management

Did you find this white paper useful?

Achieving compliance with GSi Code Of Connection (CoCo)

In November 2005, The Government published 'Transformational Government - Enabled by Technology' which documents the steps necessary to achieve effective delivery of technology for Government. To develop the necessary trust...

Publisher:
Lumension

MessageLabs - The Dark Art of Spam

Quite simply, MessageLabs anti-spam solution provides businesses with the quality of protection they urgently need if they are to stay a step ahead of the spammers - and the increasingly...

Publisher:
MessageLabs, now part of Symantec

Maximising site vistors trust using extended validation SSL

Web business faces a crisis in confidence. Trust in site security is decling, resulting in consumers scaling back on web transactions or just opting out altogether. This white paper address...

Publisher:
VeriSign

Compliance with Data Handling Procedures in UK Government

The UK Data Handling Procedures in Government Report set out clear and mandatory procedures to be followed by all government employees that have access to and responsibility for citizen data....

Publisher:
Lumension Security

"We Have Met the Enemy, and He is Us."

Organisations are being force towards indentity- based acess lifecycle management tools in order to support IT agility & flexability, safeley empowering staff and rapid evolution of data cetres and core...

Publisher:
IBM

Bush signs Homeland Security bill - the details

The law also: requires all federal agencies, including the CIA, the Defense Department and the National Security Agency, to provide the new department with any "information concerning the vulnerability of the infrastructure of the United States...

Channel:
Law & Policy

Patching cycle is virus writers' dream come true

Then, federal agencies could make it mandatory for their suppliers to use the tools and audit their code, she said. That's far too long to wait to fix the worst security flaws, said Gerhard Eschelbeck, chief technology officer and vice president of...

Channel:
Security Strategy

ID cards won't comply with data protection laws

In the case of ID cards, however, Thomas said the Information Commission has to seek approval from the government and operators of the ID card scheme to run any audit or scrutiny of it. He expressed concern over the "vast database" of personal...

Channel:
Law & Policy

New order in New Orleans

Other federal agencies were equally oblivious. The Department of Homeland Security was sending out press releases that day about slapping Americans with passport requirements to travel to Canada, and the Federal Emergency Management Agency, or Fema...

Locking down financial security

Across the Atlantic, non-mandatory guidelines from the US Federal Financial Institutions Examination Council (FFIEC) now also strongly recommend 2FA for web-based banking transactions. Access rights are a method of internal control.

Obama 'needs new cyber-security tsar'

To best achieve this, the commission said, the Federal Information Security Management Act would have to be revised to allow the NOC to more closely monitor other agencies' cybersecurity efforts. The NOC's overarching responsibilities would include...

Featured White Papers

Harnessing the Power of Location Intelligence in the Public Sector

Throughout the world, public services today are under pressure. The current economic climate, where taxreceipts are naturally suppressed, provides very seriousfunding challenges. Moreover, in good times and bad, increasing regulation at the regional and national level is imposing additional duties and responsibilities on the public services without additional resources to carry them out. Store closures are changing the urban landscape. Demographic and/or economic change isincreasing demand for health and social services.Demand for decreased crime rates is focusing minds in law enforcement. And the threat of internationalterrorism is forcing greater contingency duties on the emergency services. The net result is a need to do more with lessquite a challenge.

Publisher:
Pitney Bowes

IBM XIV® Storage System: Power Consumption Reinvented

Reducing power consumption is one of the most significant challenges of IT centers today. With storage needs on a steep rise, it is increasingly clear that new approaches must be explored. This IBM whitepaper shows how, on average, a traditional storage system using mirroring effectively uses less than 21% of its raw capacity, and an XIV system uses approximately 46% of its raw capacity.

Publisher:
IBM

3 Strategies for Reducing IT Support Costs

As companies brace for more bumps in the economic downturn, many organisations are indiscriminately cutting costs. To ensure a seamless transition into the post-recession market, however, slashing and burning is not recommended. Now is the time to strategically trim and strengthen for success. This IDC White Paper explores 3 tangible areas that IT departments should investigate to help strategise cost reduction during the downturn. Download the White Paper to learn: -- Why IT utilisation, end-user support and maintenance budgets are the most strategic areas to investigate -- How to effectively approach cost-saving measures within these areas while maintaining IT performance -- Tools and services the IDC recommends for achieving maximum cost savings and efficiency