Security and risk management
The security and risk management topics page provides IT management with up-to-date information and resources on IT asset management, data security and privacy, IT security management, disaster recovery and risk management.
Sub-Topics
Compliance doesn't begin and end with the Sarbanes-Oxley Act (SOX). Company must also keep up with the various security standards, the Health Insurance Portability and Accountability Act (HIPAA) and numerous other regulations and guidelines. It's a tall order, but it's one company must face in order to protect their customers and stay in line with standards set by the IT industry as well as the government.
Managers and CIOs face regular data security and privacy issues as they are expected to effectively use technology to share data while still following specific rules and regulations to protect personal information.
Health Insurance Portability and Accountability Act (HIPAA) protects health insurance coverage for workers and their families when they change or lose their jobs.
Information security describes activities that relate to the protection of information and information infrastructure assets against the risks of loss, misuse, disclosure or damage. Information security management is controls that the organizations need to implement to ensure that it is sensibly managing these risks.
IT asset management is the set of business practices that join financial, contractual and inventory functions to support life cycle management and strategic decision making for the IT environment. Assets include all elements of software and hardware that are found in the business environment.
IT auditing is the process of collecting and evaluating evidence of an organization’s information systems, practices, and operations. The evaluation of obtained evidence determines if the information systems are safeguarding assets, maintaining data integrity, and operating effectively and efficiently to achieve the organization's goals or objectives.
Information technology law is a set of recent legal enactments, currently in existence in several countries, which governs the process and dissemination of information digitally. These legal enactments cover a broad gambit of different aspects relating to computer software, protection of computer software, access and control of digital information, privacy, security, internet access and usage, and electronic commerce.
The Sarbanes-Oxley (SOX) Act was signed into a US federal law on 30 July 2002. The Act is designed to oversee the financial reporting landscape for finance professionals. Its purpose is to review legislative audit requirements and to protect investors by improving the accuracy and reliability of corporate disclosures. The act covers issues such as establishing a public company accounting oversight board, auditor independence, corporate responsibility and enhanced financial disclosure.
List Topic Article
Highlights
As the oldest and largest independent law firm in Hong Kong, Decons attributes it success to serving the needs of its customers local and international. Cora Li, infrastructure manager at Deacons, discusses the challenges that Deacons faced transitioning to a digital world. Li attributes its success to strict adherence to policies and processes that secure all information remains securely accessible. Deacons has undertaken to automate as much of its data management needs to increase employee productivity.
December cyber attacks lead to decision to stop censoring its results in China, and Google could end up closing its operations and shutting down its search engine there.
The Internet is the single largest source of malware. Security vendors like F-Secure are constantly looking for ways to extend user (and enterprise) protection beyond the firewall. Chia Wing Fei, security response manager at F-Secure, talks about a recently introduced technology called browsing protection.
What do you need to do to protect your network infrastructure? Corey Nachreiner, security network security strategist at WatchGuard Technologies, explains the various security products and technologies that companies need to deploy to protect their network infrastructure. He also covers client security products for desktop and mobile devices.
The growing interest in cloud computing environments is also giving rise to concerns about as yet unresolved security issues, Vincent Goh, managing director for South East Asia, RSA, discusses some of the trends in secure cloud computing, as well as additional options for making sure your business remains secure in the cloud.
