Achieving Compliance in Digital Investigations

Oct 29, 2012

Download 80% of organizations suffering payment card breaches had not achieved compliance with PCI DSS at the time of the breach. � Verizon 2011 Data Breach Investigation Report

As regulation and litigation increase, internal investigators must support an alphabet soup of compliance obligations: SOX, GLBA, FISMA, HIPAA, PCI DSS, regional privacy laws, and more. Although each regulation is different, these laws share common investigation requirements in three areas: policy, control infrastructure, and incident response.

This paper demonstrates how in-house investigators can take advantage of computer forensics technologies that support these key functions within a single base platform. A common investigative infrastructure can enable appropriate investigative processes for disparate industry regulations and frameworks and:.

� Help to establish and maintain data policy.
� Implement effective controls so policies are followed
� Respond to computer security incidents promptly
� Reduce risk and increase efficiencies across enterprise teams like HR, IT and audit.

Your limited investigation resources can go further, faster.


Guidance Software