Optimize Programs and Fulfill Mandate Expectations with Project and Portfolio Governance [ Source: Oracle ]
March 2013- Knowing which programs your agency should support doesn't have to be a guessing game. With Oracle's Primavera Portfolio Management's enterprise approach to governance, agency executives can align projects with strategic goals, balance spending and assess risk. Plus, strategic governance provides greater levels of transparency and accountability, so compliance is never an issue and the return on taxpayer's funds is always rewarding.
Financial Services, Regulation and the Achilles Heel of Email [ Source: Proofpoint ]
February 2013-
Ensuring data privacy in compliance with government regulations and consumer protection laws presents a complex set of challenges for financial firms. Coupled with the rising sophistication in security threats, many industries are under regulatory fire in demonstrating accountability and addressing compliance requirements in accordance with federal and state laws. How an organization is able to store and manage their data, including email, has a high impact on regulatory compliance.
Read this white paper ...
Scale-Out Storage Market Forecast 2010-2015 [ Source: Red Hat ]
August 2012- The core architecture of external storage solutions have gone largely unchanged for the past 20 years. Until recently, scale-out storage was a solution for niche markets. It has been tucked away in an IT corner, mostly used in HPC, scientific computing, and media and entertainment environments. A good deal of data center spending was put on hold, recently there has been uptake in scale-out storage, but adoption was clearly hampered by IT budget pressures. Now, with ...
An Introduction to Red Hat Storage Architecture [ Source: Red Hat ]
August 2012- Over the past ten years, enterprises have seen enormous gains in scalability, flexibility, and affordability as they migrated from proprietary, monolithic server architectures to architectures that are virtualized, open source, standardized, and commoditized. Unfortunately, storage has not kept pace with computing. The proprietary, monolithic, and scale-up-solutions that dominate the storage industry today do not deliver the scalability, flexibility, and economics that modern datacenter and cloud computing environments need in a hyper-growth, virtualized, and increasingly cloud-based ...
The Economics of Scale-Out Storage [ Source: Red Hat ]
August 2012-
Scale-out storage technologies have rapidly gained popularity over the past several years, successfully crossing the chasm from niche technology to mainstream enterprise solution. As this shift occurs, an increasing number of enterprises are seeking to understand the advantages of the newer technology when it comes to the storage of exploding amounts of unstructured data.
While many sources have investigated the advantages of scale-out storage from a technology perspective, few have taken on this ...
Delivering stakeholder-centric services from strategy to execution [ Source: IBM ]
February 2012- This report describes the challenges that arise during a transformation to stakeholder-centric or citizen-centric service delivery. It highlights the crucial roles that key business and IT capabilities play for any public sector organization navigating those challenges.
Fed Continuous monitoring, remediation and CyberScope reporting [ Source: IBM ]
December 2011- To assist federal agencies with the implementation of CyberScope reporting, IBM Tivoli Endpoint Manager, built on BigFix technology, provides insight and control for endpoints with streamlined, automated capabilities for continuously monitoring and remediating security compliance.
Creating value in the Public Sector: intelligent project selection in the US federal government [ Source: Oracle ]
March 2012- Federal agencies are refining program management practices in response to the Obama administration's Government Accountability Initiative. Learn more.
IT Management for 21st Century Government [ Source: Solarwinds ]
September 2011-
SolarWinds IT management products are used by virtually every civilian agency, state government, and branch of the military.
Discover why SolarWinds provides powerful and affordable IT management software to federal, state, local and education customers - from enterprise deployments to tactical networks supporting warfighters. Built by IT pros for IT pros, our products are downloadable, easy-to-use and maintain, and provide the power, scale, and flexibility required to manage today's complex, multi-vendor IT environments. <...
Defining and Planning Continuous Monitoring for NIST Requirements [ Source: Tripwire ]
August 2011-
The National Institute for Standards and Technology (NIST) recently released new Federal Information System Management Act (FISMA) guidance in two publications. The aim of the new guidance is to help federal agencies develop a continuous monitoring program as part of a risk management framework. It is also supposed to help the government gain an enterprise-wide view of its security stance by using automation to roll up reports of security information across all agencies.
...
Continuous Monitoring: What It Is, Why It Is Needed, and How to Use It [ Source: Tripwire ]
August 2011-
Continuous monitoring enables information security professionals and others to see a continuous stream of near real-time snapshots of the state of risk to their security, data, the network, end points, and even cloud devices and applications. Assessing security controls as well as ongoing monitoring of security controls are both directly assisted by continuous monitoring through vulnerability monitoring processes, which many organizations already have in place.
In this white paper SANS Analyst, Dr. E. ...
Mind The Gap: CISOs Work To Narrow The Breach-To-Detection Gap For Better Security [ Source: Tripwire ]
August 2011- In this age of compliance, most retailers do what’s required to become compliant, but often fail to improve security through these efforts. In fact, several organizations have achieved compliance but still have been breached—even though they had the data needed to head those breaches off before any significant damage was done. So how did they miss this critical evidence? Unfortunately, IT security teams are inundated with data from many sources that they cannot ...
Cyberwar Threats: New Security Strategies for Governments [ Source: Tripwire ]
August 2011-
Cyberwar fundamentally changes how government must handle security. Faced with increasingly sophisticated attacks from gangs of cyber criminals and foreign governments probing systems for sensitive data, threats frequently go undetected for days, weeks, and even months. And it's not just financial data being stolen. Terrorists and rogue governments may steal confidential data, including intelligence information, that exposes a country and its citizens to potential harm. Unfortunately, the traditional fortress approach no longer suffices.
...
Network Access Control and 802.1X -- Advantages, Constraints, and Capabilities [ Source: ForeScout ]
May 2011- This whitepaper by Spire Security explains the advantages, disadvantages and limitations of 802.1x as it relates to network access control (NAC). In practice, 802.1x has proven to be costly and cumbersome to roll-out, particularly for large organizations. Furthermore, 802.1x does not include or address many important features of a full-blown NAC system. This whitepaper includes a case study of a large U.S. defense agency that tried rolling out 802.1x and then, after discovering significant ...
Strong Firewall Management Is Essential [ Source: Secure Passage ]
September 2010- Firewalls are designed to provide access control. Although there is risk associated with any access, by limiting what access is permitted the risk is limited and understood and can be evaluated against business need to effectively justify the risk. However, poor firewall management defeats this purpose by ineffectively controlling access and limiting visibility into what access is actually permitted; poor management also increases the cost associated with security management. The result of poor management is ...
Six Critical Elements to Achieving Economies in FISMA Compliance [ Source: Lumension ]
July 2010- For the past eight years, government agencies have struggled to comply with the requirements of the Federal Information Security Management Act of 2002 (FISMA). The goal of FISMA is to control information security as it impacts national security and the economic interests of the United States. Compliance obligates each U.S. federal government agency to “develop, document, and implement an agency-wide program to provide information security for the information and information systems that support the operations ...
Achieving Compliance with Massachusetts Data Protection Law [ Source: Lumension ]
July 2010- In the first ten months after a new Massachusetts identity theft law took effect in late-2007, the Office of Consumer Affairs and Business Regulation reported that over 625,000 residents of the Commonwealth had been directly impacted by a data breach of their personally identifiable information (PII). Of these, about 60% were the result of criminal / unauthorized acts and the remainder due to employee error or “sloppy internal handling” of PII. To help mitigate the negative impacts of ...
The New Age of Compliance: Preparing your organization for a new era of increased accountability and enforcement [ Source: Autonomy ]
May 2010-
There are not “regulated” industries that must preserve records and “unregulated” industries that can discard their records with impunity. Rather, there are heavily regulated industries and less heavily regulated industries. So, all organizations must be compliant to some degree.
This paper examines the current state of regulatory compliance, the impact of non-compliance, the current political environment and the shift in the compliance landscape and compliance enforcement. Also discussed are best practices that can ...
Not Just Words: Enforce Your Email and Web Acceptable Usage Policies [ Source: MessageLabs, Symantec Hosted Services ]
May 2010-
Unmanaged employee use of email and the web can subject any organization to potentially costly risks including litigation, regulatory investigations, security breaches, lost productivity, business interruptions, and public embarrassment.
For responsible organizations operating in the age of email and the web, Acceptable Usage Policies (AUPs) are essential business tools. Clearly written and effectively communicated email and web AUPs—supported by employee training and enforced by proven technology solutions—can help employers minimize risks, ...
Implementing Critical Controls for Federal Information Security [ Source: Core Security Technologies ]
April 2010-
The release of the 2009 Consensus Audit Guidelines (CAG) outlines the need for federal cyber-security controls that are tacitly proactive and can “inform defense” of actual attacks that have compromised systems, or those that could transpire to do so.
This white paper explores specific directives of the CAG, and highlights a commercial software application that arms government agencies and their private-sector partners with the tools to perform ongoing penetration testing of web applications, network ...
11 Ways to Comply with Federal Information Systems Security Requirements [ Source: Core Security Technologies ]
April 2010- In this white paper, government agencies learn about new provisions added to the Guide for Assessing Controls in Federal Information Systems (NIST SP 800-53A), and how a new commercial software tool addresses these provisions with penetration testing that identifies and assesses critical vulnerabilities existing across networks, endpoints and web applications.
A New Way of Working Smarter - Insights from Global Leaders [ Source: IBM ]
April 2010-
It pays to work smarter not harder. According to a recent study by the IBM Institute for Business Value, organizations that are significantly outperforming their industry peers also happen to be making more headway on newer approaches to work.
They’re using dynamic, collaborative and connected ways of working to get things done effectively within a constantly changing environment. But most organizations are not yet meeting their ambitions in these areas.
...
Addressing End-to-End Risks And Inefficiencies In OTC Derivatives [ Source: SunGard Financial Systems ]
February 2010- The over-the-counter (OTC) derivatives industry is in flux as regulators and other industry participants try to create a market structure that reduces the systemic risks associated with this product. The changes will be manifested in many ways, affecting such broad areas as liquidity and balance sheet management, but also lines of business and individual functions, particularly as these pertain to technology and operations. Missing from the current OTC derivatives life cycle of trading and processing ...
Rightsourcing: The Answer To Outsourcing Confusion [ Source: PITSS America LLC ]
March 2010- The Obama Administration’s FY2010 budget guidelines reignited questions about how agencies can best comply with evolving OMB mandates for when to insource or outsource federal contracts. A new white paper by PITSS America explains how even in the absence of clear rules agencies can develop a “rightsizing” approach that takes advantage of solutions like PITSS.converter. The application delivers a clear ROI for Oracle Forms and Reports migrations that can save typical agencies hundreds ...
Ten Questions to Ask Your Traffic Capture Vendor [ Source: VSS Monitoring ]
January 2010- VSS Monitoring presents a 10 question check list for administrators and C-level executives implementing a network monitoring system. The key to achieving end-to-end network visibility is knowing the details of how the traffic gets to network monitoring tools. A few of the many subjects covered are: system connectivity, traffic grooming, latencies, packet optimization technologies, maintaining session-awareness from point of capture to the monitoring tools, and "gotchas" to watch out for. The white paper covers the questions ...