IT Security and Compliance Articles
Read articles from industry experts New Net Technologies to find out about best practices in keeping your IT systems secure.
- Category: Event Log Management
Event Log, Audit Log and Syslog messages have always been a good source of troubleshooting and diagnostic information, but the need to back up audit trail files to a centralized log server is now a mandatory component of many governance standards.
- Category: SOX
If you haven’t yet been asked ‘The auditors want us to...’ or ‘The auditor suggested...’ or ‘...wants to know how we...’ the likelihood is, you will be soon!
- Category: CIS Benchmark
A panel of experts comprising Adam Montville, David Froud and Mark Kedgley collaborated on a variety of cyber-security issues at a roundtable discussion.
- Category: CIS Benchmark
The Center for Internet Security has embarked on a new branding effort to reflect the new services, features, and partnerships they’ll be introducing to meet the cybersecurity needs of both global public and private organizations.
- Category: FedRAMP
The cloud has created a level of convenience and scalability that was unprecedented until just a few years ago. However, while cloud adoption has gained popularity over the last few years, security and compliance have historically been lacking in this field.
- Category: Breach Detection
Organizations worldwide were hit with a rude awakening this year in terms of data protection. From medical providers, to financial institutions, and government agencies, hackers this year did not discriminate in terms of who’s the next organization to be breached. As we stand to enter the New Year, let’s reflect on some of the largest data breaches that occurred in 2016.
- Category: Breach Detection
Yahoo said on Wednesday it had discovered yet another major cyber-attack, with more than 1 billion user accounts said to have been comprised in August 2013, making this the largest data breach in history.
- Category: SOX
Following the Tesco Bank attack that left 9,000 Tesco customers with £2.5 million in fraudulent transactions, the UK banking sector enacted contingency plans that enable members to share critical intelligence information in hopes to prevent these kinds of attacks.
- Category: DISA-STIG
The U.S. Department of Defense announced on Monday that it has created a new Vulnerability Disclosure Program to help guide researchers on how to report security flaws found in the DoD’s public websites.
- Category: PCI DSS Compliance
With the exception of Role-Based Access Control (RBAC), File Integrity Monitoring (FIM) is the only PCI requirement that achieves security in its purest form; prevention of, or alerts on, deviation from a known-good baseline.
- Disable Windows Services
- What are the recommended Audit Policy settings for Windows & Linux
- Server Hardening Policy - Examples and Tips
- Server Hardening Checklist - Which Configuration Hardening Checklist Will Make My Server Most Secure?
- File Integrity Monitoring Software
- Windows Server 2008 2008R2 Hardening Guide
- Linux Server Hardening
- The Windows Advanced Audit Policy Configuration
- The Top Ten of Audit and Event Log Monitoring
- Which File Integrity Monitoring Technology Is Best For FIM? File Integrity Monitoring FIM or SIEM FIM?