IT Security and Compliance White Papers

Read the latest white papers from industry experts New Net Technologies. We provide comprehensive information on IT security and compliance.

The PCI DSS security standard calls for a broad range of security measures, but beyond the use of firewalling, intrusion protection systems and anti-virus software, the understanding of the requirements and responsibilities of the merchant are very often poorly understood.

Although FIM or File-Integrity Monitoring is only mentioned specifically in two sub-requirements of the PCI DSS (10.5.5 and 11.5), it is actually one of the more important measures in securing business systems from card data theft.

Vulnerability management is a key security best-practice that serves to prevent the complete spectrum of cyber-attacks. But how do you strike the right balance between maintaining the security of an IT environment that never stands still, and maximizing system performance, uptime and service delivery?

Our medical, health and personal information should remain private. While the principle of Doctor-Patient confidentiality has always been regarded as sacrosanct, the electronic age has inevitably led to greater ease of access to all information, including confidential patient details a.k.a. electronic protected health information.

A formalized Change Management process is vital in order to maximize the effectiveness of any change while minimizing potential problems resulting from a configuration change being made. All security and corporate governance policies such as the PCI DSS, SOX, NERC CIP, HIPAA, ISO27K and GCSx CoCo all demand a robust change management process for this reason.

The Health Information Technology for Economic & Clinical Health (HITECH) act really does ‘up the ante’ for HIPAA enforcement.

This whitepaper is a Guide for IT professionals – an ‘Everything you wanted to know about Compliance’. Anyone with experience of being audited in the past will learn how to remain compliant with your required standards, making the next round of Audits much more straightforward.

PCI DSS Version 3.2 - This table lists the requirements of the PCI DSS Version 3.2 where NNT Change Tracker (file integrity monitor) and NNT Log Tracker (SIEM log analyzer) can provide a solution. Using NNT solutions alone will satisfy 30% of total PCI compliance requirements, but with typical implementation times of just a few hours.

All security standards and Corporate Governance Compliance Policies such as PCI DSS, GCSx CoCo, SOX (Sarbanes Oxley), GLBA, NERC CIP, HIPAA, HITECH, ISO27000 and FISMA require IT systems to be secure in order that they protect confidential data.

The UK Governments initiative to prescribe a security standard to any organization accessing the Government Connect Secure Extranet is a move designed to keep government organizations one step ahead of the inexorable increase in security threats. There have been too many high profile data thefts and losses by Government organizations, highlighting both the risk to, and the importance of, ICT Security and the governance of citizens' data.

The breach at Target has not just been big news within the Information Security community; it is worldwide headline news in all mainstream media outlets. This article looks at Brian Krebs’† excellent (as usual) investigation and analysis of the story so far from an NNT perspective.

USA Offices
New Net Technologies LLC
Naples
Suite #10115, 9128 Strada Place
Naples, Florida, 34108
Atlanta
1175 Peachtree St NE
Atlanta, Georgia, 30361.
Portland
4145 SW Watson, Suite 350
Beaverton, Oregon, 97005.

Tel: (844) 898-8358
email [email protected]
UK Office
New Net Technologies Ltd
Rivers Lodge, West Common
Harpenden, Hertfordshire
AL5 2JD

Tel: 01582 287310
email [email protected]
CIS benchmarking SEWP Cybersecurity 500Sans Institute Now Certified
Copyright 2019, New Net Technologies LLC. All rights reserved. 
NNT and Change Tracker are registered trademarks of New Net Technologies LLC.
All other product, company names and trademarks are the property of their respective owners.