Achieving and Maintaining Compliance

Free registration required

Executive Summary

Enterprises today must comply with an increased number of regulations and industry standards affecting IT security. Often the same organization must adhere to more than one of these mandates. This white paper describes a phased approach for reaching regulatory compliance by using the PCI DSS (Payment Card Industry Data Security Standard) and the FTP protocol as examples. IT security and compliance are not a one-off goal that can be achieved as a single contained project, but a continuous process and a culture of operations, where changes to the security-critical aspects of the environment are carefully controlled and monitored with change control processes and tools. This will reduce the risk of introducing security vulnerabilities and gaps in compliance as side effects of ad hoc IT administration tasks.

  • Format: PDF
  • Size: 96.3 KB