SRC Secure Solutions: Software for Data Protection and Security Administration & Compliance

Exposure of enterprise data (especially sensitive data) can present a huge risk to business continuity. You are obliged by standards, laws and regulations to secure your systems and protect your data against breeches.

You are required by your auditors to supply proof of the measures you have taken to strengthen your IT security. After all data breeches do occur – and frequently.

Security and compliance require you to properly monitor your network and systems on it.

How safe is information on IBM i?

By Stephen R. Cheney

Increasing challenge of data breaches

Almost every day we read of a successful hacking attempt exposing private information to criminals and the like. In late April Sony’s Playstation online community was disabled by hackers affecting more than 70 million users. At first it was thought that the hackers had only effected a DoS (Denial of Service) to the playstation users but later Sony revealed that the database containing the user-id’s, email addresses, passwords and even credit-card details has been hacked. The damage to Sony was estimated at $1.4 billion – in future claims, lost clients and of course huge damage to their brand’s reputation. It is not known to me what platform the community database is held on.

SecureZip from SRC Secure Solutions as solution for FIPS 140-2 Compliance 

The Dutch Ministry of the Interior and Kingdom Relations secure sensitive data on Linux systems with SecureZIPsecure_box

28 June, 2010. Following a successful test, a division of the Dutch Ministry of the Interior has chosen SecureZIP Enterprise Edition for Server as the solution to secure sensitive private data to be exchanged with authorized organizations. The choice for SecureZIP was made to due its FIPS 140-2 compliance, the availability of SecureZIP on all major computing platforms (including Windows and Linux) and the price performance ratio.  SecureZIP Server has been installed in the Linux production environment.

Carol WoodburyCarol Woodbury's article: Work Smarter, Not Harder!

I'm guessing it's due in part to how I was raised as well as my independent nature, but I tend to think that I can do everything myself and don't need to ask for help. Therefore, I probably took longer than most to realize that doing everything myself is not always a wise decision.  Sometimes I do need help and should ask for it. Also, there are times when it just makes much more sense to hire someone to do something rather than do it myself.

How does this confession relate to you? What are you not able to do because you are required to generate a compliance report? Or, what security administration task isn't being accomplished because you just can't get to it?