Whether you’re searching for strategies, best practices, or industry news, our seasoned experts have created hundreds of helpful resources, filterable by content type, solution, platform, and author. To stay informed, join our email list to get content that matters to you.
The AIX Community Survey, now in its fifth consecutive year, goes in-depth with IT teams to gain a unique perspective into how this platform is being used today and how teams envision using it in the future. Over the years, the respondents of the survey have expanded to include a variety of industries, geographies, and titles within IT.
More than 100 IT professionals in North America, EMEA, and APAC participated in this year’s survey, and this input enables all of us to understand the role of AIX with new clarity.
PCI DSS now includes requirements for strong encryption of cardholder data. Learn how key management is an essential element of preventing unauthorized data access.
Many administrators experience what I call the "audit fire drill" when they hear they're about to undergo a security audit. Follow these strategies to eliminate some of the panic when preparing for an audit.
To protect against the risk of a data breach—and the chance of failing a PCI or SOX audit—you need to ensure privileged users can't abuse their access. This exclusive guide shows you how.
Protect your data and your company from internal and external threats by ensuring that your security policies on-premises and in the cloud are aligned with this checklist.
This guide features an easy-to-follow explanation of NIST 800-171's purpose and requirements. You’ll also get a checklist to help you evaluate your current security measures and where you need to focus your compliance efforts.
PCI’s MFA requirements now apply to IBM i. You have two choices: purchase MFA software that’s designed for IBM i or write your own program to link your existing MFA solution to IBM i. What's the best option for your organization?
Despite the server’s incredible security infrastructure, auditing remains primarily a thankless, manual chore. And, let’s face it, any task that’s thankless and manual probably won’t get done.
Few things strike fear into the hearts of consumers and businesses more than a breach of financial information. Why? Because it hits us where we’re most sensitive: our pocket books!
I recently spoke with a number of attendees at COMMON’s fall conference in Columbus who were facing regulatory mandates including PCI, Sarbanes-Oxley, and HIPAA. For these organizations, tremendous resources are often consumed in order to generate the variety of information deemed necessary to prove compliance.
Disk drive encryption may help you comply with PCI DSS, but you must follow strict requirements. Additionally, relying solely on disk drive encryption for data protection has serious potential risks that you should be aware of.
Let’s face it; system administration remains a largely thankless task. From scheduling jobs to balancing workloads to answering messages in QSYSOPR, administrators and operators work diligently behind the scenes to ensure that IBM i servers are available to run mission-critical applications.
The recent string of breaches at prominent retailers such as Target and Neiman Marcus demonstrated that too many organizations still falsely equate PCI compliance with comprehensive security. Fully compliant organizations are being hit with attacks that compromise payment card data on a regular basis.
Smack in the middle of the holiday shopping season, Target was hit with a malware attack that infiltrated its point-of-sale systems and enabled the theft of credit card numbers and personally identifiable information from more than 70 million shoppers.
With so few companies satisfying—much less optimizing—their risk management responsibilities, it’s worth examining which obstacles may be impeding progress.
The word ‘audit’ is rarely welcomed with open arms by the IT department, and administrators often employ all sorts of delay and escape tactics to avoid the inevitable. But what they may not realize is the full significance of passing these assessments, or how painless the process can be.
The PCI Security Standards Council is set to officially release its third iteration of PCI DSS in two days on November 7, and the new version features numerous changes.
Compiled with significant input from the private sector, the Cybersecurity Framework isn’t a prescriptive compliance document and instead gives companies significant leeway in how they use it to inform their security strategies. As a relatively new source of guidance, its implications for regulated industries aren’t clear yet.
Protecting sensitive corporate information and meeting compliance requirements aren’t the only reasons your organization needs a security policy. A well-defined policy can make the difference between maintaining the trust of customers, vendors, and employees—or facing the damaging consequences of a data breach.
The constantly changing cybercrime landscape paired with the speed of new technologies can make it difficult to know which skills a security administrator should focus on.
Meeting government and industry compliance requirements is one of the top challenges faced by IT professionals. This guide is designed to help you make sense of the Health Insurance Portability and Accountability Act (HIPAA), which is one of today’s most common compliance mandates.