The Upside of Compliance Three ways to lower costs and security risks by Rick Greenwood, Chief Technology Officer, Shavlik Technologies, LLC Compliance regulations adopted in the U.S. may also impact European firms. Fortunately, enterprises that successfully implement the necessary controls to meet these regulations improve business practices and receive cost savings and security benefits.

Editorial Corner

Compliance isn't all bad HIPAA, SOX, GLBA. These abbreviations for standards sound harmless, but they make work challenging for IT and administrative personnel who have to ensure systems and associated processes are compliant. But compliance comes with benefits, as this issue's feature story explains. A handful of valuable applications have popped up in reader suggestions for tracking an organization's hardware and software inventory. The important thing is to ensure the software meets your organization's requirements and complements your existing hardware and software setup. Another reader wants to know what others' policies are for creating and enforcing security policies. Not only does the policy need to cover security guidelines, but how can it be easily enforced and cheaply maintained? Since easy and cheap aren't easy to accomplish, we hope some of you have found a way or share experiences on what worked and what didn't work. We appreciate you regularly submitting feedback. The newsletter is for you, and we want to ensure it's worth your time to read. After all, IT personnel rarely have spare time for much else outside regular duties. The survey takes little time to fill in. We welcome input on future article ideas, experiences and anything else related to IT security. We archive every issue of The Remediator. If you can't wait 'til the next issue to get feedback, maybe the forums can help you. To show our appreciation for filling out the form or asking for advice, we enter your name into a drawing for a 256MB MP3 player. Best, Meryl K. Evans Editor, The Remediator Security Digest To unsubscribe instantly or change your preferences, see links at the bottom

Simplify Operational Security with Shavlik NetChk™ Compliance Shavlik NetChk Compliance is a powerful solution to scan for, compare and enforce over 230 security settings on your systems.

Last Issue's Security Dilemma: Which application best tracks software and hardware? We're currently testing software to track our hardware and applications. (Right now, the data is manually entered with plenty of errors.) I have downloaded several applications including LANDesk, EMCO Network Inventory, Network Asset Tracker and AdmWin. I find that the information the software gathers, as well as the prices, vary widely. In addition, we're also looking for an application that will push out software to our client workstations. I'm setting up an SMS server to see if that's possibly the best solution. Does anyone use SMS? What other solutions do your readers use to track their workstations and software installations?  — Mary, Consultant Read the best advice from readers of The Remediator Digest   This Issue's Security Dilemma: What’s your policy for managing the policy? My organization agrees it needs a security policy to enforce. I want to know how to enact a comprehensive security policy that is easily and cheaply maintainable and enforceable. What advice can people give me about developing and managing a comprehensive security policy? — Eric, IT Manager Can You Help? Share your experience. You could win a 256 MB MP3 Player. Congratulations to this month's winner of a 256 MB MP3 Player: Zach Walker, Senior SE, Symantec

Know how to get what you need:

Take charge of your career:

For a well-deserved breather: