Can You Prove You're Ready for Your Next Audit? How to have an effective configuration auditing process by Meryl K. Evans, Editor, The Remediator Security Digest When a business is faced with an internal or external IT compliance audit, a number of fears and uncertainties can arise at all levels of the organization. To prepare for the audit, executive members of the organization begin asking the questions that IT administrators dread having to answer.

Editorial Corner

In compliance? Safe security ... When the employee steps away SOX. HIPAA. Gramm-Leach-Bliley. What do these regulations have in common? They require affected companies to comply or face punishment. Staying in compliance is a big job, but with security configuration auditing, you can stay on track. Ever lead a horse to water, but couldn't make it drink? That's how we feel about encouraging users to practice safe security. See what readers suggest to address this problem. Have you ever been donutted? It happens when you step away from the cubicle without locking your computer, and another employee sneaks in and types an email in your name or changes the words in your open document. How do you deal with this predicament? Our feedback form is short 'n' snappy, and we read every word, so please let us know how we’re doing. For taking the time to complete the survey between meetings and emergencies, we'll enter your name in a drawing for a 256MB MP3 player. Best, Meryl K. Evans Editor, The Remediator Security Digest To unsubscribe instantly or change your preferences, see links at the bottom

2.1 Now Available! Shavlik NetChk Compliance The simplest way to automate policy and security configuration management! See how we help you manage regulatory compliance with the following new capabilities: Scanning for patch and spyware policies Overview of policy with the Shavlik Policy Dashboard New coverage for FISMA and NIST 800-53 controls New filter options to create, view and report policy for audits, enforcement and monitoring System checks for the Microsoft Windows® Vista operating system  for more information.

Last Issue's Security Dilemma: How do you motivate users to practice safe security? More security and computer-related problems stem from users doing dumb things than from intense external attacks. How do you inspire your users/clients to practice "safe security?" — Meredith, IT Specialist Read the best advice from readers of The Remediator Digest   This Issue's Security Dilemma: How do I deal with "Just a quick trip away from the desk" users? Sometimes our users create undue risk. For example, leaving their login session open while going to the printer to grab a printout, they get distracted and end up away from their desk talking with a coworker for half an hour. In a situation like this, it's too easy for another person to sneak onto their computers and do something inappropriate. While many people within the organization regularly lock their stations, some forget. I'm concerned about the risk this poses to the network. Should I make changes to the network so it automatically logs off users after five minutes of inactivity, or just issue another reminder about the importance of security? — Barbara, Manager Can You Help? Share your experience. You could win a 256 MB MP3 Player. Congratulations to this quarter's winner of a 256 MB MP3 Player: Sheri Rusk, owner of Black Rose Friesians, LLC.

Know how to get what you need:

Take charge of your career:

For a well-deserved breather: