More IT Governance and Compliance In Depth

Security Manager's Journal: SOX is out of control

Complying with the act is consuming more and more time and detracting from real security work.

Public-sector cloud computing: The good, the bad and the ugly

From California and Utah to Ohio, Massachusetts and Maine, state and local governments are using the cloud to update antiquated systems, but the hurdles are high.

Governance at the speed of change

The right approach to governance -- using real-time metrics -- can enable more reliable applications, more agile IT, more satisfied business owners and, ultimately, happier customers. Insider (registration required)

The real force behind the consumerization of IT

You can blame the iPhone, Salesforce.com, and Facebook, but the truth is that business itself has driven the shift to employee-directed tech

Self-service IT: Are users up to the task?

Sure, today's end users are pretty tech-savvy, but do they have the technical and business chops needed to take full advantage of self-service technologies?

Feds Begin Race to the Cloud

Tasked with adopting cloud computing as a first option in all IT projects, federal agencies are grappling with the hard realities of making that policy work.

Linux at 20: New challenges, new opportunities

The rise of cloud computing and mobility could elevate the open source OS to a level of unprecedented dominance

5 reasons why SIEM is more important than ever

IT environments are growing ever more distributed, complex and difficult to manage, making the role of security information and event management (SIEM) technology more important than ever. Here's why.

10 hard truths IT must learn to accept

Unsanctioned devices, compromised networks, downtime -- today's IT is all about embracing imperfections.

Vulnerability analysis tools add compliance features

Compliance is a natural extension of a vulnerability analysis tool. Normal vulnerability scanning includes searching for unpatched systems, unprotected directories, and other errors in configuration.

How ALPS Advisors found its log management groove

Case study: Log management is a vital piece of compliance. Here's how one mutual fund administration company figured out the best approach.

How Kelly Services manages risk in the cloud

CSO contributor Bob Violino recently interviewed Rosie Rivel, senior manager of IT global risk and compliance at Kelly, regarding risk and the cloud.

Elgan: It's time to legalize cell phone jammers

When Congress enacted the Communications Act of 1934, it was thinking about radios and telephones. Surely it didn't intend to enable convicted criminals to commit crimes from inside their prison cells, writes columnist Mike Elgan.

Helzberg Diamonds chooses tokenization for PCI

Florian Yanez, manager of technical systems for Helzberg Diamonds, explains how tokenization helped the company solve data storage and PCI DSS challenges.

A promising way to manage mobile devices

Mobile Active Defense (MAD) Partners promises to make your life dealing with mobile devices easier

We want you for the PCI Board of Advisors

The PCI Security Standards Council has announced that the nomination period for election to the 2011-2013 PCI SSC Board of Advisors is now open.

Mobile devices: You're losing control

Gibbs ponders mobile devices and concludes that enterprises are in serious trouble.

Top 10 stories of 2010: Living in the post-PC world

It would be foolhardy to proclaim the death of the PC in a year in which Windows 7 was key to record quarterly sales for Microsoft. The top stories of 2010, however, show that the PC for many people around the world has already become just one of several devices used to tap the Internet and a world of applications for entertainment and business -- and that increasingly, the main Internet access device is not a PC. The billions of devices connected to the Internet globally are also giving rise to data and security issues for the wired and mobile worlds alike. Microsoft Chief Software Architect Ray Ozzie's farewell note to his colleagues in October warned them that the PC software giant has to brace for a "post-PC world." News flash for Mr. Ozzie & Co.: The post-PC era has already begun.

Keyword Searches Disappoint

Traditional text search technologies fail to find all relevant documents, but there are efforts under way to improve the technology and add human expertise.

The top 10 stories in IT this week

This week was a busy one in IT news, with the European Parliament giving the OK to the controversial Anti-Counterfeiting Trade Agreement, SAP being slapped with a US$1.3 billion penalty because employees of its now-defunct TomorrowNow subsidiary stole corporate materials from Oracle, and Attachmate's plan to buy Novell for a whopping $2.2 billion. And those were just the biggest of the headlines -- there was plenty more as well.