Posts Tagged ‘compliance’

Security in 3 Dimensions

Tuesday, March 22nd, 2011

Data security is a key element of business success. However, the more that you look into your options, the more that you’ll realize that three components must come together to ensure your company’s IT security.

First, your company must have policies in place related to data. Your staff must be made aware of these policies that pertain to password use, data flow, network security, firewalls and virus prevention, email requirements, and the use of third-party viagra and tools. Award winning software from Check Point is one example of a product that lets you specifically target network security solutions to your business security needs. Keeping your security operations simple and affordable at the same time.

Then, your company must involve your staff. On one hand, this means making sure that they are aware of the policies that you’ve put in place. On the other, it means giving them the opportunity to contribute to policies, to provide insight into areas where security could be tighter, and ensuring that the entire team is working together to protect company information.

Finally, it’s important to have an enforcement policy in place. Be sure that you know how violations of your company’s security policy will be addressed, and ensure that the policy will be enforced consistently – whether the person violating it is a new hire or a manager with 15 years or more of experience.

Data encryption, password protected databases, user roles: all of these elements play a role in creating and ensuring IT security. However, when you have the right policies in place, your staff are on board to follow those policies and suggest additional measures that can be taken, and a strong enforcement policy is in place, your company can count on security in three dimensions.

Posted in Endpoint Security & Management | 1 Comment »

Tags: , , , , , , ,

Scalable Storage Systems – How and why healthcare organizations are embracing them

Wednesday, February 16th, 2011

When most people think about the need for scalable data storage, they think about traditional manufacturing or cloud computing. But there’s another industry that requires flexible solutions for storing data: the healthcare industry. Hospitals, small and large medical practices, and even healthcare records storage facilities all have an increasing need to access and share data. The challenge is that, until recently, there haven’t been many options available.

Whether for the sake of storing more digital x-rays or MRI results so that they can be easily shared between the radiologist’s facility and other healthcare providers or backing up patient files, data storage is critical. The selected system needs to be reliable. Similarly, the system needs to be able to support a variety of data types, development on and access by a variety of operating systems, and to function within a variety of server environments. Records need to be secure, and both structured and unstructured data must be supported. Finally, in order to keep costs down, IT departments are looking for highly efficient systems to use for data storage that are able to operate with peak of performance without being a power drain.

Healthcare IT needs to be consistently innovative in order to ensure that needs continue to be met. Do away with their existing storage assets or risking downtime in order to upgrade systems is not only wasteful but also creates the potential for system downtime. To prevent this, VAAI – vStorage APIs for Array Integration – is a consideration as it provides a unique interface that takes the complexity out of operating VMware infrastructure.

If you’re looking to improve on a healthcare data storage system, this is one reason to look to the Hitachi VSP – the Hitachi Virtual Storage Platform – which has been certified for VAAI. Combined with the Hitachi Command Suite storage management tool, the VSP is able to leverage an organization’s existing industry standard storage devices. This is one of the three levels of scaling referenced when you read about the platform’s 3-D scaling – the ability to scale deep with multivendor storage. The other two dimensions are “up” – taking advantage of consolidating host servers – and scaling out to increase capacity.

By making it possible to continue using existing data storage environments and improving the way in which data is accessed, it’s possible to improve performance and drastically reduce costs – even in fields like healthcare where needs change frequently.

Posted in Application Delivery & Optimization | No Comments »

Tags: , , , ,

Four Signs It’s Time for Application Virtualization

Monday, October 25th, 2010

There’s always room to streamline your application management processes. Traditional approaches tend to be cumbersome and time-consuming, and they leave openings for risks such as non-standard software installation and suboptimal access control. Application virtualization solutions such as Citrix XenDesktop and XenApp can be used to remedy many of these problems, and the TCO and ROI cases are well established.

But, when it’s time to present your plan to move to a virtualized application environment to the executive team, you need specifics – it has to be clear that there are direct and tangible benefits to application virtualization that can be realized fairly quickly. Start by looking at your existing operation for indicators that it’s time to virtualize. Here are four to get you started.

(more…)

Posted in Application Delivery & Optimization | No Comments »

Tags: , , , , , , , , ,

Five Ways to Turn Policies into Real Data Security

Monday, October 4th, 2010

Security policies are guidelines to be enforced – they don’t provide real results. At the end of the day, there’s no substitute for active protection. Don’t rely merely on policies to keep your data safe. Instead, implement data security solutions that transform your internal controls into tangible protective measures. Here are five ways you can turn rules into actual security.

1. Automate your security processes: Instead of spelling out the rules to your staff, use a security solution that allows you to implement customized controls and restrictions that ensure your data can be reached only by the employees who have a reason to do so.

2. Use access control: Don’t just tell employees what they can see and what they should avoid. Use a solution such as Juniper Networks Access Control to grant or prevent employees from reaching sensitive or otherwise restricted systems and data.

(more…)

Posted in Endpoint Security & Management | No Comments »

Tags: , , , , ,

Compliance, Disaster Recovery and Cost Containment

Monday, August 30th, 2010

This is the three-part goal of any storage management operation. You have to comply with relevant regulations, be prepared to bring our company back to normal following a catastrophe and do it all while spending as little money as possible. This is possible … all of it. You just need to find the opportunities for improving efficiency throughout your storage infrastructure. Storage virtualization can make the difference.

Perhaps the greatest myth bout regulatory compliance in the IT department is that it entails a substantial unavoidable cost. Execute your datacenter compliance measures prudently, in fact, and you could actually realize a cost savings. This is especially true of disaster recovery systems and processes, where reliable and fast solutions that are easy to manage can keep expenses down, if not deliver an actual reduction in TCO.

(more…)

Posted in Archiving & Compliance | No Comments »

Tags: , , , , , , , , ,

Turn Compliance into an ROI Opportunity

Monday, August 9th, 2010

Do you treat compliance as a cost to be contained? A business requirement to be completed with as little investment as possible? If this is how you approach such measures as Sarbanes-Oxley and HIPAA, you’re missing an opportunity to turn your compliance program into a chance to drive ROI. Think about your backup and archiving operation: the changes you make to attain compliance can have benefits throughout the enterprise.

As it is, backup and archiving is a cost that comes with little ROI opportunity. You can streamline your process to make backups faster and consume fewer resources, but this is traditionally viewed as a way to control expenses that are unavoidable … which is a long way from actually generating a return on your storage management investment. For compliance, the situation is much the same: the focus tends to be on keeping mandatory costs as low as possible. Since compliance programs often intersect with backup and archiving, you’re stuck trying to keep two significant initiatives from occupying your limited budget.

(more…)

Posted in Archiving & Compliance | No Comments »

Tags: , , , , , , , , ,

Heightened Awareness of DLP

Thursday, July 29th, 2010

Guest post by Brad Pierce, Senior Engineer
bpierce [at] structured.com

In the wake of the 90,000+ classified diplomatic cables being made public on Wikileaks this past weekend , I’m thinking Data Loss Prevention (DLP) has moved up a few notches of priority on the CIO wish list. What’s most disconcerting is that this was not done by an elite team of malicious hackers, but by a disaffected insider with access. Pfc. Bradley E. Manning, an Army intelligence analyst, exploited a loophole in the Defense Department security posture by burning files to CDs.

This high profile case illustrates the need to know where your sensitive information is and how it is being used.

DLP is mandated by a number of regulations including HIPAA/HITECH, GLBA and PCI DSS. Depending on the regulation or industry a company operates within this can cover a wide spectrum as there are many definitions to what DLP entails and what must be secured.

The basics of data loss prevention center on protecting data in three basic states:

(more…)

Posted in Endpoint Security & Management | 3 Comments »

Tags: , , , , , , , , , , , , , , , ,

Are You Backing up Too Much Data?

Monday, July 26th, 2010

Regulatory requirements, prudent business practices and the fear of disruption make enterprise-wide backups a necessity in today’s business environment. And you don’t want to cut out what might be important. After all, you want anything that can make a return to business as usual to be available. You can have this while accelerating your backups and not compromising how much important information you store. It’s time to de-dupe your datacenter.

Few businesses aren’t touched by some kind of compliance structure. Sarbanes-Oxley, HIPAA, the anti-money laundering provisions of the USA PATRIOT ACT and PCI are just a handful of the rules that can influence your datacenter. If your company is publicly traded, you may also have to implement and demonstrate certain disaster recovery capabilities, and businesses in the legal and financial services fields need to navigate archiving and document retention regulations (e.g., from the New York Stock Exchange and National Association of Securities Dealers).

(more…)

Posted in Archiving & Compliance | 1 Comment »

Tags: , , , , , , , , , , , , , , , , ,