Security News
LexisNexis Financial Crime Digital Intelligence is a new solution that leverages digital identity data to transform financial crime compliance workflows. LexisNexis Financial Crime Digital Intelligence provides a dedicated and customized workspace including purpose-built financial crime compliance capabilities such as access to additional sanctions risk features, storage capacity and user role configuration.
According to Enterprise Management Associates and BlueCat's recently published research report, nearly 3 in 4 enterprises have suffered security or compliance issues in the past year as a direct result of collaboration challenges between the cloud and networking teams. The research, based on a survey of 212 networking and cloud professionals, found that the consequences of dysfunction between these teams extend far past the security realm.
When you're implementing a password policy for your AD with GDPR compliance in mind it's a good idea to use a 3-rd party tool to help your password policy reach your entire end-user directory. During a password change in Active Directory, this service will block and notify users if the password they have chosen is found in a list of leaked passwords and provides dynamic feedback for password compliance.
While traditional IT teams and inventory tools provide an IT view of inventory, software support, and licensing, security teams are looking for the security context of assets such as assets that are not running security tools, detection of unauthorized software, internet visibility, and more. Security tools like EDR help secure assets, but do not let security teams know which critical assets are not running EDR, or if databases are visible from the internet? All security teams have defined authorized and unauthorized software policies.
The upcoming physical return to the office is also set to bring the influx of IoT devices that may be installed on networks as part of new COVID-19 workplace compliance policies. Some of these devices may collect large quantities of personal data that needs to be protected and is subject to the GDPR. GDPR Privacy by Design.
CoreStack announced the availability of its CoreStack AI-powered, multi-cloud compliance and governance solution in the Microsoft Azure Marketplace, an online store providing applications and services for use on Azure. CoreStack customers can now take advantage of the productive and trusted Azure cloud platform, with streamlined deployment and management.
While the CMMC doesn't completely replace the National Institute of Standards and Technology SP 800-171, it does include and build on these standards for a clear purpose. Enter the CMMC. With this new regulation, the DoD establishes five levels of cybersecurity preparedness, ranging from level one to level five.
Cloud security is more topical than ever when considering all the fun things that have happened in 2021 with security startups! Before talking about innovation and startups though, let's talk about a brief history of cloud security especially public cloud.
CrossComply is one of four solutions available within AuditBoard's integrated GRC platform, which streamlines and simplifies audit, risk, and compliance programs for large organizations. Gartner recently cited IT Governance as a top risk in 2021, and a March 2021 AuditBoard market survey found that 47% of teams are still managing IT and information security compliance with manual processes and spreadsheets, leaving themselves vulnerable to errors, gaps, and risks.
The ioXt Alliance announced that it is expanding its ioXt Compliance Program with a new mobile application profile with added requirements for VPN applications. Defined collaboratively by technology companies such as Google and Amazon, in partnership with security labs, NowSecure, NCC Group, DEKRA, Onward Security and 7layers, and aligned with the initiatives set forth by VPN Trust Initiative, these new security standards for the mobile app and VPN markets will bring transparency and visibility to consumer and enterprise buyers, to advance security in the IoT industry as a whole.