Dell today announced it has signed a definitive agreement to acquire SecureWorks® Inc., a globally recognized provider of information-security services. SecureWorks’ industry leading Security-as-a-Service solutions include Managed-Security Services, Security and Risk Consulting Services and Threat Intelligence. The acquisition expands Dell’s global IT-as-a-Service offerings and information security expertise.
Physicians using webcams to consult with patients soon could see significant obstacles, as state laws likely will grow more restrictive as technology advances, according to Capistrant.
Physicians must be licensed in the state where their practice is located and in any state where they see patients through videoconferencing. However, Capistrant said that some states have agreements with others to accommodate doctors who see patients across state lines.
In addition, Capistrant said doctors must make sure their communication with patients meets HIPAA security requirements.
The National Institute of Standards and Technology has released a draft of its guidelines for implementing enterprisewide information risk management. The document defines the underlying principles for implementing the Federal Information Security Management Act.
The PCI Security Standards Council, as expected, has officially declared it will not sign off on any mobile application for quite some time. If it helps, the Council added that mobile “will be a key focus for the Council in 2011.”
One out of every two IT security professionals spends 50% of the work week on regulatory compliance initiatives, according to a new survey.
Amazon Web Services LLC AWS, a subsidiary of Amazon.com recently announced it has achieved Level 1 compliance with the Payment Card Industry PCI Data Security Standard DSS. Merchants and other service providers can now run their applications on AWS PCI-compliant technology infrastructure to store, process and transmit credit card information in the cloud. Customers can use AWS cloud infrastructure
Bob Russo, GM of the PCI Security Standards Council, says simply that PCI security standards are maturing “gracefully.”
In fact, Russo says the global payments community is pleased with the standards, which is why the council decided to make no significant changes this time around. The PCI Data Security Standard and the PCI Payment Application Data Security Standard have not changed significantly this year. But what the industry can expect in 2011 are clarifications and some new guidance regarding emerging technologies.
Over the summer, the company launched Google Apps for Government and announced that it had received FISMA (Federal Information Security Management Act) certification, which allowed it to store sensitive, yet unclassified, information, which makes up about 80 percent of all government data.
Implement only one primary function per server to prevent functions that require different security levels from co-existing on the same server. (For example, web servers, database servers, and DNS should be implemented on separate servers.)
Note: Where virtualization technologies are in use, implement only one primary function per virtual system component.
HyTrust, Cisco, VMware, Savvis and Coalfire Outline Configuration Guidelines to Meet the New Requirements Following Publication of New Payment Card Industry Data Security Standard