More on outbound firewall rules
September 21, 2011 | POSTED BY BRETT EDGAR IN MONITORING, COMPLIANCE
In a previous article, I mentioned two firewall rules that every network should have: blocking outbound DNS (udp/53 and tcp/53), and blocking outbound SMTP (tcp/25). I'd like to suggest a few more rules to add to that list.
The first rule to add is bl...READ MORE +
PCI SSC Releases Tokenization Guidelines
September 21, 2011 | POSTED BY JERALD DAWKINS IN COMPLIANCE, PCI
Today, the PCI SSC finally released tokenization guidelines. Nothing too surprising in the guidelines, but they did bring up several interesting points. One of my favorites is:
"When evaluating a tokenization system, it is important to consider all ele...READ MORE +
IT GRC: What Comes First the Program or the Platform?
September 21, 2011 | POSTED BY TOMMY THOMPSON IN COMPLIANCE, IT GRC
Perhaps one of the biggest questions facing the leadership of businesses and organizations in today's Governance, Risk, and Compliance space is "What do I do first when it comes to implementing an IT GRC Program? Do I procure an IT GRC software solution...READ MORE +