Five Ways to Accelerate Your Path to Compliance

1 | 2 | 3 | 4 | 5 | 6 | 7

Five Ways to Accelerate Your Path to Compliance-4

Tactic #3: Limit access to critical and controlled resources while watching what people do

Obviously, you are not interested in an employee’s personal data contained on the device they’re using for access, so you need to isolate the company’s critical resources from an individual’s personal information. Strong authentication, ongoing audit of activities and a good, well-maintained password policy will help you here. Reviewing access and content often really is key, because you’re still in charge of compliance both today and tomorrow. Whoever needs access today might not need it tomorrow, and, on the flip side, if a user needs access tomorrow but doesn’t have it, that’s also a compliance failure.

Compliance demands are everywhere. In the past, only banks, publicly traded companies, and those in the health care industry needed to worry about compliance. Today, virtually every organization must deal with regulatory pressure in one form or another. Whether it’s government-mandated compliance such as SOX or HIPAA, industry-enforced regulations such as PCI DSS, or self-imposed controls such as ISO 27002, the alphabet soup of applicable regulations is growing, and the burden to satisfy these demands is becoming more and more challenging.

The logical reaction is to seek a line-by-line assessment of compliance (or non-compliance), often involving an auditor digging for a violation. If a violation is found, the organization is left scrambling to find a way to remediate the violation. Compliance doesn’t have to be complex or reactive. Quest Software’s Tim Sedlack and Todd Peterson suggest five simple tactics that – if followed – can dramatically improve an organization’s chances of passing its next compliance audit.

More Slideshows

How the Gig Economy Is Changing the Tech Industry

The gig economy is clearly disrupting the tech industry, both in positive and negative ways. ... More >>

How Can We Fix the Fake News Problem?

Is fake news a security issue? Some say yes, as it can be used as a social engineering tool to spread disinformation and conceivably to get unsuspecting users to click on malicious links. ... More >>

7 Top Skills for Security Pros

Executives at several top tech firms outline the skills they need now and in the near future, including IaaS and IoT security expertise. Other skills listed may surprise you. ... More >>

Subscribe Daily Edge Newsletters

Advertiser Disclosure: Some of the products that appear on this site are from companies from which QuinStreet receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. QuinStreet does not include all companies or all types of products available in the marketplace.