Textversion
Gesetze/Standards Markt Produkte Services Branchen Fachbeiträge Governance Schwerpunkte Literatur Compliance-Archiv Compliance-Lexikon Success Stories Wer bietet was? Streaming Media Sponsoren Schulungen Presseschau Security-News Webinare Umfrage Compliance-Shop Compliance Zeitschrift Specials
Home Fachbeiträge Hintergrund

Fachbeiträge


Administration Entscheidungshilfen Hintergrund Kosten Management Recht

Stellenanzeigen - Jobsuche Compliance-Shop Statement of the Month: Identity Management Shopping-Portal & Shopping Mall Events / Veranstaltungen Newsletter Impressum Kontakt Links RSS: Compliance-Magazin.de-News Feed abonnieren RSS: IT SecCity®.de-News Feed abonnieren Datenschutzerklärung Geschäftsbedingungen Wichtiger Hinweis zu Rechtsthemen Compliance-Magazin für Mobile Devices Sitemap Suche

Moving from Mandate to Differentiator

White Paper: Risk Management and Compliance Rate High as Drivers of Identity, Access and Security Management
The right identity, access and security Management technology enables easier compliance and competitive advantage for business

(19.03.08) - Compliance doesn’t have to be daunting. The best identity, access and security management technologies help companies establish the controls and business structure that enable governance. And, with that in place, compliance comes naturally, putting CSOs in the driver’s seat with automated, on-demand compliance capabilities to make audits more effective and efficient.

Lesen Sie weiter:
Das komplette White Paper als kostenloses pdf-Dokument [131 KB]

It’s no secret that security and compliance violations today can prove disastrous. Corporate fumbles can quickly become headlines, thrusting customers into the waiting arms of the competition. Well thought-out governance, risk and compliance (GRC) strategies help companies, large and small, to avoid those nasty entanglements. Compliance is no longer the four-letter word that it used to be, a mandate imposed by outside forces. "Today, compliance is more often self-imposed," says Ross Chevalier, CTO Canada for Waltham, Mass.-based Novell. "It’s a differentiator, an opportunity to prove trust and competence."

Perhaps that change in mindset stems from the fact that getting the corporate house in order and preparing for audits doesn’t have to be as convoluted as once expected. "If we achieve our security goals, proving compliance is simple,” says Mike Johnson, security architect for Ingersoll Rand. And, according to a recent survey by IDG Research Services, that’s exactly what smart business and IT leaders are doing. This report sheds new light on why many companies are implementing identity, access and security management to automate the compliance process.

Key findings of the research include
>> Risk management and compliance rate high as drivers of identity, access and security management.
>> The ability to "prove” compliance is revealed as the top benefit of implementing identity, access and security management solutions.
>> When it comes to successfully identifying and managing risk, many companies score lower than one might expect.

Security Tops the List
In today’s digital economy, security and risk management is a priority for most organizations. The right processes and systems safeguard intellectual property, protect private customer information and keep companies from crumbling under the negative press that inevitably comes with security violations. And, perhaps more important, they put the necessary controls and business structure in place to prove compliance - if, or when, the need arises. In a recent survey by IDG Research Services, more than three-quarters of respondents assign a critical or high priority to their companies’ ability to identify and manage risk. At the same time, a majority consider the ability to prove compliance, secure access for remote employees and 24x7 security monitoring as critically important.

Addressing those priorities may seem a complicated endeavor, but several key components make for a practical strategy, which can be delineated as: Security management is a holistic view of "how security is done" within an organization; identity management is a standard around which the question "who are you?" can be answered, while access management is a standard that helps define which identities are granted usage of assets; and although these are discreet disciplines, together they comprise a complimentary set of technologies that contribute to good governance. "We must be able to tell ‘who that is’ and manage the ‘what and when’ parts of administration," says Johnson. "Without identity and access management, there is no way we could achieve our goals."

He believes identity and access management are foundational building blocks, helping to ensure that "the right people have the right access to information." Interestingly, the majority (71 percent) of respondents are already using security management solutions at their companies. Similarly, their companies are using access management (66 percent) and identity management solutions (62 percent).

Lesen Sie weiter:
Das komplette White Paper als kostenloses pdf-Dokument [131 KB]

Lesen Sie auch:
Alle Beiträge zum "Statement of the Month" in der Übersicht

Lesen Sie auch:
Satter ROI gegen den Mythos "Eh-da"-Kosten
Mensch als Unsicherheitsfaktor Nummer 1
IT-Sicherheit und Compliance
Federation ist Vertrauenssache
Identity Management-Einführung
Provisioning und Identitätsmanagement
Compliance: Pflicht oder Kür für den IT-Leiter?
Compliance ist konsequent machbar
IdM mit Higgins und DIX
Veränderte Vorzeichen: Identität als Service
Access Management und Informationssicherheit
Identitätsmanagement und IT-Sicherheit
Managementsystem für Informationssicherheit
Informationssicherheit und Compliance
SOA-Governance und Identitätsmanagement
Identity Management für Web 2.0
PCI-Sicherheitsstandard erhöht Kaufspaß

Novell-Produkt-Berichte:
Provisioning-Modul für Identity Management

Die Studie "Vorteile und Herausforderungen IT-gestützter Compliance-Erfüllung" der Friedrich-Alexander- Universität Erlangen-Nürnberg, Lehrstuhl für Wirtschaftsinformatik III in Zusammenarbeit mit Novell ist hier erhältlich.

White Papers:
Financial Services, Privacy and Compliance
Payback and ROI of ISM solutions
Integration von Sicherheit- und Systemmanagement
Novell Payment Card Industry Solution
Moving from Mandate to Differentiator
Security Compliance for Enterprise Organizations

Über Novell

Partner von Compliance-Magazin.de

Novell, Inc. (Nasdaq: NOVL) bietet Infrastruktur-Software für das Open Enterprise an. Novell ist eines der führenden Unternehmen bei unternehmensweiten Betriebssystemen für Unternehmen auf Basis von Linux und Open Source sowie bei Sicherheits- und System Management Services, die benötigt werden, um heterogene IT-Umgebungen zu betreiben. Novell unterstützt seine Kunden dabei, Kosten, Komplexität und Risiken zu reduzieren, damit sie sich auf Innovation und Wachstum konzentrieren können.

Das Unternehmen mit Hauptsitz in Waltham, Massachussets (USA), beschäftigt weltweit rund 4.700 Mitarbeiter. Seit 1986 ist Novell durch die Novell GmbH in Düsseldorf auch auf dem deutschen Markt vertreten. Von diesem Standort aus werden Vertrieb und Marketing für Deutschland, Österreich und die Schweiz koordiniert.
Niederlassungen befinden sich in Berlin, Frankfurt, München, Nürnberg, Wien, Zürich und Genf.
(Novell: ra)

Novell GmbH
Nördlicher Zubringer 9-11
40470 Düsseldorf
Tel: +49 (0)211 - 56 31 - 0
E-Mail: marketing-services@novell.com

Lesen Sie mehr:
Identitäts-, Sicherheits- und Systemmanagement
Novell Management Services

Weitere ausführliche Informationen über Novell-Lösungen, -Produkte und -Services stehen im Internet zur Verfügung unter
www.novell.com oder www.novell.de


Druckbare Version

Warum PCI DSS-Compliance wichtig ist Governance, Risk and Compliance in SAP-Systemen