Risk Management Framework

Tools for Compliance management which can boost security

June 24th, 2014

HIPAA has certain set of rules when it comes for compliance management. Compliance requirements are many times seen as an unnecessary burden but if proper procedures are followed then it can protect your organization even from data breach. Moreover it can also protect you from lawsuits to corporate espionage. The risk associated with compliance failures can include financial impact or fines, data loss, lost business or even a suspension of operations.

Below is the list of compliance management tools –

  • www.glpi-project.org: A free, open source tool, GLPI offers IT and asset management capabilities. After all, a good inventory is the first step in seeing what needs to be secured.
  • www.ptatechnologies.com: A free toolset that is driven by the methodology of effectively managing operational and infosec risks in complex systems using calculative threat analysis and threat modeling.
  • www.somap.org: The ORICO Framework and Tool are two projects in one, offering risk management and the toolset to build a reference implementation of a security framework.
  • sourceforge.net/projects/assetmng: An open source IT asset management system that provides identification, valuation and risk assessments.
  • http://openfisma.org : An open source framework that is designed to reduce the complexity and automate the regulatory requirements of the Federal Information Security Management Act (FISMA) and the National Institute of Standards and Technology (NIST) Risk Management Framework (RMF).

IT managers may need to build their own solutions and integrate off-the-shelf products with other solutions. Luckily for those choosing a path of self-development, several free tools can become part of an integrated solution.

Alertsec strengthens security

Alertsec has created a web based encryption service that radically simplifies deployment and management of PC encryption by using industry leading Check Point Full Disk Encryption (former Pointsec) software.

Organizations, especially corporate giants, have to have an information security policy in place that proves they have taken necessary steps and measures to safeguard the information they gathered. If these policies are not adhered to, the regulators may prosecute.

Alertsec Xpress is used by organizations that have recognized the need to protect their information. Customers range from single-user sole traders and consultants to multinational companies with a large number of offices around the globe. Over 4 million users worldwide use Alertsec Xpress’s Check Point Full Disk Encryption.