Home > Midmarket CIO Tips > IT and business management for the midmarket > Compliance on a budget -- 10 easy steps
CIO Midmarket Tips:
EMAIL THIS
 TIPS & NEWSLETTERS TOPICS 

IT AND BUSINESS MANAGEMENT FOR THE MIDMARKET

Compliance on a budget -- 10 easy steps


Kevin Beaver, CISSP
07.21.2005
Rating: -3.33- (out of 5)


Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   


There has certainly been a deluge of federal, state and private industry information security regulations, and small and midsized businesses (SMBs) are perhaps the hardest hit. Contrary to all the marketing hype and general belief, there are reasonable ways you can bring your SMB into compliance and stay without having to spend tens of thousands of dollars on technology and other overrated solutions to this problem.

It seems that for every information security assessment I perform, the general outcome is not recommendations to install the latest and greatest firewall, encrypt everything in sight, or lock down every computer to the point of minimum usability. Instead, the recommendations usually involve making changes in the "soft" areas of security -- namely business processes. Obviously, it still costs money in the form of time, effort and other personnel resources to make such changes, but it doesn't have to be that expensive. This is especially true if you have in-house staff that can help with your compliance require


Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   


RELATED CONTENT
Information security management for the midmarket
Using key risk indicators to sell your information security program
IT security spending a bright spot in '09, with more growth predicted
Gartner: Vetting security of third-party partners in five steps
Locking down security in the move to electronic medical records
Security and risk management in the midmarket
Identity and access management planning guide for the midmarket
Information systems management for the midmarket
CIOs share advice on doing more with less
Get smart about patching security vulnerabilities
A CIO's advice for implementing single sign-on solutions

Security tools for the midmarket
IT security spending a bright spot in '09, with more growth predicted
Security and risk management in the midmarket
Identity and access management planning guide for the midmarket
A CIO's advice for implementing single sign-on solutions
Options for outsourcing security grow, offer IT budget savings
Network access control: Pointers for getting the knack of NAC
Unified communications: Securing access to OCS
Unified communications security: How safe is it?
Database security: Who should have access?
San Francisco network lockup justifies CIO fears

Security for the midmarket
Locking down security in the move to electronic medical records
A CIO's advice for implementing single sign-on solutions
Options for outsourcing security grow, offer IT budget savings
Network access control: Pointers for getting the knack of NAC
Stopping malware viruses from attacking Web 2.0 technology
Virtual servers no escape from IT security management concerns
Unified communications: Securing access to OCS
Unified communications security: How safe is it?
Risk assessment frameworks easy to employ
Midmarket regulatory compliance management: Don't let your guard down

RELATED RESOURCES
2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems
Search Bitpipe.com for the latest white papers and business webcasts
Whatis.com, the online computer dictionary


ments.

Without performing an information security assessment, here are 10 items that, when implemented properly, I guarantee will buy you more bang for your compliance buck than anything else:

Information security and regulatory compliance aren't easy, and nothing good is free. However, if you approach the requirements for doing business in a high-tech economy with some common sense and keep things simple and practical, your small or midsized company -- and especially its cash flow -- should be quite all right.

Kevin Beaver is founder and information security advisor with Atlanta-based Principle Logic LLC. He has more than 17 years of experience in IT and specializes in performing information security assessments. Kevin has authored five information security-related books including Hacking For Dummies (Wiley), the brand new Hacking Wireless Networks For Dummies, and The Practical Guide to HIPAA Privacy and Security Compliance (Auerbach). He can be reached at kbeaver @ principlelogic.com.

Rate this Tip
To rate tips, you must be a member of SearchCIO-Midmarket.com.
Register now to start rating these tips. Log in if you are already a member.




DISCLAIMER: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.



Mid-market CIO Business Solutions on Data Integrity, Unified Communications, and Virtualization
About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
SEARCH 
TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.

TechTarget Corporate Web Site  |  Media Kits  |  Site Map




All Rights Reserved, Copyright 2007 - 2009, TechTarget | Read our Privacy Policy 		  TechTarget - The IT Media ROI Experts