IT systems support critical national services capable of affecting both consumers and businesses in alarming ways. Chief among the nation's concerns is personal privacy. New regulations, such as the Gramm-Leach-Bliley Act, the Health Insurance Portability and Accountability Act (HIPAA) and the Federal Information Security Management Act (FISMA), require organizations to protect IT systems to assure citizens' right to privacy and the availability of many critical components of our national IT infrastructure. Local and federal governments, utilities, financial institutions and many other types of organizations must now demonstrate that IT functions are properly managed
and protected from threats at a reasonable level.
IT departments need to secure the infrastructure against threats such as viruses and worms and manage their network's availability. They also must
demonstrate to auditors the adequacy of this security through measurement and process. Management is the Achilles' heel of many organizations and it's central to demonstrating regulatory compliance. For example, keeping up with
critical patches for desktops, servers and applications demonstrates effective management of IT systems. There is an urgent need for more effective processes
to ensure critical patches are applied to higher risk systems in a timely manner. Many organizations are turning to solutions such as PatchLink to improve systems management processes and relieve the burden of proof imposed by regulations.
This special report commissioned by PatchLink describes how organizations are using its solutions to better manage their networks to meet regulatory needs through patch and configuration management.
Information Security Research Library
