As any CIO or compliance officer knows, compliance affects multiple parts of IT infrastructure and the organization as a whole. Strategy, security, storage, networking, records keeping and human resources are all part of the mix. As an editor at SearchCompliance.com, that means I scan the RSS feeds of all of TechTarget’s sites for relevant content, along with those of other compliance news sites from around the Web. Starting today, I’ll be posting a roundup of the resources I think you’ll find useful at this blog.
Recent research into the buying habits of you, our readers, showed that half of our midmarket CIOs are running Windows shops. That information comes as no shock to anyone. Most of the world lives on a Windows desktop, despite the recent inroads made by Mac OS X and Linux. There’s no question that heterogeneous computing environments are a concern for many a sysadmin. That said, Windows compliance is the crucial topic of the day.
So here’s a question for you: Are there unique issues that arise out of Windows compliance?
I’m certain that the answer is “yes” but I’d like to hear more about what system administrators, CCOs and CIOs are experiencing in their everyday working lives. Let me know what you think in the comments or at firstname.lastname@example.org.
In the meantime, here’s that roundup:
If you’re looking for a comprehensive resource, try The Windows Manager’s Guide to IT Compliance e-book. Chapter 1, for instance, offers best practices on establishing an event log audit trail, maintaining the event log, encrypting email or files and keeping an inventory of stored data. You can also download each of the three chapters separately:
- Keeping up with IT compliance
- Managing email server compliance
- Controlling access for file server compliance
Rebecca Herold has been a prolific contributor on the topic of Windows compliance as well. She’s an adjunct professor for the Norwich University Master of Science in Information Assurance program and is well into writing her 11th book. Her articles can be found at PrivacyGuidance.com, Realtime-ITcompliance.com and, of course, at SearchWinIT.com. (You’ll note she’s in our blogroll, down to the right.)
Earlier this month, Herold explained how to keep Windows shops in compliance with data protection laws. Protecting personally identifiable information is a key aspect of compliance in 2009, given new regulations coming down the (Mass) pike. Even if the Massachusetts data protection and encryption law deadline has been extended, it needs to be on your radar.
In past articles, Herold has also explored how to meet data retention compliance in a Windows environment. In her view, Windows managers must take an active role in learning data retention policies and creating procedures to support them.
Similarly, in her tip on meeting compliance requirements in a SharePoint Server environment, Rebecca suggests that before deploying SharePoint Server, IT managers should examine the compliance implications of using the collaboration tool in their Windows environment .
Finally, if you’re still procrastinating on completing your IT compliance documentation, do it now.