Devoted to hardware, software, IT issues, and information technology management

Compliance to regulations such as Sarbanes-Oxley, Gramm-Leach-Bliley and the European Privacy Directives doesn't have to be expensive and disruptive. Here's some articles that deals with and provides tips for using Identity Management to achieve the end goal of compliancy.

Is your company on its way to reaching SOX Compliancy ? It better be well prepared if it wants to stay traded on the New York Stock Exchange.

1. Deploying Identity-Related Compliance: Best Practices
Domestic and international regulations mandate business outcomes that most organizations have pursued all along: improved efficiency, protection of confidential information, integrity of financial information, protection against fraud, etc. Now that organizations have painstakingly gone through their first round of compliance activities, they are searching for ways to improve the timeliness and cost-effectiveness of their audit and compliance processes. This paper is directed to these organizations, and describes best practices that remove the hindrances of attaining the benefits that identity-related compliance provides.

2. Tips for Tackling Identity Management
Tom King, CISO of Lehman Brothers, answers readers' questions about a hard-to-implement security-enhancing technology. Aligning business and administrative processes with our goals was the most challenging. A significant number of well-established business processes had to be reengineered to fit within the framework of the project—some processes changed, some standardized, others were invented from scratch. It was challenging to manage a large-scale deployment of new technology to many application owners.

3. What is Identity Management?
With the growth of e-business, organizations are wrestling with the challenge of managing secure access to information and applications scattered across a wide range of internal and external computing systems. Furthermore, they have to provide access to a growing number of users, both inside and outside the corporation, without diminishing security or exposing sensitive information.