by clicking on the page. A slider will appear, allowing you to adjust your zoom level. Return to the original size by clicking on the page again.
the page around when zoomed in by dragging it.
the zoom using the slider on the top right.
by clicking on the zoomed-in page.
by entering text in the search field and click on "In This Issue" or "All Issues" to search the current issue or the archive of back issues respectively.
by clicking on thumbnails to select pages, and then press the print button.
this publication and page.
displays a table of sections with thumbnails and descriptions.
displays thumbnails of every page in the issue. Click on a page to jump.
allows you to browse through every available issue.
GCN : May 2013
MONITORING COMPLIANCE AUTOMATION The University of South Florida Health has clin- ics, research and educa- tion facilities in seven locations around the state in addition to its main campus in Tampa, all of them subject to privacy regula- tions under the Health Insur- ance Portability and Account- ability Act. "We have to meet HIPAA requirements, that's the first challenge," said Tim Bulu, in- formation security officer at USF Health. Having firewalls in place to secure the systems is im- portant, but there was only one person to monitor the firewalls in eight locations and to answer the question, "how are we doing on compliance?" he said. When Bulu heard last year that firewall vendor Check Point Software Technologies was looking for test sites for its new governance, risk manage- ment and compliance monitor- ing tool, "both of my hands were in the air," he said. "When they showed that dashboard, to me that was a beautiful thing. We're all about dashboards here." Four months into the testing of Check Point's Compliance Software Blade, Bulu remains enthusiastic about the tool, which provides a single window on policies and regulatory re- quirements across multiple de- vices at multiple locations. "It saves on staff," he said. Al- though the USF Health system is not as large or complex as some other enterprises, the firewall administrator also is busy with other jobs, including security analysis, managing desktops and internal security. "He doesn't have all day to sit there and comb through logs." Now, compliance reports for au- dits can be printed on demand, the administrator is alerted to changes in security posture and the possible regulatory impact of changes to firewall policy are flagged automatically with suggestions for maintaining compliance. The Compliance Software Blade, general availability of which was announced in March, is the product of Check Point's 2011 acquisition of Dynasec, a privately held vendor of gover- nance, risk management and compliance (GRC) technology. "The compliance world is rela- tively new," said Mati Ram, head of GRC at Check Point. Privacy and security concerns are be- ing translated into an increasing Check Point's monitoring tool provides a window across multiple devices at multiple locations and helps answer the question, 'How are we doing on compliance?' COMPLIANCE TOOL THE CURE FOR UNIVERSITY'S HEALTH RECORDS BY WILLIAM JACKSON 30 GCN MAY 2013 • GCN.COM In the field of compliance monitor- ing, systems are automatically checked to ensure they meet secu- rity and other regulatory require- ments. CheckPoint's Compliance Software Blade manages this process in a series of steps: Users set and configure spe- cific tools and functionality in an appliance as needed. Compliance blade assesses status of other security blades against catalog of regs and best practices. Changes to policy monitored and users alerted to pos- sible impact. Corrections recommended if security of compliance threatened. Automated reports distributed. 1 COMPLIANCE AUTOMATION: HOW IT WORKS 3 4 5 2