iViZ, an On-Demand Penetration Testing company, announced its discovery of a new class of vulnerability at Defcon 16, the world's leading security conference. This vulnerability allows attackers to steal computer boot passwords and bypass the security of pre-boot authentication software like hard disk encryption tools. It affects general computer users, enterprises, governments and can result in unauthorized access or theft of confidential data. Incidentally, in 2007 the global loss due to data theft is estimated to be USD 40 Billion. Surprisingly, this vulnerability has been existing for 25 years, says Jonathan Brossard, iViZ lead security researcher and discoverer of this vulnerability. Programmers unaware of this security hole have coded boot password feature in such a way that user entered text do not get flushed from memory properly leading to inadvertent leakage and theft. Even hard-drive encryption does not help in this case, adds Mr. Brossard. This vulnerability affects Microso

Hawaiis Punahou School Deploys Secure Computings Secure Web to Bolster Internet Security

Comodo announced the availability of version 1.0 of SecureEmail. Comodo SecureEmail employs well-established, de facto industry standard, PKI-based solutions/technologies that enable encryption and digital signature of outgoing emails, assuring recipients that the email has not been tampered with during transmission. Comodo's solution can be deployed with either Comodo or third party SSL Certificates. Email is one of the most vulnerable systems to attack. Comodo SecureEmail is the install-and-forget application that can automatically encrypt and sign all messages. Featuring full integration with Microsoft Outlook, Mozilla Thunderbird and other S/MIME-capable email clients, it includes a built-in wizard that allows users to easily download and setup a free Comodo email certificate. This helps automate the digital certificate acquisition, distribution, signature and encryption processes, freely building a secure email community. COMODO SecureEmail also helps companies further their compl

The Department of Health and Human Services (HHS) released the much-anticipated Notice of Proposed Rule Making (NPRM) for the adoption of Accredited Standards Committee (ASC) X12 version 005010 transactions enhancements, pertaining to Health Insurance Portability and Accountability Act (HIPAA) transactions. The new ASC X12 version 005010 standard is key in the use of the larger International Classification of Diseases, Tenth Revision, Clinical Modification (ICD-10-CM) for diagnosis codes and also the International Classification of Diseases, Tenth Revision, Procedure Coding System (ICD-10-PCS) for inpatient hospital procedures, proposed under the new rule. The new 005010 transaction standards are essential in implementing the ICD-10-CM codes and lead promise to a health care system focused on improved efficiency and accuracy, reduced costs and expanded care, said Dan Kazzaz, Chair of ASC X12. X12 members who developed the 005010 standards see the magnitude of this effort and are dedica

Private Access and Genetic Alliance, a 501organization, announced that they have formed a novel public-private partnership designed to simultaneously protect patients' privacy rights while creating a faster and more cost effective way for researchers to connect with patients in order to find causes and treatments for chronic illnesses and diseases. Leaders of both organizations believe that their combined efforts will help transform today's medical research environment, saving time and money, producing better outcomes, and in a manner that respects each individual patient's right to decide with whom they share their confidential health information. The announcement was made today in conjunction with the prestigious Harvard Privacy Symposium and 16th Annual National HIPAA Summit. Private Access' founder and CEO, Robert Shelton, speaking on a panel entitled Privacy and Technology: Giving Patients Control Over Uses of Their Health Information, previewed both the company's planned technolo

IBM announced that Shared Health, one of the nation's largest public/private Health Information Exchanges (HIE) in the U.S., is using IBM InfoSphere software and services to power its newly-launched Clinical Xchange data exchange platform. Shared Health Clinical Xchange, built on IBM's information integration software, improves healthcare clinicians' access to clinical information, helping them operate more efficiently and deliver better patient care. The IBM software enables a Web-based system that supports millions of patients by merging key clinical data with administrative data from numerous sources and formats.

Palisade Systems, provider of data loss prevention products, announced today the July 2008 results of their 5-Day Secure Assessment Program. The assessments, which are performed at no cost, analyze data loss and other security compliance vulnerabilities at U.S. corporations, including healthcare, education, financial services and government entities. Based on the recently announced violations and previous 5-Day Secure Assessments performed earlier in the year, Palisade Systems estimates that the company's PacketSure appliance will uncover a total of over 4,200,000 compliance violations in 2008. Palisade Systems' 5-Day Secure Assessments are designed to help organizations understand the frequency, method(s), and remediation options of data loss occurring on their networks. Following an in-depth five-day assessment period using Palisade's PacketSure appliance to collect information, a report is produced documenting the data leakage that occurred. Below are the registered data leaks (excl

To comply with HIPAA regulations, the Georgia-based Gwinnett Medical Center already was leveraging two-factor authentication via hardware tokens in order to protect patient files, sensitive medical data and clinical information. The solution, however, was cost-prohibitive to deploy to a wider audience and cumbersome for the medical staff to use. To address these concerns, Gwinnett Medical Center (GMC) turned to Entrust, Inc. and the Entrust IdentityGuard versatile authentication platform, a cornerstone of a layered security approach. From a cost perspective, it was just hard to top the versatility and strength of the Entrust IdentityGuard authentication solution, but the usability for our staff members really put the Entrust solution over the top, said Rick Allen, IT director at Gwinnett Medical Center. We now are able to save money across the board and deploy strong enterprise authentication for a larger group of users, and the employees can just carry the grid cards with their ID bad

Dependable Computer Guys (DCG) has partnered with Zenith Infotech to offer an affordable data backup solution that plugs up many of the leaks found in typical small business data storage systems. This is the Rolls-Royce of backup and storage, says Brent Whitfield, President of Dependable Computer Guys. This system resolves the security and accessibility concerns that come up when you rely on magnetic tape or local backup. Yet the cost is within the budgets of most smaller organizations. In a recently published white paper available at http://www.dcgla.com/backup, Dependable Computer Guys identified 5 essential practices for reliable data storage and backup. Dependable SafeSTOR addresses all five.

Autonomy Corporation announced that General Vision Services (GVS) has selected Cardiff's information capture and business process management solutions, as well as Meridio's enterprise records management solution, to automate the processing of hundreds and thousands of vision care claims and payments. Digital Vision of Chicago, Illinois was the Systems Integrator for the project. GVS is one of the largest third-party provider of vision plans in the northeastern part of the US, specializing in the vision needs of the Tri-State and retirement areas, servicing more than five million members in HMO's, corporations and unions. GVS is endorsed by the New York State AFL-CIO, New York City Central Labor Council and Long Island Federation of Labor as The Preferred Vision Provider. With Autonomy, GVS will be able to deliver timely and accurate processing of payment claims, enabling the vision plan provider to further streamline its internal operational processes; accelerate delivery of data and d

Guidance Software gives enterprises world-class in-house eDiscovery processing capabilities including new connectors for leading archiving and content management solutions and a new work-flow driven interface in version 3.1 of its industry-leading EnCase(R) eDiscovery solution. These added competencies further expand the search, collection, preservation and processing capabilities of EnCase eDiscovery, enabling litigants to reduce risk and realize tremendous cost savings by eliminating outsourcing and bringing the eDiscovery process in-house.

Coordinated Systems, the first call recording vendor to meet Payment Card Industry (PCI) Compliance, has expanded the Virtual Observer platform to remove credit card transactions from recorded audio and screen captures. Expanded security features which provide data protection functionality clearly places the solution in a leader position when it comes to PCI, HIPAA, and overall call recording security. We continue to pave the way for new PCI Compliance features even though they may not yet be part of the compliance specification, said Dan McGrail, Vice President of Product Development. Today, the PCI standard states a single transaction need not be encrypted.

digiMedical Solutions has implemented its next generation digital prescription handling software at Golden Gate Pharmacy in Naples, Florida. digiMedical software is being used by the pharmacy to manage and fulfill prescriptions quickly, accurately and in line with HIPAA and DEA requirements, enhancing and differentiating Golden Gate's prescription fulfillment services to its customers. digiMedical will receive a transaction fee for each prescription filled through the Company's software at Golden Gate Pharmacy.

Humana Military Healthcare Services (HMHS), a wholly owned subsidiary of Humana, recently received the second re-accreditation for Health Utilization Management and first for Health Network from URAC, a Washington, D.C. based healthcare accrediting organization that establishes quality standards for the industry. HMHS first received accreditation for Health Utilization Management in 1999 and Health Network in 2005. Our organization is unwavering in our commitment of providing high quality, cost effective, accessible health care services to the military populations we serve, said Dave Baker, president and CEO of HMHS. We are honored to be recognized by URAC for demonstrating our commitment to quality services.

Crossbeam Systems, provider of next-generation security platforms for high-performance networks, today announced that it has certified Imperva's SecureSphere 6.0 to run on the X-Series Next Generation Security Platform through the iBeam ISV Certification Program. Deployed on the Crossbeam chassis, SecureSphere's market-leading application data security solution will help enterprises and carriers protect their Web applications and databases from attack, as well as enable companies to comply with a wide variety of regulatory initiatives.

A new downloadable guide from two of the leading companies in the nonprofit sector aims to assist healthcare organizations thinking about the ramifications of the Health Insurance Portability and Accountability Act (HIPAA) in fundraising. The HIPAA Effect: Considerations for Fundraising After the Health Insurance Portability and Accountability Act, created by Changing Our World, Inc. and Convio, examines how HIPAA laws have affected fundraising for nonprofit hospitals, foundations, and health organizations. Since HIPAA was enacted in 2000, professionals working in healthcare philanthropy have discovered that HIPAA has not had a negative impact on fundraising for healthcare professionals. But, although HIPAA has had only minor effects, it remains a concern among fundraisers, according to the guide, which provides an overview from HIPAA's inception to its current status, as well as steps on how to work within the letter of the law to maximize their efforts.

Three surveys, with more than 780 respondents, show the increasing importance of enterprise risk management (ERM) to chief financial officers, audit committee members and chief audit executives. Crowe Chizek and Company LLC released the surveys results, which included participants from a broad spectrum of public and private companies, with revenues ranging from $100 million to more than $10 billion. The surveys found that more than 65 percent of chief financial officers (CFOs) and 70 percent of audit committee members cited managing enterprise risk as the biggest challenge for their organizations over the next 12 months. According to those surveyed, ERM was considered an even bigger challenge than improving financial reporting and improving internal controls for CFOs.

US DataVault, in its eighth year of providing online data protection to firms of all sizes across North America, today announced a breakthrough in pricing for redundant, secure online data storage, cutting its retail prices by as much as 75 percent. As a result, the company said more businesses will be able to economically store their data and e-mail offsite at US DataVault's multiple locations throughout the United States for rapid recovery in the event of a disaster, as well as to assure compliance with numerous government and industry regulations, such as HIPAA, Sarbanes-Oxley, FRCP and PCI-DSS.

StoredIQ, whose innovative eDiscovery technology revolutionizes the way companies address electronic discovery and litigation readiness, announced today that Network Products Guide, a Silicon Valley Communications publication and a world leading publication on technologies and solutions has named the StoredIQ appliance a winner of the 2008 Best Products and Services Award. This respected annual award honors products and services that represent the rapidly changing needs and interests of the end-users of technology worldwide. As part of the tech-industrys leading global awards program, this years Best Products and Services were nominated from all over the world.

A new downloadable guide from two of the leading companies in the nonprofit sector aims to assist healthcare organizations thinking about the ramifications of the Health Insurance Portability and Accountability Act (HIPAA) in fundraising. The HIPAA Effect: Considerations for Fundraising After the Health Insurance Portability and Accountability Act, created by Changing Our World, Inc. and Convio, examines how HIPAA laws have affected fundraising for nonprofit hospitals, foundations, and health organizations. Since HIPAA was enacted in 2000, professionals working in healthcare philanthropy have discovered that HIPAA has not had a negative impact on fundraising for healthcare professionals. But, although HIPAA has had only minor effects, it remains a concern among fundraisers, according to the guide, which provides an overview from HIPAA's inception to its current status, as well as steps on how to work within the letter of the law to maximize their efforts.

NovAtel, a precise positioning technology manufacturer and Brilliant Telecommunications (Brilliant), a developer of next-generation synchronization and timing solutions, announced they have signed a technology partnership agreement to develop and deliver innovative timing, synchronization and positioning solutions. The companies will undertake cooperative development activities, combining their respective technologies to create new product platforms that target high precision applications. This unique combination will enable both companies to deliver a powerful set of new timing and synchronization solutions to customers worldwide. GPS and GNSS precise positioning technology is a key element to meet the growing demands placed on Network Time Protocol (NTP) and Precision Time Protocol (PTPv2) server technology, as the end-to-end transmission and synchronization of voice, data and video across packet-based networks becomes more sophisticated, said Jon Ladd, NovAtel's Chief Executive Offi

Software providers Cincom Systems and Medical Data Express (MDE) have formed a global alliance to provide improved claims and document accuracy for the health insurance industry. Most health insurance payers struggle with generating documents that accompany the claims-payment and settlement process. They are also unaware that comprehensive document-generation products are available that easily integrate with the claims disbursement process. This alliance will make document creation, claim testing, and encounter solutions -- that check the accuracy of the claims-reimbursement process -- more easily attainable for Cincom's and MDE's respective network of health insurance clients.

Patrick Townsend Security Solutions (PTSS), announced the launch of a new website ( www.patownsend.com). The site is designed to help both technical and non-technical professionals easily locate resources and solutions for all their encryption needs. In the late 90's, PTSS was primarily a System i solution, but over the years PTSS has built on its pioneering leadership to encompass all other enterprise platforms. In working with the largest retail companies in the world, PTSS understands the business imperatives of keeping critical data safe and the consequences of the smallest breach. PTSS also understands how important it is to design solutions to minimize the impact on day-to-day operations.

Compliance 360, provider of on-demand software solutions for enterprise governance, risk management and compliance (eGRC) and the most widely used solution in the healthcare industry, announced that its healthcare provider customers are using the compliance software solution to proactively reduce the likelihood of audits conducted under the Medicare Recovery Audit Contractor (RAC) program. In June 2008, the Centers for Medicare and Medicaid Services (CMS) reported that Medicare has corrected more than $1 billion in improper payments through the Recovery Audit Contractor (RAC) program since 2005, with 85 percent of the corrected payments coming from hospitals. Thus far, the RAC program has been conducted as a limited pilot in several states, with plans to begin the nation wide rollout later this year. According to CMS figures from 2007, estimated improper Medicare payments exceed $10 billion annually.

Document lifecycle management company Recall has opened a full-service, secure document and electronic media destruction facility in Lanham, Maryland to accommodate the U.S. Capitol region's sensitive information security needs. With this new facility, Recall can offer its customers collection and off-site destruction of sensitive documents and data storage media, as well as destruction of items with high intrinsic value, such as uniforms and defective merchandise. The site complements Recall's other Capitol area facilities in providing the full scope of document management services, including storage and archiving, document digitization, data protection, and disaster recovery and continuity for commercial, government, and other organizations.

DigitalStakeout, an innovator and source of breakthrough Security Information and Event Management (SIEM) solutions, today released its summary of the results from its inaugural Cybersecurity Defense-in-Dimension Roundtable held in Washington, D.C.The Roundtable worked and identified four cornerstone issues as the basis for expanded future roundtable discussions. The four issues are: -- The immutable need for integration of Global threat intelligence in business/mission based security infrastructures -- The need to move to dynamic information-centric cybersecurity systems that support all source analysis and enable non-obvious threat attribution -- The priority to drive performance based strategies with value based mission and business metrics -- Create a Trusted SIEM reference architecture that breaks the contextual constraints of defense-in-depth and advances Defense-in-Dimension as the way forward.

Spearstone LLC announced a new service - DiskAgent - offering unprecedented data storage and protection capabilities for personal and business use. DiskAgent is a scalable software as a service (SaaS) solution that is easy to use and protects users from data loss and unauthorized access in the event of hardware failure or theft.DiskAgent offers continuous online backup to enterprise-class data centers and provides centralized management and constant access to data. When a computer is lost or stolen, DiskAgent enables the owner to remotely erase sensitive information from the original hard drive.

Secure Computing Introduces Secure Web Reporter for Complete, Real-Time Viewing of Web Activity, Security, Performance and Compliance

Atlantic Information Services, Inc. (AIS), publisher of Report on Patient Privacy announced the launch of AIS's HIPAA Compliance Center, the industry's most exhaustive HIPAA privacy and security Web site. AIS's HIPAA Compliance Center is a highly practical Web- and print-based service that will help your organization safeguard patient privacy and data security ... and reduce the chances of fines and penalties, private lawsuits and public relations nightmares, which many HIPAA covered entities are encountering.

Third Brigade, a security software company specializing in host intrusion defense, announced that Verispan, the nations leading provider of HIPAA-compliant, de-identified, patient-centric prescription data, has implemented the Third Brigade host intrusion detection and prevention system (IDS/IPS). The system adds another level of security to Verispans comprehensive, defense-in-depth security initiatives. An ongoing awareness of increased online threats led Verispan to test, purchase and deploy Third Brigade Deep Security. Third Brigade adds further layers of protection to our Network Security posture that helps us continue to meet and exceed our clients security requirements, said Erik Sciortino, Associate Director of Network Operations for Verispan.

LogicEase Solutions, provider of the mortgage industry's leading suite of risk management solutions - ComplianceEase, announced that the United States Patent and Trademark Office (USPTO) issued U.S. Patent No. 7,386,505 to LogicEase on June 10, 2008, following the Notice of Allowance provided on November 23, 2007. This patent is the first of its kind issued with respect to an automated compliance solution for the mortgage industry. Patent No. 7,386,505, entitled System and Method for Automated Compliance with Loan Legislation, covers ComplianceEase's Automated Compliance System - ComplianceAnalyzer(R). This expert system examines mortgage loans and, in real-time, produces loan level reports and analytics with respect to applicable laws and regulations at multiple jurisdictional levels.

The OWASP Foundation ( www.owasp.org) has posted their final speaker selection for their upcoming conference in New York City. The conference will take place September 22nd - 25th, downtown at Pace University, located at One Pace Plaza.This application security world conference will be the largest OWASP conference ever. The Keynote Speakers for this event will include Howard A. Schmidt, Former White House Cyber Security Advisor, Joe Jarzombek, the Director for Software Assurance in the Department of Homeland Security (DHS), and Jeff Williams, Chairman of the OWASP Foundation. Jeremiah Grossman, Robert RSnake Hansen, along with many other well known application security pioneers, will present new research, findings and solutions. This conference is limited to only 1,000 attendees, so reserve your spot immediately.

LogLogic has joined the VMware Technology Alliance Partner (TAP) Program and PCI Security Standards Council as part of the companys commitment to secure and protect corporate and payment cardholder data and information in virtual environments. As a member of the VMware TAP Program, LogLogic will optimize its enterprise-grade LX-ST log management appliance for VMware ESX for security and compliance solutions tailored for VMware virtualized environments. As a participating organization in the PCI Security Standards Council, LogLogic will work with the Council to evolve the PCI Data Security Standard (DSS) and other payment card data protection standards. As a VMware TAP Program member, LogLogic has integrated its leading logging solution with VMware virtualization to enable customers to standardize and simplify the process of collecting, analyzing, reporting, and alerting on log data files generated across virtual environments. Though log data collection can be carried out manually for

BizCom Web Services, provider of enterprise-class Internet hosting services, today introduced its new Hosted Email Archiving Library - an all-in-one solution for small- to medium-sized businesses that helps preserve vital business intelligence and ensures compliance with legal and industry requirements while reducing the costly burden of in-house management. Email has quickly become the main transport mechanism for all types of business documents and intellectual capital, said Mark Wiener, President of BizCom Web Services. As a result, many industries are now required to keep non-editable copies of most every email or attached document they receive or send. Our hosted Email Archiving Library is designed to help businesses and government agencies safeguard their important legal documents and comply with e-discovery and records retention policies, particularly those mandated by Sarbanes-Oxley, HIPAA, and Federal Rules for Civil Procedures.

Merlin International and CA, announced that Merlin has been selected by the U.S. Department of Veterans Affairs (VA) to provide CAs robust identity and access management solutions to support the majority of the Departments identity management and access management requirements. The solutions are designed to enable VA to leverage e-Authentication, verify proper access to information, protect data, simplify internal systems, and enhance compliance with FISMA, HSPD 12 and HIPAA. VA makes benefits and services available for approximately 60 million veterans and their family members. With more than 230,000 employees, 153 medical centers and 800 Community Based Outpatient Centers, VA is the largest direct health care delivery system in America. By deploying enterprise-wide identity and access management solutions, VA will be able to provide secure delivery and access to Web-based applications; enhance veteran access to benefit and health information; improve regulatory compliance; improve

OpSource announced that eXpresso Corporation, provider of online collaboration services for business, has chosen OpSource On-Demand for scalable Web delivery of its secure, award-winning solution. eXpresso enables users to share and collaborate on any Microsoft Excel file, regardless of location, which assists in the trend toward managed online business communities. eXpresso provides a complete and immediately usable Excel collaboration tool that requires no installation, support or training. However, with no in-house IT resources, eXpresso required a hosting solution that provided the technical aspects of its Software-as-a-Service (SaaS) offering, while also providing complete scalability to address the needs of its rapidly growing customer base. The company selected OpSource On-Demand because of its ability to manage its infrastructure while keeping pace with the volume of eXpresso users and their concurrent sessions.

Kaplan Continuing Education announced the launch of its new online Medical Billing Certification program, an online course for medical coding and billing training designed to help individuals pursuing employment in the ever-growing healthcare field. According to the Department of Labor, many employers prefer to hire billing employees who have completed some college courses or a degree, said Lisa Rosenzweig, the Executive Director at Kaplan Continuing Education. The Department also predicts that the need for billing clerks will grow four percent through 2016 and most of this growth will be in the medical field. Kaplan Continuing Education provides students with the training they need to compete for positions in the booming healthcare industry.

Convergent Therapy Information System (CTIS) is a web browser-based electronic clinical records package for Mental/Behavioral Health (MBH) therapists, first introduced on May 15, 2008. CTIS has now added electronic insurance claims capability for reimbursement from Medicare and other payers. Paul Graff, Director of Product Development for Eulogix, stated recently, The addition of claims processing to CTIS provides the key functionality often requested by prospective customers who are looking for behavioral health-specific electronic records together with electronic claims reimbursement, all at a price they can afford. Faced with historical limits on private insurance reimbursements and Medicare paying 28% less than two years ago, many MBH organizations need an inexpensive way to improve HIPAA compliance, operating efficiency, and hasten insurance reimbursements without spending $80,000 or more on typical MBH software. CTIS software was developed over a period of three years, with the e

SCIPP International, a global non-profit organization dedicated to providing world-class security awareness training and certification services, has announced that it has received an endorsement of its security awareness course content and its proprietary body of knowledge known as SCIPP GAP (Generally Accepted Practices) as it pertains to disaster recovery, from the Business Continuity Institute-USA Chapter. SCIPP's proprietary Security Awareness training and certification program satisfies organizational compliance requirements for security awareness as defined in the Payment Card Industry (PCI-DSS), the Federal Information Security Management Management Act (FISMA), the Gramm-Leach Bliley Act (GLB), the Health Insurance Portability and Accountability Act (HIPAA), the Sarbanes-Oxley Act (SOX), the Federal Financial Institutions Examination Council (FFIEC) Guidelines, and other industry specific bodies that regulate reporting and best business practice requirements.

Triumfant announced that Triumfant Compliance Manager(TM) has achieved NIST Security Content Automation Protocol (SCAP) validation in accordance with the OMB Federal Desktop Core Configuration (FDCC) security mandate for all Federal agencies. Triumfant Compliance Manager is the only stand-alone solution that actively maintains a perpetual state of compliance and audit-readiness on every PC, laptop and server, every day. Triumfant Compliance Manager dramatically reduces the time and costs necessary to achieve compliance with a variety of regulations-including Federal Information Security Management Act (FISMA), FDCC, Sarbanes-Oxley, Payment Card Industry Data Security Standard (PCI DSS), Health Insurance Portability and Accountability Act (HIPAA) and custom IT policies-while making the organization more secure in the process. Based on the uniquely powerful Triumfant IT Intelligence(TM) platform, Compliance Manager continuously verifies and enforces security policies on every PC, laptop,

Siemens Healthcare and Imprivata, the converged identity and access management appliance company, have entered a strategic partnership which enables Siemens to offer the Imprivata OneSign platform for strong authentication, enterprise single sign-on (ESSO) and physical/logical convergence to its customer base. Users of solutions such as Soarian Portal, a web-based portal that provides secure access, will be able to seamlessly integrate OneSign into their Siemens and non-Siemens application environments. OneSign is a non-invasive, appliance-based identity and access management platform that helps organizations enforce secure and compliant employee access to networks and applications. The need for physician and clinical network authentication and single sign-on systems is apparent as healthcare organizations are searching for solutions that help them solve the problem and inefficiency of accessing numerous applications, maintaining multiple sign-ons and expiring passwords, without havi

Triumfant, the industry leader in Automated Compliance Monitoring and Control software, today announced that Triumfant Compliance Manager has achieved NIST Security Content Automation Protocol (SCAP) validation in accordance with the OMB Federal Desktop Core Configuration (FDCC) security mandate for all Federal agencies. Triumfant Compliance Manager is the only stand-alone solution that actively maintains a perpetual state of compliance and audit-readiness on every PC, laptop and server, every day. Triumfant Compliance Manager dramatically reduces the time and costs necessary to achieve compliance with a variety of regulations-including Federal Information Security Management Act (FISMA), FDCC, Sarbanes-Oxley, Payment Card Industry Data Security Standard (PCI DSS), Health Insurance Portability and Accountability Act (HIPAA) and custom IT policies-while making the organization more secure in the process. Based on the uniquely powerful Triumfant IT Intelligence platform, Compliance Manag

WorldExtendR, provider of remote data and application access software,has announced that its IronDoorR 3.5 remote network access software will make it simple for small to medium sized organizations to immediately implement a realistic telecommuting program for staff. This follows recent research from such respected institutions as the Telework Exchange and MSNBC confirming that telecommuting can significantly reduce both environmental pollution and fast-escalating travel costs associated with inflated gas prices. IronDoor 3.5's software-based secure remote network access enables small to medium sized organizations to set up a telecommuting or telework program by providing staff with secure, anytime/anywhere access to both applications and data (similar to Citrix). By ensuring that remote users can now securely access any resources they require, IronDoor 3.5 will facilitate staff in the reduction of rapidly-escalating costs associated with commuting - which recent MSNBC research estimat

PointSecure, provider of security and auditing solutions for OpenVMS systems, announced a strategic alliance with PARSEC Group, a full-service training, support, and consulting company for OpenVMS, Tru64 UNIX, HPUX, AIX, Linux, and Microsoft products. By integrating PointSecure solutions into their Remote Systems Management services, PARSEC Group customers can be confident that their OpenVMS systems are secured by premier security products from PointSecure. The OpenVMS expertise at PARSEC Group is unmatched, said Nick Futter, vice president of Channel Development at PointSecure. This is a unique partnership providing customers with an enhanced offering including software, services and training for their OpenVMS security and compliance needs.

FairWarning,supplier of cross-platform healthcare privacy auditing solutions for Electronic Health Records, today announced in the first six months of 2008, the company more than doubled revenues over the same time period of the previous year. FairWarning(R) transitioned from break even to profitable during the first half of 2008. The company expects by year end 2008, to double 2007 revenues. FairWarning has experienced a spike in sales of its privacy auditing solutions across every sector of the healthcare industry including: hospitals, health systems and major physician offices. FairWarning attributes its triple-digit growth and growing customer base to a drastic increase in major identity theft and employee snooping incidents. Additionally, the news of HIPAA audits has fueled an industry-wide realignment of priorities with privacy and security compliance at the top of mind for healthcare organizations.

Archer Technologies (Archer), a provider of enterprise governance, risk and compliance solutions, today announced the release of its Data Feed Manager, which provides a new way for companies to perform rapid integrations between industry-leading products and the Archer SmartSuite Framework. Designed for use by technical business analysts, the Data Feed Manager allows Archer clients and partners to use the Archer Framework as a point of consolidation, bringing together data from any source for correlation, analysis, process management and reporting. A vital component of any governance, risk and compliance program is the ability to form an aggregate view of risks, vulnerabilities, metrics and operational data within the enterprise, says Jon Darbyshire, president and CEO of Archer Technologies. With the Data Feed Manager, Archer is putting power in the hands of technical business users to rapidly integrate enterprise data systems with the Archer SmartSuite Framework. This is a new market

MAPEI Americas, a manufacturer of tile and stone installation systems, floor covering installation systems and concrete restoration products, has signed a multi-year agreement with 1Vault Networks (www.1vault.net), a South Florida provider for hosted IT services, colocation and disaster recovery services. MAPEI Americas, a part of MAPEI Group worldwide, operates 14 plants from Canada to Argentina and is headquartered in Deerfield Beach, Florida. The Americas subsidiaries have chosen the 66,000-square-foot, Category 5 hurricane-rated 1Vault Networks location for disaster recovery, colocation backup and customized headquarters connectivity with ATT Metro E circuit and 100 MB wireless connections, internet access and five other cross connects.

Ounce Labs announced that the company's Advanced Research Team (ART) has documented two vulnerabilities that can affect Java web applications that utilize the Spring Framework. With more than five million downloads of Spring to date, the security vulnerabilities identified could affect countless enterprises that utilize this commonly used framework. The specific vulnerabilities are 'ModelView Injection' and 'Data Submission to Non-Editable Fields.' These vulnerabilities allow attackers to subvert the expected application logic and behavior, gaining control of the application itself, and access to any data, credentials or keys held in the application. Although the two vulnerabilities discovered and analyzed by Ounce are part of the Spring Framework, Ounce Labs ART experts believe that similar issues can be found in other popular Frameworks. The ART Team has worked closely with the security team from SpringSource, the company behind Spring, to confirm these security issues and develop re

St. Jude Medical announced U.S. Food and Drug Administration (FDA) approval of the Merlin@home transmitter, an RF wireless technology that remotely monitors patients implanted cardiac devices. The transmitter supports the St. Jude Medical Current RF and Promote RF family of devices and works in conjunction with the St. Jude Medical data management system, Merlin.net Patient Care Network (PCN), to provide complete remote care service for patients and their physicians. Until recently, patients with implanted cardiac devices were typically required to visit doctors offices several times per year to have their device performance checked. With the advent of transmitters capable of downloading and transmitting device data over telephone lines, patients are now able to initiate and perform many of these follow-ups in their own homes.

Clearswift has released a new version of its advanced content security tool, MIMEsweeper for SMTP, to strengthen organizations' Data Loss Prevention capabilities. MIMEsweeper for SMTP is a sophisticated e-mail security and management system designed to comprehensively address the complex security layers, policies, processes and procedures that larger distributed enterprises face. The solution provides the flexibility to tailor day-to-day management of e-mail infrastructures to specific organizational needs. It scans outbound e-mail messages to ensure that they match an organization's e-mail policy ensuring that any messages containing sensitive or inappropriate information blocked or routed according to the stated policy based upon enforcing multiple outcomes based upon sender, recipient or content. MIMEsweeper solutions have traditionally been used by companies wishing to control the content of outgoing e-mails. This new version sees the introduction of yet more features designed to h