eCommLink, a prepaid processor, has successfully passed its annual Payment Card Industry Data Security Standards (PCI DSS) audit and is an early adopter of version 1.2 of the guidelines, which was just released and not required until January 1, 2009. Security is an integral part of everything we do and a core philosophy of our business. Being one of the first to certify on the new standard is just a further demonstration of our commitment to maintaining the security of our systems and our clients' data, stated Victor Newsom, Senior Vice President of Operations, eCommLink.

New West Technologies, Inc. has announced its Mobile Retail Platform (MRP) has been approved by VISA to be Compliant with PCI Standards. Payment Card Industry (PCI) compliance is a complex and ever evolving subject affecting millions of businesses - acquiring banks, Independent Sales Organizations (ISOs), processors, hosts, shopping carts, e-commerce and retail merchants and other merchant services providers.

Because security breaches can lead to fraud, identity theft, and financial and legal pain for the business that allows them, data security has become a critical component for call centers. VirtualLogger has designed VirtualVault, a secure data handling program to support this important business imperative. Every call center that handles credit card transactions must meet the requirements of the Payment Card Industry (PCI) data security standards. Health care companies must comply with Title II of HIPAA to control fraud and abuse. And on January 1, 2009, every business storing personal information on Massachusetts residents must adhere to that state's standards, which include encryption, secure passwords and other measures.

Tideway, one of the fastest growing providers of IT automation software, announced that Avis Europe has selected Tideway Foundation to enhance change control and validation in its distributed data center environment. The implementation will help Avis meet audit and compliance requirements, provide decision support and reduce the risk of service outages due to unplanned or improperly implemented changes.Foundation will provide Avis with detailed and continuous information on what changed in their infrastructure, allowing them to reconcile and drill down on specific changes, identify unauthorized activity and confirm all changes follow the appropriate change management process. Foundation's new user-defined, shared dashboards will provide a fast, rolled-up view of changes in Avis' IT environment.

Global DataGuard, the premier provider of network behavioral analysis-based (NBA) Enterprise Unified Threat Management for small and medium business to large enterprise environments, today announced a partnership with EIS Data Systems, whereby EIS will offer Global DataGuard's fully integrated Enterprise UTM security suite and Managed Services to government, education and private-sector businesses in the southeast United States. Headquartered in North Carolina, EIS Data Systems offers design, installation and implementation of a wide range of network technology products and services to enterprise businesses and local and state government in the Southeast United States, with a special focus on the needs of the education community in that region. At EIS, we believe that it is important to provide not only a quality solution, but back it with installation, training and support as well, said Sherry Johnson, president of EIS Data Systems. We chose to partner with Global DataGuard because ou

Innovation Software Consultants has launched 'Tracesoft' - a quality management tool to meet the demands of British Retail Consortium (BRC) Global Standards for those supplying major retailers. The Global Standards represent 'best practice' for food, non-food and packaging materials suppliers, explained Innovation Software Consultants', Stephen Mumby. It is a gauge against which manufacturers of not just retail brand/own brand products but also branded products, are evaluated - so is critical for these organisations.

eMeetingsOnline, a Denver-based company that offers a web-based, single-source solution for the conference management and travel industries, has selected and implemented Tripwire Enterprise, the leading configuration control and change auditing solution. eMeetingsOnline chose Tripwire Enterprise to help it quickly prove and maintain PCI compliance. As a result, the company experienced a reduction in the costs involved in ongoing PCI audits and enhanced operational efficiency in its IT department.

XProtean, provider of Integrated Retail Management Solutions for small format retailers including the fast-growing segments of Convenience and Fuel Retail, and Quick Serve Restaurants, announced that their QSR and Convenience Store Solutions achieved PCI compliance. The PABP audit was performed by Coalfire System, Inc, a Visa-approved independent quality service assessor. Adherence to PCI data security standard is required of all merchants/service providers that store process or transmit credit/debit card data. PCI security requirements are intended to protect consumers wherever their data resides. With these standards in place the onus now lies on the merchant to ensure their business operates in a compliant manner. Hence, moving forward in order to comply with all the PCI DSS requirements, merchants will have to use PABP compliant POS solutions.

RegScan announced its new, industry-leading regulatory compliance service, RegScan GCS 2.0. With new patent-pending technology and more than 15 new tools, RegScan has revolutionized regulatory compliance.Parallel Topical Search (patent-pending) enables users to simultaneously research Federal and state regulations by common sense topical areas. By enabling users to look at the Federal and state regulations by topic in a side-side format, a user can quickly and easily determine if there is any regulatory difference and what that difference is. RegScan GCS 2.0 has also changed traditional searching by creating easy-to-use interfaces for both the power and the occasional user.

Compliance pressures are growing in today's international economy. Enterprises must abide by an increasing number of global and regional regulations and standards, interpret sometimes vague guidance, and adjust quickly to regulatory updates as well as new interpretations of existing regulations. However, if compliance management is unified and controlled, it offers the opportunity for improved operations and might just help you get out of that special level of Dante's IT hell that SOX has created. Network Frontiers, the leader in IT regulatory compliance management, today announced the release of the Q4 2008 Unified Compliance Framework (UCF), an independent database that distills the requirements from hundreds of regulatory standards into one cohesive information source, significantly easing enterprise regulatory compliance efforts.

VMware, the global leader in virtualization solutions from the desktop to the datacenter, announced that it is joining the PCI Security Standards Council. As a participating organization, VMware will work with the council to evolve the PCI Data Security Standard (DSS) and other payment card data protection standards. This will help those VMware customers in the retail industry who are required to meet these standards to remain compliant while leveraging VMware virtualization. VMware has also launched the VMware Compliance Center Web site, an initiative to help educate merchants and auditors about how to achieve, maintain and demonstrate compliance in virtual environments to meet a number of industry standards, including the PCI DSS.

Solidcore Systems announced its Integrity Monitoring Solution for IBM 4690 point of sale (POS) environments. The solution is the first of its kind to monitor and alert on changes to IBM 4690 POS Controllers, which provide both the application and operating system images to the client terminals in many of today's retail environments. IBM 4690 systems represent a large install-base of retail POS systems and Solidcore's capabilities for monitoring the integrity of these systems will help retailers using these systems to quickly verify Payment Card Industry (PCI) compliance. According to Greg Buzek, president of the IHL Group, IBM 4690 POS terminal sales drove $1.02 billion in hardware, software, and maintenance in 2007, and there is a significant installed base within the category of superstores/warehouses and mass merchants that rely on this operating system with 64% of the installed base.

Brabeion Software, a market proven provider of IT Governance, Risk and Compliance (IT GRC) Management software, today released an executive brief aimed at supporting enterprise cost cutting initiatives, while meeting increasing regulatory demands. Faced with the 2008 financial crisis, companies are being forced to reduce costs while preparing for an impending increase in regulatory demands. As such, organizations must improve the operational efficiency of their risk and compliance initiatives while providing a scalable framework on which to build and run their risk and compliance program.

TriGeo Network Security, provider of security information and event management (SIEM) technology for midmarket enterprises, is aggressively expanding its international presence to meet increasing demand for its Security Information Manager (SIM) solution. The company's strategic partnership with Phoenix Datacom, a leading supplier of network performance and security solutions in the UK and Ireland, provides easy access to the industry's only real-time log management and compliance solution that can actively defend the network.

LogLogic, the log management leader, announced that Ameren Corporation one of the nation's largest investor-owned electric and gas utilities has chosen LogLogic to supply its enterprise-class log management system. LogLogics log management and intelligence solutions will allow Ameren to meet government regulatory requirements and improve real-time reporting and problem alerting by collecting user activity logs across a multitude of computer systems inside the company.

LogLogic, announced that global retailer, The Body Shop, has selected its log management and intelligence solution for global PCI DSS compliance support. To meet industry regulation targets (set by VISA and MasterCard) for securing customer payment card information and to improve security best practices, The Body Shop will use the LogLogic solution to gain visibility of security events within the infrastructure environment where it handles, processes and stores credit card holder information. Through out of the box standard PCI reports and fully customised customer specific reports, LogLogic will enable The Body Shop to verify processes automatically and protect the integrity of log data for purposes of attestation and litigation. In addition the reports provide a significant reduction in risk by delivering real-time, automated alerting on policies and controls.

MLSListings, a Silicon Valley-based regional Multiple Listing Service (MLS), announced the launch of an innovative online security initiative featuring the A-OK On-Demand service from Arcot Systems. Selected for its ease of use and powerful capabilities, the A-OK On-Demand service transparently protects the identities and data of MLSListings' users. MLSListings is using this solution for user identity verification as part of MLS data security initiatives. Similar to security used in the online banking industry, MLSListings' deployment of the A-OK service simply requires a user to select 4 validation questions and answers that may be used at a future time to verify the user's identity. Behind the scenes, the system provides multiple layers of protection including dynamic risk-based authentication and two-factor authentication completely in software.

TriGeo Network Security, provider of security information and event management (SIEM) technology formidmarket enterprises, today announced its partnership with COMPUTERLINKSto deliver a comprehensive channel partner program in North America.COMPUTERLINKS is a global value-added distributor (VAD) with a strongheritage in security and IT infrastructure solutions.

Hypercom Corporation introduced HyperSafe Secure, a solution that encrypts cardholder data during transaction processing so that sensitive information is never exposed. HyperSafe Secure is specifically designed to combat and halt the growing enterprise of criminal efforts to steal unencrypted cardholder data through breaches of merchant networks, applications and servers that store and transmit sensitive cardholder data.

MasterCard Worldwide announced the availability of two new seminars designed to help merchants protect payment card data and reduce the likelihood of reputational risk and fraud. The new seminars are titled 'Data Storage' and 'PCI DSS Requirements -Version 1.2.' The seminars further expand MasterCard's PCI Merchant Education Program, an initiative offered to acquiring bank customers to provide practical assistance in educating merchants and encouraging broader adoption of the Payment Card Industry Data Security Standard (PCI DSS). With the addition of the two new seminars, there are now 14 Web-based, complementary modules featuring actionable advice from MasterCard and industry experts available online.

First National Bank of Gilmer, serving Gilmer, Texas, today announced that it has chosen Secure Identity Systems to provide New Account Authentication and Change of Address Verification for all consumer accounts. These are two of the critical requirements for Red Flag compliance requiring all banks and financial institutions to formally address the risks of identity theft, and develop and implement identity theft protection procedures to mitigate those risks. Secure Identity Systems' New Account Authentication will help First National Bank of Gilmer take authentication beyond the standard two forms of ID. When a customer attempts to open a new account, SIS's solution instantly consults a series of databases, including the Social Security Administration, credit bureaus, and local property databases, for the most accurate and current information to authenticate the identity of the new account holder. SIS also provides USA Patriot Act compliance, checking customer ID information against O

MetricStream, pioneer in enterprise-wide Governance, Risk, Compliance (GRC) and Quality Management solutions, announced that the Central Bank of Oman (CBO) has selected the MetricStream solution to automate its business processes related to Audits Management. The Central Bank of Oman will use the MetricStream solution to manage the complete audit lifecycle including risk-based audit planning and scheduling, development of standard audit plans and checklists, field data collection, development of audit reports and recommendations, review of audit recommendations by auditees and management and implementation of audit recommendations and remediation. The solution's advanced capabilities like built-in remediation workflows, time tracking, email-based notifications and alerts, risk assessment methodologies, and offline functionality for conducting audits at remote field sites allow organizations to implement the industry best practices for efficient audit execution and ensure integration of

ControlScan, a full-service PCI compliance and security solutions provider, focused exclusively on small- to medium-sized merchants, announces its support of the PCI Security Standards Council's October 27, 2008 release of the Self Assessment Questionnaire (SAQ) version 1.2. We are very encouraged by the PCI Council's release of SAQ version 1.2., said Joan Herbig, chief executive office, ControlScan. Because our business has always been focused on Level 4 merchants, we are pleased that the latest version of the SAQ provides more clarity and flexibility in its questioning. While making the SAQ more suitable for the smaller merchants is still a work in progress, this is a great step.

Security Providers Join Forces to Deliver Consolidated Solution to Meet Latest IBTRM Requirements Tata Communications, a leading provider of the new world of communications, announced the launch of the first Security Compliance Consortium to simplify the process of meeting compliance needs for the banking and finance sector. This initiative follows the new Internet Banking and Technology Risk Management (IBRTM) guidelines released by the Monetary Authority of Singapore (MAS) in June 2008. The guidelines outline a set of best practices that mandate risk management processes and security controls for financial systems, including Internet banking.

Rurban Financial, provider of full-service community banking, investment management, trust services and bank data and item processing, announced Rurbanc Data Services, Inc. (RDSI), has entered into an agreement with Recovery Solutions, Inc. (RS) to provide an innovative turnkey technology mobile disaster recovery banking solution that incorporates sophisticated satellite technology for business continuity that is fully integrated with RDSI Banking Systems. Tim Pearson, Executive Vice President and Product Manager of RDSI Banking Systems, states, This relationship with Recovery Solutions provides our clients the continuation of service they have come to expect from RDSI, especially in their time of greatest need.

Rohati Systems announced that it has appointed former Visa Senior Vice President Gretchen McCoy to its Strategic Advisory Board. As a member of Rohati's Strategic Advisory Board, she will advise the company as it continues to evolve its solutions to enable enterprises to quickly and cost-effectively keep pace with ever tightening Payment Card Industry Data Security Standards (PCI DSS). In today's heavily regulated business environment, compliance violations and security breaches can cost enterprises millions and sometimes even billions of dollars, which is why enterprises that process payment card transactions are always looking for rapid, cost-effective ways to comply with the PCI DSS, said McCoy. I am excited about being part of Rohati, a company that is fundamentally changing the model for delivering security policies that simplify and drive down the costs of meeting the PCI DSS compliance mandates.

SecurityMetrics, provider of PCI DSS compliance technology and services, announced the immediate availability of an updated version of SecurityMetrics' Certified PCI DSS (PCI Data Security Standard) Authorized Scanning Vendor (ASV) Service and Site Certification Service. The technology supports the updated Payment Card Industry Data Security Standard version 1.2, released earlier this month by the Payment Card Industry Security Standards Council (PCI SSC). SecurityMetrics provides a suite of tools that help merchants attain compliance with PCI DSS. The company's software scanning technology is designed to meet the PCI DSS 1.2 requirements and is available as a Site Certification online service or as an appliance. SecurityMetrics Site Certification Service simplifies the process for answering the latest PCI Self-Assessment Questionnaire. Upon completion of the questionnaire, compliance results are automatically provided to the merchants' acquiring bank. SecurityMetrics' tools, combined

Convoke Systems announced that it has received PCI-DSS certification, Payment Card Industry (PCI), Data Security Standard (DSS) for its leading edge platform and application. The company is responsible for transferring and managing secure access to data, media and chain of title information between financial services and account receivable management (ARM) industries for validating and collection of debt. Financial services organizations trust us to keep their customers' personal information secure through each step of the debt buying and selling process, says Gary Portney, CEO of Convoke Systems. PCI certification is one of the steps we have taken to show how committed we are to protecting personal information and retaining the trust of both the financial services and ARM industries, said Mr. Portney.

Courion Corporation announced that The Goodyear Tire & Rubber Company has selected Courion's Enterprise Provisioning Suite solution to deliver identity and access management capabilities for users accessing the company's geographically-distributed IT resources. Goodyear selected Courion based on the solution's functionality, manageability and total cost of ownership over time after a rigorous, multi-stage vendor selection process. For Goodyear, identity and access management are critical in supporting the company's key business and IT operational goals of improving productivity and efficiency without compromising confidentiality, availability and integrity. A member of the Fortune 500, the company is subject to regulatory compliance requirements for the Sarbanes-Oxley Act (SOX), Health Insurance Portability and Accountability Act (HIPAA), and the Payment Card Industry Data Security Standard (PCI DSS).

FISolv announced that it is offering two additional services to financial institution to help build the Business Continuity Plan (BCP). FISolv now offers an individual Business Impact Analysis (BIA) and Risk Assessments independent of their complete BCP.

ServiceLink, provider of origination and default services and the national mortgage services platform of Fidelity National Financial, offers lenders an expedient Web-based closing option for customers. iClose is a secure and convenient method for borrowers to close their loans in an online virtual meeting room. Borrowers can easily schedule a date and time that is convenient, and a ServiceLink closing agent guides them through their paperwork, using an online interface making the closing process faster and less cumbersome. With iClose, lenders are able to offer borrowers the ability to schedule their closing any time, anywhere, according to Kevin Gugenheim, executive vice president and chief strategy officer. Customers will appreciate a product that is more convenient and helps them better understand their loan documents during the closing process.

Alert Logic announced that it has signed a partnership agreement with NaviSite, a leading provider of enterprise hosting and application solutions. Under terms of the agreement, NaviSite will offer Alert Logic's Log Manager and Threat Manager to its managed hosting customers. Log Manager gives organizations the ability to secure their networks and comply with regulations that mandate log data be collected, regularly reviewed, and securely archived. Threat Manager combines intrusion detection and vulnerability management technology to offer protection from viruses, worms, and other threats that easily bypass perimeter and endpoint defenses.

SoundBite Communications announced its compliance as a service provider under the Payment Card Industry Data Security Standard (PCI DSS). Compliance with this industry standard demonstrates SoundBite's ongoing commitment to protecting cardholder data and provides independent validation that SoundBite's technology is adhering to the payment card industry's rigorous security standards. SoundBite is proud to be the only proactive customer communications provider listed as a PCI Compliant service provider, a key requirement for working with financial institutions, card issuers and retailers. A full listing of compliant service providers can be found here.

StrikeForce Technologies, a company that specializes in the prevention of Identity Theft, announced it has joined the recently announced Oracle Identity Assurance Partner Alliance. The purpose of the Alliance initiative is to combat online fraud, help eliminate identity theft, and improve overall enterprise and client security. Members of the alliance plan to deliver solutions that integrate technologies such as identity proofing, geographic location, two-factor and Out-of-Band authentication, endpoint security and secure remote access, to Oracles Access Management Suite. StrikeForce is also a member of the Oracle PartnerNetwork.

Jack Henry & Associates, provider of integrated technology solutions and data processing services for financial institutions, today announced the availability of the Gladiator Enterprise Security Monitoring (ESM) solution which was developed by Gladiator Technology, the ProfitStars solution that operates as a managed security services provider (MSSP) exclusively for financial institutions.The first phase of the ESM service expands Gladiator's information security monitoring and reporting capabilities to include Jack Henry & Associates' core banking applications and IBM Power (formerly IBM System i host systems. This new service establishes Gladiator ESM as the only security monitoring solution that is fully automated, integrated with the core system, and supported with a 24/7/365 monitoring service. Gladiator ESM is expected to generate tangible benefits for diverse financial institutions by proactively protecting them from costly security threats that could interrupt business operatio

Imperva announced the release of SecureSphere Standard Edition (SE), a new model of its multi award-winning SecureSphere Web Application Firewall (WAF) that is tailored to meet the requirements of mid-market enterprises. SecureSphere SE provides the automated protection and transparent inspection capabilities of its larger siblings in a form factor geared to mid size datacenters. According to Gartner, adoption of WAFs among mid-market enterprises is accelerating, Smaller enterprises which typically do not have ADCs (Application Delivery Controllers) and enterprises whose security organizations are not willing to depend on the security functionality included in network operational equipment represent the second-most-important growth area for WAFs, after enterprises with PCI compliance requirements.

BIO-key International, pioneer in finger-based biometric identification and wireless public safety solutions, and its partner Sig-Tec, pioneer in identity and access management software solutions, announced today the successful deployment of a fingerprint biometrics-based identity and access management system at the Mahoning County (OH) Sheriff's Office. The Mahoning agency is one of the first in the nation to use fingerprint biometrics instead of passwords to secure computer workstations and the software applications and databases that reside on them. With Sig-Tec's identity and access management (IdAM) software solution for Strong Authentication and password management (AppStarter Single Sign On) integrated with BIO-key's Vector Segment Technology(TM) (VST) toolset, for fingerprint biometrics capture and verification, authorized staff can now access the Mahoning County Sheriff's office network and applications quickly and securely with the touch of their finger.

F5 Networks announced a new version of its award-winning FirePass SSL VPN (Secure Sockets Layer Virtual Private Network) solution. With FirePass, enterprises can manage employee and external access to business applications, keep mobile users connected, and enforce compliance with strict HIPAA, PCI, and GLBA requirements. Making access to corporate information flexible and simpleis keyfor enterprises struggling to manage and secure mobile workforces, said Jeff Wilson, Principal Analyst at Infonetics Research. There isn't a single access policy that fits every situation, so vendors need to providecustomers with a choice of templates to suit their particular policy and access requirements, and the flexibility to modify templates as needed. This is particularly critical for evolving corporate governance and compliance mandates.

Global DataGuard, the premier provider of network behavioral analysis-based (NBA) Enterprise Unified Threat Management for small and medium business to large enterprise environments today announced a partnership with Advanzer de Mexico whereby Advanzer will offer Global DataGuard's fully integrated Enterprise UTM security suite and Managed Services in conjunction with its own financial and fiscal consulting services to provide customized business solutions for Advanzer's expanding client base in Latin America. Advanzer, with headquarters in Monterrey, Mexico, is a multidisciplinary firm specializing in financial, business and technology consulting to global companies across multiple vertical markets. Global DataGuard's holistic, architectural approach to helping customers seamlessly integrate process, technology, service and reporting fits well with our strategy for delivering the best custom consulting and product solutions for our clients, said Alfredo Moreno, technology partner for

nuBridges, the secure eBusiness authority, today announced its support for the newly released version 1.2 of the Payment Card Industry Data Security Standard (PCI DSS). We applaud the Payment Card Industry Security Council and fully support their achievements in updating PCI DSS with meaningful additions on a regular basis to secure payment card data from theft, said Gary Palgon, vice president of Product Management at nuBridges. Among other important changes, version 1.2 will help companies establish best practices to protect data in transit over wireless networks with strong cryptography in addition to protecting data at rest.

Open Text introduced Connectivity Secure Server, a high-performance scalable solution for secure network access from Hummingbird, the Open Text Connectivity Solutions Group. Based on the industry-standard Secure Shell protocol, Connectivity Secure Server offers faster file transfer of critical data on a small server footprint and meets key security requirements in regulations spanning multiple industries. Industry standards and government regulations such as Sarbanes-Oxley, Payment Card Industry Data Security Standard (PCI-DSS), Health Insurance Portability and Accountability Act (HIPAA), Gramm-Leach-Bliley Act (GLBA) and Federal Information Security Management Act (FISMA) require organizations to constantly strengthen the protection of mission-critical information such as credit card records, patient data or customer information. With billions of dollars of annual losses attributed to security breaches, corporations are under increasing pressure from auditors and shareholders to elimi

SecureWorks, is advising organizations to be proactive at protecting their information technology assets in case they are faced with a natural or man-made disaster. This means that it is critical for organizations to have a solid disaster recovery plan in place, prior to an incident occurring. To illustrate the threat, back-to-back hurricanes and tropical storms, i.e.: Gustav, Hanna and Ike, have had devastating effects on entire regions of the country. And the threat is not over as hurricane season begins June 1st and ends on November 30th, with most hurricanes occurring mid August through mid October.

As network and security administrators work to keep networks secure, compliant and running smoothly, they are largely finding the solutions currently installed in their networks to be inadequate, according to a Frost & Sullivan survey underwritten by Telcordia. The survey, which measured usage and satisfaction attitudes of IT managers, found that more than 60 percent were not satisfied with the ability of their existing network change and configuration management (NCCM) products based, in part, on a significant gap between desired and available product functionality. Our latest research has shown that network and security administrators are struggling with existing solutions to adequately maintain their networks, which are growing increasingly more complicated in the face of increased users, devices and security threats, said Debbie Wong, Consultant, North America, Business & Financial Services Group, Frost & Sullivan. To date, the crowded NCCM market, which our research shows is domin

Lumension Security, a security management company, announced today that it has joined the PCI Security Standards Council as a new participating organization. As a Participating Organization, Lumension Security will work with the Council to evolve the PCI Data Security Standard (DSS) and other payment card data protection standards. The PCI DSS, endorsed by American Express, Discover Financial Services, JCB, MasterCard Worldwide and Visa Inc., requires merchants and service providers that store, process or transmit customer payment card data to adhere to information security controls and processes that ensure data integrity. More information on the council and the standard can be found at www.pcisecuritystandards.org.

HyperQuality, the premier contact center business intelligence firm, announced that it has received certification of PCI-DSS Payment Card Industry Data Security Standard for its quality assurance services and reporting software from the Qualified Security Assessor (QSA) Control Case. HyperQuality is the nations leading provider of business intelligence and management services focused on the quality, productivity and effectiveness of customer interactions. The company evaluates customer service interactions for many of the largest financial and banking institutions in the United States. The company is responsible for securing information for millions of credit card members every year.

2008 has been the year in which the lines between organizational initiatives for information management and information security began to merge and the implications for storage, security and compliance executives became significant. Gijo Mathew, VP of Security Solutions for Orchestria, the proven leader in Information Protection and Control, notes that the convergence of managing security risks, adhering to compliance/legal obligations, and classifying information has been driven by more effective IT Governance. This convergence requires organizations to better understand and control the information itself, while supporting existing business operations. Information management and information security initiatives share common requirements, said Mathew. We often see the same information is subject to information security and compliance related requirements, as well as classification obligations. We are now beginning to see organizations take steps to implement integrated solutions. The n

Andrew Robinson, director of the global payment business unit at Gilbarco Veeder-Root, will speak at the National Association of Convenience Stores (NACS) conference and trade show on Saturday, October 4 at McCormick Place in Chicago. The workshop entitled PCI Compliance: Ignorance is Not a Defense outlines the actions that petroleum retailers and convenience store operators must take to comply with Payment Card Industry Data Security Standards (PCI DSS). These standards are designed to protect consumer card and Personal Identification Number (PIN) data in debit transactions at the gas pump and inside the convenience store. The workshop also outlines the risks and costs of non-compliance. Robinson's presentation will highlight the impact of security standards, both in North America and globally, on petroleum retailers. Specifically, he will talk about payment at the pump and what's required to meet emerging requirements.

RMS Incorporated, provider of compliance software and solutions for the banking/mortgage industries announced today the release of the 2007 Home Mortgage Disclosure Act (HMDA) Peer Databases and Rankings in RiskExec, a suite of regulatory compliance software tools. This data is compiled by the Federal Financial Institutions Examination Council (www.ffiec.gov) and released to the general public for analysis. With the release of these 2007 HMDA Peer tables and rankings in RiskExec, RMS becomes the first firm in the nation to enable their financial clients a full review of lending and competitive performance in all aspects of home mortgage lending - both nationally and in specific geographies and also as compared to any of their peers. This years data consists of 8,610 HMDA respondents with about 26,605,695 records.

Scott McDowell, marketing manager for North American payment products at Gilbarco Veeder-Root, will speak at the Petroleum Equipment Institute's general session on Monday, October 6 at McCormick Place in Chicago. The panel discussion entitled Preparing your company and customers for PCI compliance outlines the actions that petroleum retailers, convenience store operators, and equipment distributors must take to comply with Payment Card Industry Data Security Standards (PCI DSS). These standards are designed to protect consumer card and Personal Identification Number (PIN) data in debit transactions at the gas pump and inside the convenience store.

TraceSecurity, provider of comprehensive IT risk assessment and security compliance solutions, revealed today its five-year statistics on Social Engineering and Penetration Testing. The statistics show that 95% of U.S. financial institutions' sensitive data including bank account records and social security numbers could have been robbed on average in 30 minutes or less. Between 2003 and 2008, TraceSecurity's engineering team, headed by co-founder and CTO Jim Stickley, compromised the security of more than 1,000 financial institution branches. As an independent auditor for regulated industries including the financial services sector, TraceSecurity estimates that tens of millions of consumers' personal identity could have been stolen if the attempts had been legitimate.