Security and compliance are often tightly intertwined. The main difference is that sometimes security can outpace compliance efforts. While it is easy to infer that a more secure system exceeds a compliance requirement, an auditor should not be expected to deduce the state of a system; the evidence needs to be clear. There are many factors that can cause compliance shifts. Configurations are constantly changing because there are updates happening to the infrastructure, there are patches being applied, there are applications that are being updated, and these cause changes to the system that…
This article has been indexed from Blog RSS Feed