The Channel logo

Articles about Compliance

Broke - empty pockets

Microsoft compliance police to NHS: We want your money

Microsoft is playing hardball with the NHS, threatening trusts and authorities with drastically increased software payments over claimed licence violations. The tough talking comes more than a year after an organisational shift began across the NHS (April '13) saw some Primary Care Trusts and strategic health authorities …
Paul Kunert, 27 Jun 2014

Salesforce unleashes red-tape-as-a-service for regulation-heavy users

Salesforce has launched its slightly-more-secure-software-as-a-service for organisations in industries compelled to wrap themselves in red tape. The Salesforce1 service, dubbed "Shield", offers encryption, monitoring, and archiving for the platform's apps. Salesforce says the platform includes field audit trail, platform …
Team Register, 15 Jul 2015
management management3

EMC and VMware doing the old in-out shows the board is on the job

Comment The finance, storage and virtualisation communities have all been abuzz in recent days, following industry chatter that EMC might buy back the shares in VMware it doesn't already own – or that VMware might buy EMC. Both suggestions have been met with many sharp intakes of breath as pundits contemplate these financial …
Simon Sharwood, 06 Aug 2015
management governance3

E-commerce enterprises gently told to update those protocols ... or else

A revamp in payment card industry regulations due out later this month will penalise e-commerce enterprises that rely on outdated crypto protocols. The PCI Security Standards Council updated standard – PCI DSS 3.1 – mandates that businesses move away from SSL onto more modern TLS protocols. The council is introducing the …
John Leyden, 07 Apr 2015

Blue Coat acquires the cloud-crypto monkeys at Perspecsys

Controversial and suspicious netsec outfit Blue Coat Systems has acquired Perspecsys, for the want of some weight in its cloud security portfolio. Recently bought by Bain, Blue Coat reckons the acquisition (on undisclosed terms) establishes it as "a leader in the Cloud Access Security Broker segment". Cloud-crypto outfit …

IBM tightens Passport Advantage licensing terms

IBM software customers should be on their guard following changes to the fine print of the giant’s Passport Advantage program. IBM reworded part of Passport Advantage late last year, The Reg has learned, putting more onus on the customer than ever before to keep clear and accurate records of their software use. The changes mean …
Gavin Clarke, 07 Apr 2015

Ingram Micro feasts on European old-mobe specialists

First Ingram Micro dug deep to acquire handset seller Brightpoint and now it is buying up companies to deal with the devices in middle age and at the end of their life. The tech wholesaler has subsumed CANAI Group, which specialises in trade-ins, reuse, recycling and global redistribution. High Wycombe-based CANAI runs a …
Paul Kunert, 23 Jun 2015

Can't stop Home Depot-style card pwning, but suppliers will feel PCI regulation pain

Third-party providers will face more stringent regulations as part of a revamp in payment card industry regulations due to go into full effect in the new year. The new Payment Card Industry Data Security Standard 3.0 (PCI 3.0) will be mandatory for all businesses that store, process or transmit payment card information beginning …
John Leyden, 17 Dec 2014

Three-way EU Big Data privacy wrestling match kicks off

The EU will take a big step towards finalising measures to protect its citizens' privacy today, as negotiators from member states, the European Commission, and the European Parliament will come together for the first time to thrash out an agreement on the EU’s planned data protection law. The Parliament agreed its position on …
Jennifer Baker, 24 Jun 2015

Sage Pay anti-POODLE upgrade REDUCED security - briefly

Online payment service Sage Pay has been fingered for temporarily reducing its security while revamping its site security. Security consultant Paul Moore noticed that the Sage Pay website was briefly running a weak cipher last week. The issue was quickly corrected after Moore went public with his concerns on Tuesday. He …
John Leyden, 04 Feb 2015

WD and HGST: We tried to merge our two drive makers, MOFCOM said NO, NO, NO

Analysis Although WD’s acquisition of HGST was approved over two years ago, Chinese regulatory authority MOFCOM is still preventing the full integration of their respective drive-making ops. The Ministry of Commerce of the People’s Republic of China (MOFCOM) has always maintained it was not keen to see WD and its HGST subsidiary move …
Chris Mellor, 10 Dec 2014

Docker shocker: It's got a commercial product, and is ready to SELL IT

DockerCon 2015 The themes of Docker's past conferences has been increasing adoption of the container tech, but the theme of this year's DockerCon was moving beyond experimentation and into production deployment. By extension, it was also about how Docker plans to make money. The startup is well-heeled, having received enough venture cash in …
Neil McAllister, 24 Jun 2015

Merry Xmas, Neohapsis, here's your Cisco-dollars

Cisco is beefing up its security intelligence-gathering, snapping up privately-held advisory Neohapsis for an undisclosed sum. Neohapsis is a Chicago-based security advisory and bug archivist outfit, and will boost Cisco's risk management, compliance, cloud, application, mobile and infrastructure security offerings, according to …
graph up

Feds seek 'compliance program' for US kit reseller

Two men have been charged with fencing stolen EMC equipment and wire fraud offences relating to almost a million dollars of nicked hardware. A US equipment reseller firm allegedly implicated in fencing of stolen kit also faces a landmark suspended-sentence "compliance program". Kevin Kelly, 33, of North Carolina and Mark …
John Oates, 09 Dec 2010

Oracle plugs socket numbers on DIY Standard Edition

Oracle is clamping down on uses of its entry-level Standard Edition database by throttling threads. Larry Ellison's giant has cut by half the number of sockets users are allowed to run with Database Standard Edition (SE2), released at the start of this month. SE2 users are now restricted to just two sockets, down …
Gavin Clarke, 07 Sep 2015

Windows Server 2003 support deadline is TOMORROW – but thousands don't care

Tomorrow marks the end of support for Windows Server 2003 but plenty of customers, of all shapes and sizes, weighed up the cost versus the risk factors and will continue to make do with their dusty old boxes. From 14 July, Microsoft will not issue any further security patches or firmware upgrades, and buying custom support is …
Paul Kunert, 13 Jul 2015
Mist and condensation, image via Shutterstock

Stay Misty for Me: G-Cloud’s transparency called into question

Comment The cash flowing through the G-Cloud is rising exponentially, increasing by £400m last year alone to total a very nice £600m. But while the cloudy framework's flexibility and choice is proving increasingly popular with buyers and sellers, it's worth examining what that money is – and isn't – being spent on. In fact, only a …
Kat Hall, 09 Jul 2015
management regulation2

Slurp data in a Eurozone country? Play by their DPA's rules – EU court

Europe’s highest court ruled Thursday that if a company is operating in a particular country and targeting residents of that country for business, then it IS subject to that country’s data protection rules. The Weltimmo case hinged on the question of jurisdiction for data protection issues. Weltimmo is a Slovakian company …
Jennifer Baker, 01 Oct 2015

$125m VC war chest awaits NTT Com Security's outgoing boss

The hedge fund that outgoing NTT Com Security overlord Simon Church is joining has $125m to splash on new investments in cyber defence and data services. Church, who provided consultancy for C5 Capital since its inception last year, and was made an advisory board member in April, is to become an "exec in residence" at the equity …
Paul Kunert, 24 Jun 2015

Microsoft unwraps new auto data-protection in Office 365 tools

Microsoft is expanding its Data Loss Prevention (DLP) tools. DLP is a way of tagging content to mark it as sensitive data and subject to policy, such as a rule that states “data must be encrypted” or “may not be shared outside the organisation”. DLP is already available for email in Exchange, Outlook and Office 365, and is now …
Tim Anderson, 28 Oct 2014

Oracle brews PERPETUAL, all-you-can-eat database licence

Exclusive Oracle customers could soon be the beneficiaries of an unlimited, all-you-can-eat licence for its core database, with the giant understood to be readying a deal that would grant use of its database in perpetuity at a flat rate. Oracle’s prospective licence is being referred to as the Perpetual User License Agreement (PULA). …
Gavin Clarke, 07 Aug 2015
NSA parody T-shirt

Naughty NSA was so drunk on data it forgot collection rules

Declassified documents from America's Foreign Intelligence Surveillance Court (FISC) shows that even the NSA didn't know the limits of what it was supposed to collect, and overstepped its authorisations for years. The documents were released to the Electronic Privacy Information Centre in response to an FOI request, and record …
Funnel of cash. Credit: via SXC –

Symantec: Look at our Q4 numbers ... no, not those ones

The road to separation continues to be anything but smooth for Symantec’s security operation, particularly on the consumer front, as it again suffered from sales shrinkage, unlike the breakaway storage biz. In the last set of full year numbers from the firm, sales fell three per cent to $6.5bn, including a four per cent slip in …
Paul Kunert, 15 May 2015
Pair of pliers with other tools

Belden buys Tripwire for $710m: Will keep network burglars out of Internet of Things things

Signal transmission firm Belden has agreed to buy security tools firm Tripwire for $710m in cash. The deal, announced Monday, is expected to close in the first quarter of 2015, subject to customary closing conditions. Tripwire's security and compliance products, such as Tripwire Enterprise, will be further developed and …
John Leyden, 10 Dec 2014

Dixons Carphone still has 7.5k Windows XP EPOS systems

Dixons Carphone is still using thousands of EPOS tills running on Windows XP more than a year after Microsoft’s extended support expired, The Register has learned. This is not the Embedded flavour of the OS (though even these would present a heightened risk of attack, say security experts) but 7,000-plus bog standard XP …
Paul Kunert, 18 Aug 2015

UK NHS IT supplier CSC coughs up $190m fine, three execs in the dock

Computer Science Corporation has paid its $190m (£122m) fine, levied by US watchdog the Securities and Exchange Commission over charges the Virginia-headquartered biz fudged its financial reports. And now some senior executives have agreed to hand back millions of dollars in pay and bonuses as a result of the SEC's probings. …
Iain Thomson, 05 Jun 2015
Fight sticker

Oracle users open can of whup-ass on licensing policies

Businesses view relations with Oracle as “hostile” and are “filled with deep-rooted mistrust”, according to a six month end-user survey on software compliance conducted by the Campaign for Clear Licensing (CCL). The not-for-profit organ probed (PDF) 100 hard-pressed IT and software asset managers, licensing specialists and tech …
Paul Kunert, 03 Nov 2014
Roughly 150kg of gold

EMC coughs up the readies for cloud management software supplier

EMC is buying Virtustream in a seemingly billion-dollar-level transaction, as part of an effort to build a managed cloud services business. Virtustream sells xStream cloud management software for public, private and hybrid clouds, Infrastructure-as-a-Service (IaaS) and managed services to its customers. It says its xStream …
Chris Mellor, 26 May 2015

VMware sued, accused of ripping off Linux kernel source code

Linux kernel developer Christoph Hellwig has sued VMware in Hamburg, Germany, over alleged violations of the GNU General Public License. Hellwig's suit, which is backed by New York-based advocacy group the Software Freedom Conservancy, alleges that VMware's proprietary ESXi hypervisor products use portions of the code that …
Neil McAllister, 05 Mar 2015
Landfill. Pic: Bill McChesney

And so it begins... Cleaning up HMRC's £10.7bn Aspire mess

HMRC is to follow the lead set by the Met Police by setting up a private company to run elements of the tech estate that currently fall under the scope of the failing multi-billion pound Aspire contract. This is the first step HMRC is taking to replace Aspire – the largest single tech contract in UK public sector, which it is …
Paul Kunert, 05 Aug 2015

Microsoft's message for Win Server 2003 users: FLEE FOR YOUR LIVES

With 160 days to go before extended support for Windows Server 2003 reaches the end of the line, Microsoft has popped up with some scaremongering tactics helpful advice. Come 14 July, any businesses running the 12-year-old OS will need to cough a princely sum to receive custom support from Microsoft as no more security patches …
Paul Kunert, 04 Feb 2015
Fight sticker

NHS delivers swift kick to Microsoft's wallet over fee demands

Exclusive Microsoft is finding out that it doesn't always pay to play nasty with large government customers: NHS procurement bosses are telling authorities and bodies to hold firm against a wave of licensing compliance threats. As exclusively revealed by The Channel last week, Microsoft wrote to all 160 healthcare bodies across England in …
Paul Kunert, 03 Jul 2014

Chef and HP cook up partnership for infrastructure as code – even on Windows

HP Discover HP Technology Services has announced a partnership with Chef to include infrastructure automation as part of its Datacenter Care offering, at the HP Discover event today in Barcelona. Chef is open source software (under the Apache 2.0 license) for script-driven configuration of servers. The Seattle-based company of the same name …
Tim Anderson, 02 Dec 2014

Cisco posts kit to empty houses to dodge NSA chop shops

Cisco will ship boxes to vacant addresses in a bid to foil the NSA, security chief John Stewart says. The dead drop shipments help to foil a Snowden-revealed operation whereby the NSA would intercept networking kit and install backdoors before boxen reached customers. The interception campaign was revealed last May. Speaking …
Darren Pauli, 18 Mar 2015

Tech Data: We need ethics, and we've found the right man

It comes to something when a corporation is forced to appoint a chief ethics and compliance officer but that is exactly what distributor Tech Data has done, weeks after completing its costly accounting investigation. Fourteen-year company veteran Jean-Paul Durand – who most recently served as TD's vice president, assistant …
Paul Kunert, 18 Feb 2014

FAST fingers another Cardiff biz over software compliance

Trading Standards officers and the Federation Against Software Theft (FAST) used new copyright powers earlier this week to probe a business in Cardiff to check its software licensing. The team investigated the unnamed firm on Tuesday, according to FAST. The organisation wrote to 200 businesses in Cardiff in July 2008 warning …
Kelly Fiveash, 12 Mar 2009

Symantec buys compliance firm

Symantec is buying 4FrontSecurity, a small compliance company based in Reston, Virginia, which was started by British-educated Christopher Parker and Steve Crutchley. The firm makes software which conducts questionnaires with security staff to ensure companies are complying with necessary privacy and compliance regulations. The …
John Oates, 09 Mar 2007
Wine Taps by N Wong, Flickr, CC 2.0 License

Hyperconvergence isn't about hardware: It's server-makers becoming software companies

Public cloud is supposed to be a mortal threat to enterprise hardware vendors, whose wares look clunky and costly compared to a servers-for-an-hour-for-cents cloud and the threat looks scary … until you actually use a public cloud for a while. The Reg increasingly hears that the cost of operating in a public cloud quickly adds …
Simon Sharwood, 15 Jun 2015

Tech Data: UK accounting errors cost us $27m

Tech Data (TD) has turned to "external experts" to beef up fraud detection measures after it emerged that righting accounting wrongs at its UK sub had wiped $27m (£16.55m) off net profits for the last three years. The restatement equates to three per cent of income made during fiscal '11, '12 and '13, the periods that forensic …
Paul Kunert, 05 Feb 2014
management cio2

Insight snaps up licensing director from rival channel firm

Insight Enterprises has raided rival Bytes Software Services to scalp the Microsoft enterprise reseller of a veteran in the dark arts of compliance. In an internal memo to staff yesterday, Insight confirmed it is set to usher Ben Brown "into the role of UK licensing and software services director". The newbie will start on 4 …
Paul Kunert, 09 Jul 2014
management analysis3

Tech Data granted one more stay of execution by NASDAQ

The NASDAQ Panel has granted Tech Data a final extension until the end of March to get its accounts up-to-date or face an embarrassing and costly de-listing. The tanker-sized wholesaler confirmed this in a brief filing today that it had until the 27th of that month to report restated results for each quarter in fiscal '14 ending …
Paul Kunert, 09 Dec 2013
Wile E. Coyote goes over the edge again

Win Server 2003 addict? Tick, tock: Your options are running out

Windows XP is officially gone but its server companions Windows Server 2003 and Server 2003 R2 live – just not for much longer. Mainstream support for the server duo ended on 13 July 2010 but the expiration of extended support is now just three months away: 14 July 2015. The date is critical as that’s when security updates and …
Tim Anderson, 07 Apr 2015

TALE OF FAIL: Microsoft offers blow-by-blow Azure outage account

Microsoft has published a full, frank, and ugly account of just what went wrong when Azure Storage entered Total Inability To Support Usual Performance – TITSUP - mode in November. The nub of the problem was that Azure's update procedures and code had “... a gap in the deployment tooling that relied on human decisions and …
Simon Sharwood, 18 Dec 2014
Rows of Gummi Bears in military formation. Author: Institute for Web Science and Technologies, University of Koblenz-Landau. Licensed under CC 3.0

iBank: RBS, NatWest first UK banks to allow Apple Touch ID logins

RBS and NatWest have become the first UK-based banks to offer their customers the option to log in to mobile banking apps using Apple’s Touch ID fingerprint recognition technology. From today (19 February), RBS and NatWest customers who have an iPhone 5S, iPhone 6 or iPhone 6 plus will be able to access their mobile banking app …
John Leyden, 19 Feb 2015

400,000 Windows Server 2003 boxes face SUPPORT DOOM

Businesses of Britain are still running Windows Server 2003 on hundreds of thousands of physical boxes ahead of a certain important deadline on 14 July next year. According to HP, there are 900,000 instances of the eleven year-old software out in the wilds and 400,000 physical boxes, with 218 days to go before Microsoft pulls …
Paul Kunert, 08 Dec 2014

IBM snaps up identity access gatekeeper tech

IBM has snapped up privately held security software firm CrossIdeas. Financial terms of the deal, announced Thursday, were undisclosed. Rome, Italy based CrossIdeas has been developing identity access technology since 2011. Its technology allows CISOs and security teams in big companies to automatically detect conflicts in …
John Leyden, 01 Aug 2014
Tech Data

IT distie Tech Data must end accounts-unbungling probe within a fortnight

NASDAQ-listed Tech Data has less than a fortnight to get its accounts in order and financial filings up to date, the distributor acknowledged last night. The Florida-based broadline IT distribution giant discovered whopping great errors in its finance records at UK subsidiary C2000 back in March, which were related to blunders …
Paul Kunert, 13 Sep 2013
Tree sampling in the Monteverde cloud forest. Credit: Jorge Porras

The object of the game: NetApp 'Amazon-izes' StorageGRID

NetApp has announced a new version of its object storage software, StorageGRID Webscale, and extended its hybrid public:private facilities by "Amazon-izing" it with the addition of an interface with AWS's online file storage web service S3. Geo-distributed erasure coding technology is coming. NetApp views object storage as a …
Chris Mellor, 23 Sep 2014
management regulation1

Microsoft: Look at our cloudy privacy award. Isn't it so ... meaningful?

Microsoft is in self-licking lollipop mode after its cloudy wares passed the privacy water mark set by the International Organisation for Standardisation, letting it paper over customers’ concerns. Data sovereignty is a major hurdle for global companies trying to sign up customers to the fluffy white stuff, particularly in …
Paul Kunert, 16 Feb 2015

Sage brings compliance software inhouse

Newcastle-based business software firm Sage has bought compliance and document tracking technology from Virginia developer VerticalFalls Software. Sage now owns the intellectual property which it says will enable it to better meet the needs of financial services customers. It'll be integrating the code into its ACT! range, for …



Chris Mellor

Tech Unplugged sees Reg presenter unplugged
Nimble Storage array


Lego gandalf by  CC 2.0 attribution sharealike
Why interconnectivity in the cloud is tougher than just stacking bricks
Handing over dollars picture via Shutterstock
Steve Ballmer. Pic:  Aanjhan Ranganathan
Nokia is the biggest write-off yet, but it wasn't the first