Brabeion Tools Pare Down Compliance
The Brabeion Compliance Center 6.0 was designed to help reduce the cost of meeting the terms of regulations by implementing one comprehensive system throughout an organization.
The tools make it easier for network administrators to identify and mitigate compliance issues.
The upgraded software, which comes with a new, intuitive interface, includes modules for the Sarbanes-Oxley Act, HIPAA (the Health Insurance Portability and Accountability Act), the Gramm-Leach-Bliley Act and the Federal Information Systems Management Act, among others.
For the Burlington Northern Santa Fe, a subsidiary of BNSF Railway, based in Fort Worth, Texas, the greatest impact on the business in the past two years resulted from the Sarbanes-Oxley requirements, said Cherry Hanneman, senior manager of Enterprise Security at the railroad.
The company uses technology from Brabeion, based in McLean, Va., to maintain a consistent compliance environment throughout its widely dispersed operation.
The latest version of the software will allow the railroad to streamline its security policies according to employee function.
"One of the things we realized would be beneficial to our organization is to pull out the information that really only pertains to specific groups," Hanneman said. "Our policy is pretty big right now and we want to get it to the point where it isnt so scary to our [employees]."
The expertise of Burlington Northern Santa Fes employees in using computers varies widely, but all 45,000 employees, including the crews that work in the yard, must be familiar with the network security policies, Hanneman said.
If the policy manual is more streamlined, employees are more likely to become familiar with it, she said.
"Right now the policy is probably about 40 pages long. To get through the whole thing would take probably several hours," she said. "I think were probably going to have it down to a 10-page document that will be much more direct, and it shouldnt take more than a half hour to read."
Check out eWEEK.coms for the latest news, commentary and analysis on regulatory compliance.