Infosec pros tasked with meeting regulatory requirements need a security strategy that combines technology with risk assessment and policy enforcement. Searching for products that will help satisfy government regulations? Many vendors claim to have all the answers, but just try to find a marketing rep willing to get into specifics about how the technology maps to particular elements of Sarbanes-Oxley (SOX), HIPAA or Gramm-Leach-Bliley (GLBA). In the end, assessing your organization’s compliance needs must be done in-house.