Access "New data protection laws"
This article is part of the January/February 2010 issue of Filling the data protection gap
The deadline has been a moving target but come March 1, Massachusetts' new data protection law is finally slated to take effect. 201 CMR 17.00, along with Nevada's 603A, which took effect in January, represent a new class of state regulations that require organizations to deploy specific controls to protect personal identifying information from unauthorized access. Massachusetts and Nevada have established a new standard for personal data protection and appear to have set the stage for more prescriptive laws at the federal level. These new laws are the result of pressures on lawmakers to do something to combat the countless compromises of credit cards, Social Security numbers, and bank account information we hear about every day. They provide clear guidance on how personal data must be protected and who is ultimately responsible for its protection. Instead of just requiring organizations to notify data security breach victims, the new regulations go a step further by trying to prevent breaches from occurring in the first place. Furthermore, both the ... Access >>>
Premium Content for Free.
New data protection laws
by Richard E. Mackey, Jr., Contributor
Massachusetts 201 CMR 17.00 and Nevada's data protection law establish new standards for personal data protection
Disaster recovery plans and DLP solutions top 2010 priorities
Disaster recovery plans, DLP solutions, and regulatory compliance are top enterprise priorities, according to Information Security's Priorities 2010 survey
- New data protection laws by Richard E. Mackey, Jr., Contributor
Endpoint DLP fills data protection gap
by Rich Mogull
Learn how endpoint data loss prevention technology complements network DLP and secures data that users interact with on laptops, mobile and portable storage devices.
Attackers zero in on Web application vulnerabilities
Secure coding and vulnerability scanning could mitigate many Web application attacks
- Endpoint DLP fills data protection gap by Rich Mogull
Perspectives: Pet information security risks
by Ron Woerner
IT and security managers often make the mistake of being consumed with a specific risk or threat to the detriment of security
Schneier-Ranum Face-Off: Should we ban anonymity on the Internet?
Security experts Bruce Schneier and Marcus Ranum debate the possibility of eliminating anonymity on the Internet.
Leverage Google Attacks to Improve Cybersecurity
China's hacker attacks against Google's infrastructure, including Gmail accounts of human rights activists as well as Google's source code, should be used to educate enterprises about the reality of cyberespionage from nation states and organized criminals.
- Perspectives: Pet information security risks by Ron Woerner
More Premium Content Accessible For Free
For many security teams, "continuous monitoring" is a vague concept associated with FISMA compliance. A continuous monitoring program can be simple ...
The variety and sheer number of network endpoints, users and devices in the enterprise today is driving IT's demands for enhanced security features ...
Enterprises leverage open source software for the perceived quality of the code, but the Heartbleed flaw has made many question their use of ...