Access "Proactive state privacy laws change security focus to prevention"
This article is part of the February 2009 issue of Improving your network security strategy in a recession
There's always been a premium on data protection, but a paradigm shift away from reactive laws toward more proactive and uniform breach-prevention frameworks may up the ante for information security practitioners who can expect a lot of heavy compliance lifting this year. Hardcore data protection laws in Nevada, as of last October, and coming May 1 in Massachusetts, have changed the information security game for everyone. They've mandated prevention; shifting the focus from data-breach notification, though not eliminating that concern, to breach prevention by way of mandatory encryption. When it comes to data handling and data control, encryption is now front and center. The undertone is that data containment is how the game will be won, and encryption is the approach chosen by these states to achieve containment. But even more significant than what these laws read, is what they will do. Requiring businesses to encrypt transmitted personal data (and under the Massachusetts regulations, the encryption of personal information stored on portable devices or ... Access >>>
Access TechTarget
Premium Content for Free.
What's Inside
Features
-
-
10 tips to improve your network security strategy in a recession
Here are 10 steps you can take to improve your threat management posture that require minimum investment, manpower and give you a fast return on your investment.
-
Recession forces security to measure and prioritize risks
Compliance demands, hacker threats, insider risks and integration concerns brought on by mergers and acquisitions make information security somewhat recession proof.
-
Encryption, DLP, disaster recovery top 2009 priorities
Information Security magazine's annual Priorities 2009 survey identifies data protection and disaster recovery among the top priorities for security managers.
-
Product Review: IronKey Enterprise Secure Flash Drive
by Ed Tittel, Contributor
IronKey Enterprise Secure Flash Drives enable organizations to control access to sensitive information on portable flash drives.
-
10 tips to improve your network security strategy in a recession
-
-
Product Review: PGP Endpoint
PGP Endpoint provides automated whole disk encryption that is centrally managed.
-
Product Review: Rohati TNS 100
Rohati's Transaction Network System brings NAC to the application level, and delivers granular access control for Web-based applications and file shares.
-
Product Review: Astaro Mail Gateway 4000
Astaro Mail Gateway 4000 is an antivirus and antispam appliance that is suitable for a midmarket organizations because of its simple central management capabilities.
-
Product Review: PGP Endpoint
-
Columns
-
Vein-reader biometric authentication for health care, financials
Health care facilities, along with financial institutions, are prime market targets for vein-reading technology, the latest in biometric applications.
-
Shoestring security budgets mean innovation and prioritization
Security managers face a lean economic year in 2009, but that doesn't mean threats and compliance demands will abate.
-
Proactive state privacy laws change security focus to prevention
New data breach notification acts in Nevada and Massachusetts are changing the way that organizations handle data.
-
Schneier, Ranum debate social networking risks
Should companies be concerned about employees' social networking? Bruce Schenier and Marcus Ranum take opposite sides on this issue.
-
Vein-reader biometric authentication for health care, financials
More Premium Content Accessible For Free
Compliance and risk modeling
E-Zine
You can fight compliance or embrace it, but one way or the other, you can’t escape it. Increasingly, smart organizations are not just accepting ...
Essentials: Threat detection
E-Zine
Antivirus and intrusion prevention aren’t the threat detection stalwarts they used to be. With mobile endpoints and new attack dynamics, enterprises ...
Managing identities in hybrid worlds
E-Zine
The world in which successful IAM programs must be implemented is increasingly complex, a mix of legacy on-premise IAM infrastructures, cloud-based ...