Access "Perspectives: Focus on commonalities in state data breach laws"
This article is part of the September 2006 issue of The power of SIMs for visibility and compliance
Complying with a plethora of state privacy laws is tough. Focus on their common elements. All the time, it seems, another state is coming up with a new law for protecting consumers' sensitive data. At least 23 have passed a security breach notification law, and these laws are far from uniform. The result is a bevy of regulations du jour and a daunting challenge for information security and compliance professionals. More than a few times I have been well on my way to meeting the privacy requirements for one state, only to find out another state has passed similar rules, but with additional mandates. Security breach laws vary as to who should be notified, what constitutes personal information, and most importantly, when notification should occur. Do we notify each time data has been accessed without authorization, or only when we believe the data is at risk? In the midst of all this, there is the development of federal regulation to preempt all the individual state regulations, with at least four bills under consideration. This is a great next step to ... Access >>>
Premium Content for Free.
Using security information management systems for a posture assessment
For more visibility into your security posture and smoother compliance, picture what a security information management system can do for you.
Centrify's DirectControl Suite
Content inspection accelerator cards rev up application-layer security
The answer to traffic loading issues may be in the new content-inspection accelerator market.
Secure Reads: How technology is endangering your privacy
Read a quick review of the security book, "Privacy Lost: How Technology is Endangering Your Privacy."
Removable Storage Security: ControlGuard Access Manager 3.0 review
ControlGuard's Access Manager 3.0
Intrusion Prevention: iPolicy Network's ISM Express 1000
iPolicy Network's ISM Express 1000
- At Your Service: September 2006 managed services security news
Not So Simple
Are you ready to rid your enterprise of a client-based VPN in favor of simple SSL? Tread carefully. We sort through five SSL VPNs, and uncover which best conquer the many challenges.
- Using security information management systems for a posture assessment
- Events: Information security conferences for September 2006
Brick By Brick
No budget for an application firewall? Use open-source components to build your own.
Recent releases: Security product briefs, September 2006
Read about the released security products of September 2006.
Proofpoint's Messaging Security Gateway Product Review
In this product review, learn how Proofpoint's Messaging Security Gateway can help to protect against viruses, spam and Trojans. Get tips on product management, configuration and reporting.
Data Encryption and IDS / IPS: Getting a better view of network activity
Encryption can to help secure data and meet HIPPA requirements, but the technology blocks sight of network activity by blinding IDSes and IPSes. Learn how to have an effective encryption and IDS/IPSe solution simultaneously.
Head of the Class
Got your MBA study guide yet? More information security pros are going back to school and chasing down a graduate business degree.
- What's a Hot Pick?
Perspectives: Focus on commonalities in state data breach laws
Examine the similarities in state data breach notification laws and develop a policy that intersects those common areas.
Ping: Christopher Ray
Editor's Desk: A feature-set in disguise
Slice and Dice
Is There Strategic Software?
- Perspectives: Focus on commonalities in state data breach laws
More Premium Content Accessible For Free
Deploying data protection technologies properly requires a lot of time and patience. While most firms can get started by using preconfigured policies...
The bring your own device (BYOD) movement, which has flooded the enterprise with employee-owned smartphones, tablets, phablets and purse-sized ...
For so long penetration testing meant hiring an expert to use skill and savvy to try to infiltrate the company system. But, as with most ...