Security Survivor All-Stars


This article can also be found in the Premium Editorial Download "Information Security magazine: Security survivor all stars explain their worst data breaches."

Download it now to read this article plus other related content.

Security Survivor All-Stars

8 tips to ensure Your customers' personally identifiable Information stays safe.

Plan for one layer of your security controls to be bypassed: A stolen employee password should not provide the keys to the castle.

Review and understand data retention rules. Do not retain personal information longer than required; ensure your practices are safe and within policy.

Conduct annual third-party security audits: Audits help you understand gaps and reduce risk. Implement suggested changes. If an audit sounds scary, your security is inadequate.

Employ need-to-know access: Allow access to data on a need-to-know basis; record and audit that access.

    Requires Free Membership to View

More information from SearchSecurity.com

Larry Ponemon, of The Ponemon Institute, explores why companies who ignore data breaches are also ignoring risk management.

Learn how to avoid making headlines due to a privacy breach.

Review the important elements of a data protection strategy.

Protect from the inside out: Often, the same controls that prevent employees from acting beyond their privilege will also prevent an attacker from gaining elevated access.

Prioritize risks: Classify data as sensitive and critical to the organization. Secure the database where it lives.

Encrypt backups: One of the most common losses of data results from missing backups.

Verify partner security standards: Ensure that service providers maintain security best practices in line with industry and organizational standards.

Sources: Jon Orbeton, Check Point Software Technologies, Zone Labs division; Adrian Lane, IPLocks

This was first published in April 2006

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: