Data Privacy and Protection

MUST READ Privacy: Security pros should practice what they preach ARTICLE - Calling privacy "a neglected area" in information security, expert Sarah Gordon says security professionals need to set an example by taking advantage of technical and policy solutions that can help mitigate risks to ...

VIDEO: 1 - 3 of 3

	Compliance in the cloud SearchSecurity.com | 07 Jul 2009 VIDEO - Rena Mears, global and U.S. privacy and data protection leader at Deloitte, discusses how cloud computing is transforming data classification and security.

	PCI compliance requirement 3: Protect data SearchSecurity.com | 01 Jun 2009 VIDEO - Ed Moyle and Diana Kelley review Requirement 3 of the Payment Card Industry Data Security Standard: Protect cardholder data. It's not as simple as it sounds.

	Federal efforts to secure cyberinfrastrucure SearchSecurity.com | 03 May 2009 VIDEO - RSA 2009: Former White House senior advisor Paul Kurtz and James Lewis, director of technology policy at the Center for Strategic and International Studies talk about the state of cybersecurity readiness at the federal level.

	VIEW ALL VIDEO ON DATA PRIVACY AND PROTECTION

EXPERT TECHNICAL ADVICE: 1 - 3 of 32

DATA PRIVACY AND PROTECTION EXPERTS
			David Mortman, featured expert ASK A QUESTION

	Interpreting 'risk' in the Massachusetts data protection law 18 Nov 2009 TIP - Contributor David Navetta reviews the important, ambiguous places in the Massachusetts data protection legislation that your legal and compliance teams must zero in on.

	Strategies for using technology to enable automated compliance 04 Aug 2009 TIP - Eric Holmquist offers guidance on how to use technology to ensure a successful automated compliance effort.

	How to prepare for a FERPA audit 25 Aug 2009 EXPERT ANSWER - Does your educational institution have to comply with FERPA? David Mortman, security management expert, explains what FERPA requires for school records and what to do when your FERPA audit is right around the corner.

	VIEW ALL EXPERT TECHNICAL ADVICE ON DATA PRIVACY AND PROTECTION

NEWS: 1 - 3 of 59

	Massachusetts data protection law has mixed impact on financials SearchFinancialSecurity.com | 13 Aug 2009 ARTICLE - Many financial institutions are already meeting new law's requirements for protecting state residents' personal information, but some have work to do.

	Researchers predict SSNs, crack algorithm putting identities at risk SearchSecurity.com | 07 Jul 2009 ARTICLE - The success rate is as high as 90% for individuals born after 1989 in less populous states. Some data was gleaned from social networking sites.

	Attackers cash in on fundamental data handling mistakes, Verizon finds SearchSecurity.com | 15 Apr 2009 ARTICLE - Large data breaches are the result of sophisticated, targeted external attacks that exploit basic errors, according to the latest data breach investigation report from Verizon.

	VIEW ALL NEWS ON DATA PRIVACY AND PROTECTION

REFERENCE & LEARNING: 1 - 3 of 10

	Quiz: Compliance-driven role management SearchSecurity.com | 23 Nov 2009 QUIZ - Use this five-question quiz to test your knowledge of role and entitlement management.

	Quiz: Virtualization and compliance SearchSecurity.com | 08 Jul 2009 QUIZ - How much have you gleaned from this Virtualization and compliance Security School lesson? Test you knowledge of cloud compliance issues.

	Information security book excerpts and reviews SearchSecurity.com | 19 Feb 2009 INFORMATION SECURITY BOOKSHELF - Visit the Information Security Bookshelf for book reviews and free chapter downloads.

	VIEW ALL REFERENCE & LEARNING ON DATA PRIVACY AND PROTECTION

MAGAZINE CONTENT (free subscription required): 1 - 3 of 19

	How to write a risk methodology that blends business, security needs Information Security Magazine | 04 Jun 2009 FEATURES - One security professional describes a homegrown risk methodology currently being used by a large university and a private corporation.

	Bruce Schneier and Marcus Ranum Face-Off: Should We Have an Expectation of Online Privacy? Information Security Magazine | 07 May 2009 COLUMNS - Security experts Bruce Schneier and Marcus Ranum debate whether users should have an expectation of online privacy.

	Proactive state privacy laws change security focus to prevention Information Security Magazine | 11 Feb 2009 COLUMNS - New data breach notification acts in Nevada and Massachusetts are changing the way that organizations handle data.

	VIEW ALL MAGAZINE CONTENT ON DATA PRIVACY AND PROTECTION

WEBCASTS: 1 - 3 of 3

The Importance of Data Integrity and Why You Should Care - Vendor Webcast VIEW WEBCAST PREMIERED:   15 NOV 2006, 09:00 EST (14:00, GMT) SUMMARY:   In this webcast, join Randolph A. Kahn, author of the book "Privacy Nation" for a one-hour discussion on the importance of your company's data integrity and why you should care. Mr. Kahn also discusses how to effectively secure your company's valuable information and appropriately classify your data.

	Overcoming the Myths and Confusion of Payment Card Industry (PCI) Compliance - Vendor Webcast VIEW WEBCAST PREMIERED:   28 JUN 2006, 14:00 EDT (18:00, GMT) SUMMARY:   Attend this webcast and explore Payment Card Industry (PCI) standards and the measures your company should take to effectively secure customer credit card information.

The Fast Track to Compliance: Better Management for Network Security - Vendor Webcast VIEW WEBCAST PREMIERED:   22 SEP 2004, 12:00 EDT (16:00, GMT) SUMMARY:   Join META Group analyst and noted compliance expert Paul Proctor (keynote speaker, Oct. 2004 Information Security Decisions) as he takes a fresh look at how complex network security systems should be managed in the age of HIPAA, Sarbanes-Oxley, GLBA, and other wide-reaching regulations.

	VIEW ALL WEBCASTS ON DATA PRIVACY AND PROTECTION

WHITE PAPERS

Vault-Like Protection for 200 Financial Services Locations Published by: WatchGuard Technologies, Inc. | 26 Oct 2009 CASE STUDY - Southern Management Corporation, a financial services company providing tax and loan services, required a tight lockdown of their cache of personal and confidential customer data, while allowing for easy administration from the small IT staff managing a widespread network. WatchGuard provided the perfect solution. Read on to learn how they did it

Pocket E-Guide: Data Breach Dangers -- Learn to How to Protect Data and Lower Security Spending Published by: IBM | 08 Oct 2009 EGUIDE - Information security is important, but justifying increased security spending isn't. Even though important factors such as stock performance and customer loyalty are directly affected by security breaches. This E-Guide outlines three specific actions for your company to take in order to protect and promote brand trust by preventing data breaches.

	Security in the Call Center: Verifying Customer Identities without the Inconvenience Published by: RSA, The Security Division of EMC | 25 Sep 2009 WHITE PAPER - Is securing the Call Center possible without impacting the customer experience? This paper discusses the advantages and benefits of using knowledge-based authentication (KBA) to bolster Call Center security over other solutions.

	VIEW ALL WHITE PAPERS IN THIS TOPIC

DEFINITIONS: 1 - 3 of 3

	P3P 04 Jul 2003 WORD - P3P (Platform for Privacy Preferences) is a protocol that specifies a way to determine if a Web site's security policies meet a user's privacy requirements. P3P includes a machine-readable vocabulary and syntax that can be ...

	cypherpunk 15 Sep 2001 WORD - Cypherpunk, a term that appeared in Eric Hughes' "A Cypherpunk's Manifesto" in 1993, combines the ideas of cyberpunk, the spirit of individualism in cyberspace, with the use of strong encryption (ciphertext is encrypted text) ...

	Data Encryption Standard 19 Jan 2001 WORD - Data Encryption Standard (DES) is a widely-used method of data encryption using a private (secret) key that was judged so difficult to break by the U.S. government that it was restricted for exportation to other countries. ...

	VIEW ALL DEFINITIONS ON DATA PRIVACY AND PROTECTION

	SEE ALSO - Topics Related to Data Privacy and Protection:  COBIT, Gramm-Leach-Bliley Act (GLBA), HIPAA, Sarbanes-Oxley Act, FISMA, IT Security Audits, PCI Data Security Standard, ISO 17799, FFIEC Regulations and Guidelines