Compliance Drives Concerns
By implementing these best practices, organizations can not only gain the trust of consumers by avoiding embarrassing and potentially damaging data and information losses, but also comply with industry regulations. All public companies are feeling greater regulatory pressure to improve information security because of the Sarbanes-Oxley Act, which includes control over data security as one of the audit criteria for proper corporate governance.
Additionally, laws such as the California Security Breach Information Act (SB-1386) have called more attention to the problem and increased consumer awareness surrounding identity theft and personal data protection. The California law requires organizations that maintain personal information about individuals to inform those individuals if the security of their information is compromised. The Act stipulates that if thereís a security breach of a database containing personal data, the responsible organization must notify each individual for whom it maintained information. The far-reaching law affects organizations outside California as it applies to anyone who might have a customer or conduct business with an entity within California. Additionally, 26 states now have laws similar to SB-1386.
Demands to have an always-on IT infrastructure will continue to increase while threats are constantly evolving based on profit motives. Not only is it important for enterprises to protect their stored data by deploying the best practices discussed, it is of paramount importance that they continue to reexamine their storage security strategy, consider any new information access requirement, ensure regulatory compliance and keep a few steps ahead of potential data storage loss.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.