Valuing secure access to personal information

Friday, 20 August 2004, 10:44 AM EST

Securing data is not a simple endeavor; a multi-discipline, defense-in-depth approach is necessary, as information can leak at any point in the communication process, from receipt, through storage, retrieval, transmission, and so on. Furthermore, each information system element is vulnerable to loss, including hardware, software, and personnel. Add to this the exceptional efforts made by those who want to acquire information through illicit means, whether for espionage, criminal, political, mischievous, or other intent... someone is always trying gain access to information they shouldn't have.

Organizations, for the most part, have come to recognize the value of the operational and functional information they possess, and are taking pains to protect it accordingly. This might be because of legislation such as the Health Insurance Portability and Accountability Act (HIPAA), which mandates better security processes, or because of every-increasing case law findings against organizations that don't do enough to protect their own vendors' and customers' data, such as the decision earlier this year against the U.S. Department of Interior for not maintaining adequate control of Bureau of Indian Affairs databanks.

By Ben Malisow at SecurityFocus.

[ Read more ]




Spotlight

Attackers use reflection techniques for larger DDoS attacks

Posted on 17 April 2014.  |  Instead of using a network of zombie computers, newer DDoS toolkits abuse Internet protocols that are available on open or vulnerable servers and devices. This approach can lead to the Internet becoming a ready-to-use botnet for malicious actors.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Apr 18th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //