Valuing secure access to personal information

Friday, 20 August 2004, 10:44 AM EST

Securing data is not a simple endeavor; a multi-discipline, defense-in-depth approach is necessary, as information can leak at any point in the communication process, from receipt, through storage, retrieval, transmission, and so on. Furthermore, each information system element is vulnerable to loss, including hardware, software, and personnel. Add to this the exceptional efforts made by those who want to acquire information through illicit means, whether for espionage, criminal, political, mischievous, or other intent... someone is always trying gain access to information they shouldn't have.

Organizations, for the most part, have come to recognize the value of the operational and functional information they possess, and are taking pains to protect it accordingly. This might be because of legislation such as the Health Insurance Portability and Accountability Act (HIPAA), which mandates better security processes, or because of every-increasing case law findings against organizations that don't do enough to protect their own vendors' and customers' data, such as the decision earlier this year against the U.S. Department of Interior for not maintaining adequate control of Bureau of Indian Affairs databanks.

By Ben Malisow at SecurityFocus.

[ Read more ]


Credential manager system used by Cisco, IBM, F5 has been breached

Pearson VUE is part of Pearson, the world's largest learning company. Over 450 credential owners (including IT organizations such as IBM, Adobe, etc.) across the globe use the company's solutions to develop, manage, deliver and grow their testing programs.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Wed, Nov 25th