Two recent major breach incidents call attention to the value of encrypting backup tapes. A new survey shows how many organizations are taking this precaution.
The Department of Homeland Security is undertaking nine private and three public cloud computing initiatives, establishing private cloud services to manage sensitive but unclassified information while using the public cloud for non-sensitive data.
Alastair MacWillson says the lack of harmonization among state, national and international security laws and regulations has proved challenging for global organizations that want to work in the cloud.
"It should provide fuel for anyone calling for data breach legislation to include criminal sanctions ...," says Neal O'Farrell of the Identity Theft Council. "This was nothing short of a clumsy cover-up."
Ineffective or noncompliant security practices of service providers, the inability of customers to examine controls, the prospect of data leakage and the loss of data if a cloud service is terminated present challenges.
"With a company-issued device, you can issue a policy that says users have no rights of privacy over information on the device," says Javelin's Tom Wills. But with employee-owned devices? A whole new set of issues.
The Department of Homeland Security becomes the first federal agency to award a task order using a General Services Administration's blanket purchase agreement for an infrastructure-as-a-service, cloud-computing offering, says GSA Assistant Commissioner Mary Davie.
Discussing Verizon's new report on the state of PCI compliance, PCI expert Jen Mack says payment card security today is "disappointing," and global merchants are at serious risk of new data breaches.
Information security poses a major challenge to the widespread adoption of cloud computing, yet the Cloud Security Alliance, an association of cloud stakeholders, sees the cloud as a provider of information security services.
Whether you're preparing for the upcoming HIPAA compliance audits, pondering a move to cloud computing or developing a social media policy, it pays to get privacy and security tips from experts in the field.
Cloud computing contracts often assign certain liabilities to the customer. That means healthcare organizations, in some cases, may need additional insurance coverage, warns consultant Gerard Nussbaum.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.asia, you agree to our use of cookies.