This month’s issue of Information Security magazine takes you deep inside the Data Accountability And Trust Act (DATA), pending legislation that could reshape the national privacy landscape and impact the way enterprises and midmarket companies architect their security operations. DATA would mandate reasonable security policies and procedures to protect data containing personal information, as well as breach notification; it would be the closest thing we have to a national data privacy law. In this article, you'll learn details about DATA, including how it defines personal information, encryption requirements outlined in the act, reporting requirements, potential penalties and more.
Also, we cover:
SECURITY’S ROLE IN VENDOR MANAGEMENT
Virtually every business depends to some extent on third parties to provide products and services. Inevitably, some of those third parties will require access to confidential corporate and/or customer information. It is incumbent that the third party can ensure the data entrusted to them remains confidential. This article will discuss some of the key risk management principles relative to infosecurity within vendor management, including information classification, prioritization, quantification and location, and developing effective due diligence processes.
And finally:
SECURITY CONSIDERATIONS IN DISASTER RECOVERY
In planning for a disaster or outage, companies are intent on ensuring critical business processes remain operational, but they can overlook security, putting sensitive data at risk. This article will look at critical considerations, including recovery site security, and secure transmission of data to backup sites.
Sponsored By: CDW, ArcSight, Check Point, Code Green Guardium, IronKey, ISACA, NETGEAR, Inc., Security Innovation, Websense, RSA, The Academy Pro, SystemExperts, Glasshouse Technologies
- Vendor:
- Information Security Magazine
- Posted:
- Feb 8, 2021
- Published:
- Dec 9, 2010
- Format:
- Type:
- Ezine
