All Data Privacy articles – Page 43
-
Article
The Keys to Better Access Control Systems
Image: Gone are the days when “access control” meant locking your door or filing cabinet. Now compliance, IT, and audit teams must collaborate on controls to access networks rather than physical stores of information. Inside, we look at three best practices to design strong access control and at how to ...
-
Blog
New Mimecast Services Extend Spear-Phishing Protection
Mimecast has announced two new measures designed to protect against spear-phishing. The first measure, Attachment Protect, and user awareness enhancements reduce the threat from malware-laden attachments and help IT teams improve employee security awareness. The second measure, Mimecast Targeted Threat Protection – URL Protect, give customers a comprehensive line of ...
-
Article
How to Simplify Cyber-Security Controls Amid Abundant Laws
By now every compliance officer has already heard the warning that it’s a matter of when you suffer a cyber-security breach, not if. Then comes compliance with breach disclosure rules—and those demands are becoming as perplexing as the cyber-threat itself. Overwhelmed, compliance officers are seeking ways to navigate these demands ...
-
Article
Avoiding the Pitfalls of Data Mining
In recent months, numerous companies have found themselves the target of legal and enforcement actions for obtaining or using personal data without consent. The kicker: Most of these actions could have been easily avoided, since most of the infractions were clear violations of contract law. “If companies simply complied with ...
-
Blog
Akerman Launches New Data Law Practice
Law firm Akerman this week announced the launch of its newly created Data Law Practice, and the expansion of the firm's varied services in the increasingly business critical areas of information governance, e-discovery, and data privacy and security. Details inside.
-
Article
The Workflows You Need to Use After a Data Breach
Compliance officers have enough scrambling to do after a data breach. Not understanding the steps to take, or not being in proper position to take them, only makes matters worse. Inside, guest columnist John Reed Stark walks through all the steps your company needs to take—including those to take before ...
-
Blog
AccelOps Enhances Its Integrated IT Security Platform
AccelOps today announced new enhancements to its integrated IT security and operational intelligence platform that enables IT to rapidly detect, prevent, and respond to malicious attacks. Details inside.
-
Article
FSOC Report Offers Tea Leaves for Future Regulatory Focus
What are the top threats to the U.S. financial system? In a new report, the Financial Stability Oversight Council cites cyber-security, financial innovations, and high-frequency trading among the problems regulators must address. Critics fret, however, that the agency wants “to get rid of the capital markets and replace everything with ...
-
Blog
Actiance Supports Skype for Business and Yammer
Actiance, a compliance, security, archiving and e-Discovery provider for critical business communications, announced that it now supports Skype for Business and Yammer. With Actiance’s extended support, companies can control, monitor and archive all their critical communications as they move to the cloud and as they adopt new communication channels. Details ...
-
Article
Suddenly, Washington Is Back at Cyber-Security Discussion
Image: For the first time in years, Washington is abuzz with proposed changes to cyber-security disclosure, both in Congress and at the SEC. Above all, experts say, is a need to clarify terminology and expectations. “There should be minimum standards for what that security should be across the board,” says ...
-
Resource
e-Book: Cyber-Security: Rising to the Challenge
The risk of critical information falling into the hands of hackers is now higher than ever, and governing information remains a struggle. Worse, the technical nuance associated with cyber-security can be somewhat intimidating for internal auditors and compliance officers. While many organizations are trying to avoid falling victim to a ...
-
Article
Data Governance 101: Getting Started
Amassing terabytes of data is easy; for most businesses, managing those valuable—and sometimes very risky—assets is the hard part. A successful data governance initiative, experts say, isn’t a project you can hand off to the IT department or solve with a software purchase. Compliance, audit, and risk executives all need ...
-
Blog
Weaver Launches New IT Advisory Service
Weaver, an independent accounting firm, recently launched a new IT advisory service that provides payment card industry (PCI) data security assessments. Brian Thomas and Brittany George, both in Weaver’s IT advisory services, have met the necessary requirements to earn the Qualified Security Assessor (QSA) certification from the PCI Security Standards ...
-
Resource
The Elements of Privacy Risk – GRC Illustration
Organizations that handle personal information face increasingly complex challenges to effectively manage privacy risk and compliance. The impact of these challenges covers the entire information life cycle.Whether information is collected to support individual transactions, conduct research or meet legal requirements, the duty to keep that information secure and private arises. ...
-
Blog
Brainloop’s ITAR-Compliant Cloud Solution Now Available for SMBs
Brainloop, a provider of SaaS technology for the secure storage, collaboration, and exchange of confidential documents and files, announced that the ITAR-compliant Brainloop Secure Dataroom is now available for small to medium sized organizations.
-
Blog
BrandProtect Enters Into Reselling Agreement With Sayers
BrandProtect this week announced a reseller agreement with IT and security solutions consulting firm Sayers. Details inside.
-
Article
Preparing Your Board for Cyber-Security Oversight
Every board knows its company will fall victim to a cyber-attack and, worse, that the board will need to clean up the mess and superintend the fallout. This week, guest columnist John Stark, a long-time student of cyber-security risks, breaks down the fundamentals any board must establish for cyber-security, and ...
-
Blog
Why Is Cyber-Security a Process? This Is Why.
Image: Everyone stresses the importance of looking at cyber-security as a process. Well—why, exactly? How does viewing cyber-security that way help compliance and audit executives? Because, Compliance Week Editor Matt Kelly writes, cyber-threats are equally about building effective processes—to subvert yours. And until we appreciate the nature of cyber-risks, he ...
-
Article
Case Study: UCLA, Apps, and HIPAA Compliance
Companies that handle health information are subject to data privacy rules under HIPAA—rules that have grown more complex with the proliferation of mobile health applications (mHealth apps). Those that want to develop mHealth apps in a compliant manner have two options: Build a HIPAA-compliant application of your own, or buy ...
-
Article
NY Regulators Pose New Challenges to Compliance Officers
Image: The state of New York is muscling its way into financial regulation, with regulator Benjamin Lawsky proposing moves in anti-money laundering compliance far more bold than anything the feds are doing. Inside is a look at what the Empire State wants to achieve, and the potentially severe liability CCOs ...