Data Security and Privacy
News headlines about the increasing frequency of stolen information and identity theft have focused awareness on data security and privacy breaches—and their consequences. In response to this issue, regulations have been enacted around the world.
The number and variety of regulatory mandates are numerous, and they affect organizations around the globe. Some of the most prevalent mandates include:
- Sarbanes-Oxley Act (SOX)
- Health Insurance Portability and Accountability Act (HIPAA)
- Payment Card Industry Data Security Standard (PCI-DSS)
- Federal Information Security Management Act (FISMA)
- EU Data Privacy Directive
Along with the rising number of regulatory mandates is the increased pressure to show immediate compliance. Enterprises are under tremendous time pressure and need to show immediate progress to the business and shareholders, or face reputation damage and stiff financial penalties.
Focus Areas
There are three main areas organizations should focus on for protecting information:
- Understand & Define: Understand where data resides, what domains of information exist, how it is related across the enterprise and define the policies and metrics for securing and protecting that data.
- Secure & Protect: Protect data across the enterprise – in both production and non-production, both structured and unstructured – from unauthorized use.
- Monitor & Audit: Ensure information remains protected from authorized and unauthorized users on an ongoing basis, assess vulnerabilities and validate compliance. Report the status to auditors both internally and externally.
Next Steps
- Understand enterprise data
- Implement different data protection technologies
- Assess Database Vulnerability
- Leverage security solutions beyond the data center
Understanding data security and privacy risks across the enterprise
Resources
Secure Enterprise Data and Ensure Compliance
Protect data and incorporate intelligence that enables organizations to proactively address