Each year, organizations are faced with increasing pressures to better secure their data. These pressures are not only coming from internal management, but also from external sources such as auditors, trading partners, credit card companies and governmental agencies.
Consumer Personal Information
The U.S. federal government and most state governments are now requiring organizations to have strict security mechanisms in place for protecting consumer personal information. Failure to do so can often result in stiff penalties. Leading the way in 2002, the state of California enacted a bill named Senate Bill 1386 which has strict consumer protection rules for companies that do business in that state. Many other states have enacted similar laws.
Most of these laws require an individual to be timely notified when his or her personal information is compromised by a security breach (e.g. if a hacker gained access to an account database or if a tape backup was lost). This will allow the individual to take steps to protect himself or herself against identity theft. To see if your state or country has a similar law enacted, you can review one of the following web sites:
United States - http://www.ncsl.org/programs/lis/cip/priv/breach.htm
Canada - http://www.privcom.gc.ca/legislation/02_06_01_e.asp
Europe - http://ec.europa.eu
PCI Data Security
The Payment Card Industry (PCI) has developed a data security standard for protecting cardholder information (e.g. credit card numbers). This standard encompasses a wide array of recommended security mechanisms, including firewalls, password policies, encryption and key management. Click here to view the PCI data security standards.
Title II of HIPAA, the Administrative Simplification (AS) provisions, establishes national standards for addressing the security and privacy of health data. It establishes regulations for the use and disclosure of any information concerning health status, provision of health care, or payment for health care that can be linked to an individual.
The Sarbanes-Oxley legislation is wide ranging and establishes new or enhanced standards for all U.S. public companies and public accounting firms. As a result of this legislation, IT departments must place strict controls and mechanisms in place to provide for the security, accuracy and the reliability of the systems that manage and report financial data.
Gramm-Leach-Bliley Act or GLB Act, includes provisions to protect consumers’ personal financial information held by financial institutions. The GLB Act is administered and enforced by State and Federal agencies. Under the GLB Act, financial institutions must show proof of their efforts to protect their customers’ financial information.
GoAnywhere Director can be installed onto Windows, VMware, Linux, IBM i, AIX (pSeries), UNIX, HP-UX, Mac OS and Solaris platforms. IBM i is also referred to as System i, iSeries, as400, as/400 and i5.