The Regulatory framework and VoIP. Merijn Schik, DG INFOSOC
|
|
- Samantha Fleming
- 8 years ago
- Views:
Transcription
1 The Regulatory framework and VoIP Merijn Schik, DG INFOSOC
2 Disclaimer This presentation is personal to its author and does not necessarily reflect the official position of the Commission No inferences should be drawn from this presentation as to the precise form or content of future measures to be submitted by the Commission. The Commission accepts no responsibility or liability whatsoever with regard to any information or data referred to in this document 2
3 Introduction VoIP increasingly popular both with consumers and businesses Cost efficient alternative for traditional telephony services Traditional telco s and new players compete for end user preferences VoIP creates certain (regulatory) challenges re. privacy and security 3
4 VoIP services VoIP services may include: - peer to peer communication (voice/im) - PSTN-IP transfer of calls (e.g. Skype in/out) - streaming video - voic services - directory look up - provision of software/equipment 4
5 VoIP threats VoIP = voice over the internet protocol hence subjected to attacks relating to both elements e.g: - eavesdropping - modification - misrepresentation - spam - denial of service - loss of electrical power 5
6 General safeguards Privacy and security relies on: End users: risk awareness, use of firewalls, antivirus/spyware software; regular updates of application software; common sense Commercial incentives: security/privacy safeguards as a competitive edge throughout the supply chain Enforcement efforts by competent authorities (DPA s, police, regulators) Legal obligations: security of electronic communication networks/services, data protection, (general rules on criminal activities and tort) 6
7 EU Legal Framework Under the General Data Protection Directive (95/46/EC), all undertakings that process personal data are obliged to take measures to protect such data against loss, alteration, and unauthorized disclosure or access in particular where the processing involves the transmission of data over a network (..). The e-privacy Directive (2002/58/EC) complements the GDP; it specifically applies to processing of personal data in connection with the provision of publicly available electronic communication services in public communication networks in the Community. 7
8 Applicability to VoIP The e-privacy Directive applies where services that imply the processing of personal data qualify as electronic communication services (ECS) being "normally provided for remuneration consisting wholly or mainly in the conveyance of signals on electronic communication networks" (art. 2 FD) Where no ECS is provided the General Data Protection Directive applies to the processing of personal data 8
9 Provisions on privacy 1) E-Privacy Directive (artt. 5-12) Specific rules for electronic communications - security - confidentiality of communications - traffic data - location data - non itemised billing - calling line identification - directory services 9
10 Provisions on privacy 2) General Data Protection Directive e.g. Harmonized rules on data protection to ensure free flow of personal data across the EU - purpose limitation - fair processing - information - right to object 10
11 Provisions on privacy 3) VoIP providers have to take appropriate technological and organisational measures to safeguard security of their services (art 4 EPD, 17 GPD). Examples of security measures - encryption - authentication - access control - user information - security audits 11
12 Review proposals 1) Network operators and service provider to i. notify the NRA of any breach of security that led to the loss of personal data and/or to interruptions in the continuity of service supply. ii. notify their customers of any breach of security leading to the loss, modification, access or destruction of personal customer data 2) NRAs to have the power to ensure operators implement adequate security policies or emergency plans, based on Recommendation agreed at EU level. Sanction non compliant companies. 3) Future proof network integrity requirements beyond PSTN 12
13 Summary End user awareness, business solutions and enforcement efforts are key for successful overall VoIP deployment VoIP providers are subject to applicable data protection provisions depending on the service VoIP providers are required to take technological and organisational measures to ensure security of their networks and services. EC proposes to reinforce requirements relating to privacy, security and network integrity (subject to public consultation until 27 October) 13
Privacy and Electronic Communications Regulations
ICO lo Notification of PECR security breaches Privacy and Electronic Communications Regulations Contents Introduction... 2 Overview... 2 Relevant security breaches... 3 What is a service provider?... 3
More informationcommitted to Europe Digital Communication Services need new rules March 2014
Digital Communication Services need new rules March 2014 Marc Lebourges Disclaimer: Views of the speaker, not necessarily views of Orange committed to Europe Policies and Regulations : What is it about?
More informationIngate Firewall/SIParator SIP Security for the Enterprise
Ingate Firewall/SIParator SIP Security for the Enterprise Ingate Systems February, 2013 Ingate Systems AB (publ) Tel: +46 8 600 77 50 BACKGROUND... 1 1 NETWORK SECURITY... 2 2 WHY IS VOIP SECURITY IMPORTANT?...
More informationArticle 29 Working Party Issues Opinion on Cloud Computing
Client Alert Global Regulatory Enforcement If you have questions or would like additional information on the material covered in this Alert, please contact one of the authors: Cynthia O Donoghue Partner,
More informationCompliance and Unified Communication
Compliance and Unified Communication January 2015 [Type text] There are two topics that should be uppermost in every CISO's mind, how to address the growing demand for Unified Communications (UC) and how
More informationChap. 1: Introduction
Chap. 1: Introduction Introduction Services, Mechanisms, and Attacks The OSI Security Architecture Cryptography 1 1 Introduction Computer Security the generic name for the collection of tools designed
More informationKorean National Protection Profile for Voice over IP Firewall V1.0 Certification Report
KECS-CR-16-36 Korean National Protection Profile for Voice over IP Firewall V1.0 Certification Report Certification No.: KECS-PP-0717-2016 2016. 6. 10 IT Security Certification Center History of Creation
More informationIntroduction to HIPAA Compliance Checklist:
Introduction to HIPAA Compliance Checklist: HIPAA Compliance Checklist The following is a comprehensive HIPAA Compliance Checklist created to provide guidance to treatment providers utilizing voice and
More informationCryptography and Network Security
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Shinu Mathew John http://shinu.info/ Chapter 1 Introduction http://shinu.info/ 2 Background Information Security requirements
More informationIP network. Collaboration of Governments and private sector, its impact on the success of Internet
IP network Day one Collaboration of Governments and private sector, its impact on the success of Internet IP applications services definitions Differences between IP networks and PSTN The European policies
More informationDATA RETENTION REPORT
DATA RETENTION REPORT 12 February 2010 1 TABLE OF CONTENTS I. INTRODUCTION... 3 Overview of national legislation... 3 Methodology followed... 5 Adoption of the data retention executive act... 6 II. ANALYSIS...
More informationVoice over Internet Protocol. Kristie Prinz. The Prinz Law Office
Voice over Internet Protocol Kristie Prinz The Prinz Law Office I. What is Voice over Internet Protocol ( VoIP )? Voice over Internet Protocol ( VoIP ) is a technology, which facilitates the transmission
More informationVOIP for Telerehabilitation: A Risk Analysis for Privacy, Security, and HIPAA Compliance
VOIP for Telerehabilitation: A Risk Analysis for Privacy, Security, and HIPAA Compliance Valerie J.M. Watzlaf, PhD, RHIA, FAHIMA, Sohrab Moeini, MS, and Patti Firouzan, MS, RHIA Department of Health Information
More informationFINAL May 2005. Guideline on Security Systems for Safeguarding Customer Information
FINAL May 2005 Guideline on Security Systems for Safeguarding Customer Information Table of Contents 1 Introduction 1 1.1 Purpose of Guideline 1 2 Definitions 2 3 Internal Controls and Procedures 2 3.1
More informationVoIP and IP-IC Regulatory aspects
VoIP and IP-IC Regulatory aspects Giovanni Santella g.santella@agcom.it What is VoIP? VoIP call scenarios (1) PC-to-PC PC-to-Phone VoIP call scenarios (2) Phone-to-Phone The value chain for the provision
More informationSecuring SIP Trunks APPLICATION NOTE. www.sipera.com
APPLICATION NOTE Securing SIP Trunks SIP Trunks are offered by Internet Telephony Service Providers (ITSPs) to connect an enterprise s IP PBX to the traditional Public Switched Telephone Network (PSTN)
More informationT.38 fax transmission over Internet Security FAQ
August 17, 2011 T.38 fax transmission over Internet Security FAQ Give me a rundown on the basics of T.38 Fax over IP security. Real time faxing using T.38 SIP trunks is just as secure as sending faxes
More informationThe potential legal consequences of a personal data breach
The potential legal consequences of a personal data breach Tue Goldschmieding, Partner 16 April 2015 The potential legal consequences of a personal data breach 15 April 2015 Contents 1. Definitions 2.
More informationHIPAA Security Alert
Shipman & Goodwin LLP HIPAA Security Alert July 2008 EXECUTIVE GUIDANCE HIPAA SECURITY COMPLIANCE How would your organization s senior management respond to CMS or OIG inquiries about health information
More informationInformation System Security
Information System Security Chapter 1:Introduction Dr. Lo ai Tawalbeh Faculty of Information system and Technology, The Arab Academy for Banking and Financial Sciences. Jordan Chapter 1 Introduction The
More informationContent Teaching Academy at James Madison University
Content Teaching Academy at James Madison University 1 2 The Battle Field: Computers, LANs & Internetworks 3 Definitions Computer Security - generic name for the collection of tools designed to protect
More informationSolutions for Health Insurance Portability and Accountability Act (HIPAA) Compliance
White Paper Solutions for Health Insurance Portability and Accountability Act (HIPAA) Compliance Troy Herrera Sr. Field Solutions Manager Juniper Networks, Inc. 1194 North Mathilda Avenue Sunnyvale, CA
More informationNotes on Network Security - Introduction
Notes on Network Security - Introduction Security comes in all shapes and sizes, ranging from problems with software on a computer, to the integrity of messages and emails being sent on the Internet. Network
More informationAPPLICATION OF THE NEW EU REGULATORY FRAMEWORK TO IP TELEPHONY
Electronic Communications Committee (ECC) within the European Conference of Postal and Telecommunications Administrations (CEPT) APPLICATION OF THE NEW EU REGULATORY FRAMEWORK TO IP TELEPHONY Paris, March
More informationAdvanced Topics in Distributed Systems. Dr. Ayman Abdel-Hamid Computer Science Department Virginia Tech
Advanced Topics in Distributed Systems Dr. Ayman Abdel-Hamid Computer Science Department Virginia Tech Security Introduction Based on Ch1, Cryptography and Network Security 4 th Ed Security Dr. Ayman Abdel-Hamid,
More informationSecuring Unified Communications for Healthcare
Securing Unified Communications for Healthcare Table of Contents Securing UC A Unique Process... 2 Fundamental Components of a Healthcare UC Security Architecture... 3 Making Unified Communications Secure
More information544 Computer and Network Security
544 Computer and Network Security Section 1: Introduction Dr. E.C. Kulasekere Sri Lanka Institute of Information Technology - 2005 Background Information Security requirements have changed in recent times
More informationNetwork Security Policy
Network Security Policy I. PURPOSE Attacks and security incidents constitute a risk to the University's academic mission. The loss or corruption of data or unauthorized disclosure of information on campus
More informationMANAGED FILE TRANSFER: 10 STEPS TO SOX COMPLIANCE
WHITE PAPER MANAGED FILE TRANSFER: 10 STEPS TO SOX COMPLIANCE 1. OVERVIEW Do you want to design a file transfer process that is secure? Or one that is compliant? Of course, the answer is both. But it s
More informationSecurity & Reliability in VoIP Solution
Security & Reliability in VoIP Solution July 19 th, 2006 Ram Ayyakad ram@ranchnetworks.com About My background Founder, Ranch Networks 20 years experience in the telecom industry Part of of architecture
More information1. Introduction. 2. Sectoral Areas Affected. 3. Data Security. 4. Data Breach Requirements. 5. Traffic Data
1. Introduction Special data protection rules apply to the protection of Personal Data by Data Controllers in the electronic communications sector. These are in addition to the general obligations that
More informationOur Commitment to Information Security
Our Commitment to Information Security What is HIPPA? Health Insurance Portability and Accountability Act 1996 The HIPAA Privacy regulations require health care providers and organizations, as well as
More informationService Schedule 2 MS Lync Terms & Conditions v1.0
Service Schedule 2 MS Lync Terms & Conditions v1.0 Overriding provisions All quotations are made and all orders are accepted subject to these conditions ( these Schedule Terms ) and our Active Support
More informationVoIP Regulation Klaus Nieminen Helsinki University of Technology klaus.nieminen@hut.fi
VoIP Regulation Klaus Nieminen Helsinki University of Technology klaus.nieminen@hut.fi Abstract Voice over IP (VoIP) is currently the uppermost telecommunication regulatory question globally. The purpose
More informationTEMPLE UNIVERSITY POLICIES AND PROCEDURES MANUAL
TEMPLE UNIVERSITY POLICIES AND PROCEDURES MANUAL Title: Computer and Network Security Policy Policy Number: 04.72.12 Effective Date: November 4, 2003 Issuing Authority: Office of the Vice President for
More informationSERIES A : GUIDANCE DOCUMENTS. Document Nr 3
DATRET/EXPGRP (2009) 3 - FINAL EXPERTS GROUP "THE PLATFORM FOR ELECTRONIC DATA RETENTION FOR THE INVESTIGATION, DETECTION AND PROSECUTION OF SERIOUS CRIME" ESTABLISHED BY COMMISSION DECISION 2008/324/EC
More informationUGANDA REVENUE AUTHORITY TERMS AND CONDITIONS FOR WEB PORTAL USE
1. DISCLAIMER NOTICE UGANDA REVENUE AUTHORITY TERMS AND CONDITIONS FOR WEB PORTAL USE The information provided by UGANDA REVENUE AUTHORITY (URA) on the web portal relating to products and services (or
More informationVoIP Resilience and Security Jim Credland
VoIP Resilience and Security Jim Credland About THUS plc Provider and user of VoIP and Soft Switch technologies Developing Enterprise Security Standards NISCC VoIP Working Group Security Considerations
More informationLegal Aspects of the MonIKA-Project - Privacy meets Cybersecurity
Legal Aspects of the MonIKA-Project - Privacy meets Cybersecurity Sebastian Meissner Security Incident Information Sharing Workshop Berlin, 26.07.2013 Introduction Opening question Privacy & cybersecurity:
More informationBEFORE THE BOARD OF COUNTY COMMISSIONERS FOR MULTNOMAH COUNTY, OREGON RESOLUTION NO. 05-050
BEFORE THE BOARD OF COUNTY COMMISSIONERS FOR MULTNOMAH COUNTY, OREGON RESOLUTION NO. 05-050 Adopting Multnomah County HIPAA Security Policies and Directing the Appointment of Information System Security
More informationInformation Security Risks when going cloud. How to deal with data security: an EU perspective.
Separating fact from fiction about new software licensing /SaaS/ cloud computing models: advantages, disadvantages and ethical implications. Information Security Risks when going cloud. How to deal with
More informationHealthcare Security and HIPAA Compliance with A10
WHITE PAPER Healthcare Security and HIPAA Compliance with A10 Contents Moving Medicine to the Cloud: the HIPAA Challenge...3 HIPAA History and Standards...3 HIPAA Compliance and the A10 Solution...4 164.308
More informationData Processing Agreement for Oracle Cloud Services
Data Processing Agreement for Oracle Cloud Services Version December 1, 2013 1. Scope and order of precedence This is an agreement concerning the Processing of Personal Data as part of Oracle s Cloud Services
More informationImplementing VoIP monitoring solutions. Deployment note
Implementing VoIP monitoring solutions Deployment note Introduction With VoIP being an integral part of modern day business communications, enterprises are placing greater emphasis on the monitoring and
More informationCPSC 467: Cryptography and Computer Security
CPSC 467: Cryptography and Computer Security Michael J. Fischer Lecture 1 September 2, 2015 CPSC 467, Lecture 1 1/13 Protecting Information Information security Security principles Crypto as a security
More informationINSTANT MESSAGING SECURITY
INSTANT MESSAGING SECURITY February 2008 The Government of the Hong Kong Special Administrative Region The contents of this document remain the property of, and may not be reproduced in whole or in part
More informationII-105 Acceptable Use of Information Resources
Children's Hospital Medical Center Online Policies II-105 Acceptable Use of Information Resources Original Date: 4/20/2005 Last Review Date: 5/12/2008 Purpose Users must not misuse corporate systems in
More informationEnrollment for Education Solutions Addendum Microsoft Online Services Agreement Amendment 10 EES17 --------------
w Microsoft Volume Licensing Enrollment for Education Solutions Addendum Microsoft Online Services Agreement Amendment 10 Enrollment for Education Solutions number Microsoft to complete --------------
More informationDraft ITU-T Recommendation X.805 (Formerly X.css), Security architecture for systems providing end-to-end communications
Draft ITU-T Recommendation X.805 (Formerly X.css), architecture for systems providing end-to-end communications Summary This Recommendation defines the general security-related architectural elements that
More informationSIP Trunking with Microsoft Office Communication Server 2007 R2
SIP Trunking with Microsoft Office Communication Server 2007 R2 A Dell Technical White Paper By Farrukh Noman Dell Product Group - Enterprise THIS WHITE PAPER IS FOR INFORMATIONAL PURPOSES ONLY, AND MAY
More informationProcessor Binding Corporate Rules (BCRs), for intra-group transfers of personal data to non EEA countries
Processor Binding Corporate Rules (BCRs), for intra-group transfers of personal data to non EEA countries Sopra HR Software as a Data Processor Sopra HR Software, 2014 / Ref. : 20141120-101114-m 1/32 1.
More informationECSA EuroCloud Star Audit Data Privacy Audit Guide
ECSA EuroCloud Star Audit Data Privacy Audit Guide Page 1 of 15 Table of contents Introduction... 3 ECSA Data Privacy Rules... 4 Governing Law... 6 Sub processing... 6 A. TOMs: Cloud Service... 7 TOMs:
More informationThe Impact of EU Data Protection Legislation. Thomas Rivera Hitachi Data Systems
Privacy PRESENTATION vs Data TITLE Protection: GOES HERE The Impact of EU Data Protection Legislation Thomas Rivera Hitachi Data Systems SNIA Legal Notice The material contained in this tutorial is copyrighted
More informationMicrosoft Online Subscription Agreement/Open Program License Amendment Microsoft Online Services Security Amendment Amendment ID MOS10
Microsoft Online Subscription Agreement/Open Program License Amendment Microsoft Online Services Security Amendment Amendment ID This Microsoft Online Services Security Amendment ( Amendment ) is between
More informationEuropean Commission Consultation document on Voice over IP
STELLUNGNAHME European Commission Consultation document on Voice over IP This paper provides the eco comment on the European Commission consultation document. eco is the association of German internet
More informationLecture II : Communication Security Services
Lecture II : Communication Security Services Internet Security: Principles & Practices John K. Zao, PhD (Harvard) SMIEEE Computer Science Department, National Chiao Tung University 2 What is Communication
More informationVoice Over IP Technology. Zlatko Jovanovic. International Academy of Design and Technology
Voice Over IP Technology Zlatko Jovanovic International Academy of Design and Technology Abstract New technologies often give us new, different way of doing things, than we are used to. One of the new
More informationORDER 1370.108. National Policy. Effective Date 09/21/09. Voice Over Internet Protocol (VoIP) Security Policy SUBJ:
National Policy ORDER 1370.108 Effective Date 09/21/09 SUBJ: Voice Over Internet Protocol (VoIP) Security Policy 1. Purpose of This Order. This Order establishes the Federal Aviation Administration s (FAA)
More informationPrivacy & Security Matters: Protecting Personal Data. Privacy & Security Project
Privacy & Security Matters: Protecting Personal Data Privacy & Security Project HIPAA: What it is Health Insurance Portability and Accountability Act of 1996 Also known as Kennedy-Kassebaum Act Legislation
More informationHIPAA Business Associate Agreement
HIPAA Business Associate Agreement If Customer is a Covered Entity or a Business Associate and includes Protected Health Information in Customer Data (as such terms are defined below), execution of a license
More informationProcedure for Managing a Privacy Breach
Procedure for Managing a Privacy Breach (From the Privacy Policy and Procedures available at: http://www.mun.ca/policy/site/view/index.php?privacy ) A privacy breach occurs when there is unauthorized access
More informationSubject: Safety and Soundness Standards for Information
OFHEO Director's Advisory Policy Guidance Issuance Date: December 19, 2001 Doc. #: PG-01-002 Subject: Safety and Soundness Standards for Information To: Chief Executive Officers of Fannie Mae and Freddie
More informationInformation Security Basic Concepts
Information Security Basic Concepts 1 What is security in general Security is about protecting assets from damage or harm Focuses on all types of assets Example: your body, possessions, the environment,
More informationTable: Security Services (X.800)
SECURIT SERVICES X.800 defines a security service as a service provided by a protocol layer of communicating open systems, which ensures adequate security of the systems or of data transfers. Also the
More informationREGULATIONS FOR THE SECURITY OF INTERNET BANKING
REGULATIONS FOR THE SECURITY OF INTERNET BANKING PAYMENT SYSTEMS DEPARTMENT STATE BANK OF PAKISTAN Table of Contents PREFACE... 3 DEFINITIONS... 4 1. SCOPE OF THE REGULATIONS... 6 2. INTERNET BANKING SECURITY
More informationensure prompt restart of critical applications and business activities in a timely manner following an emergency or disaster
Security Standards Symantec shall maintain administrative, technical, and physical safeguards for the Symantec Network designed to (i) protect the security and integrity of the Symantec Network, and (ii)
More informationNetwork & Information Security Policy
Policy Version: 2.1 Approved: 02/20/2015 Effective: 03/02/2015 Table of Contents I. Purpose................... 1 II. Scope.................... 1 III. Roles and Responsibilities............. 1 IV. Risk
More informationPrivacy vs Data Protection. PRESENTATION TITLE GOES HERE Eric A. Hibbard, CISSP, CISA Hitachi Data Systems
Privacy vs Data Protection PRESENTATION TITLE GOES HERE Eric A. Hibbard, CISSP, CISA Hitachi Data Systems Introduction The terms privacy and data protection are often used interchangeable In reality they
More informationThe treatment of Voice over Internet Protocol (VoIP) under the EU Regulatory Framework
The treatment of Voice over Internet Protocol (VoIP) under the EU Regulatory Framework Response from the UK s Internet Telephony Service Providers Association (ITSPA) About ITSPA This response is on behalf
More informationNorthwest Community Communications, Inc. Broadband Internet Access Services. Network Management Practices, Performance Characteristics, and
Northwest Community Communications, Inc. Broadband Internet Access Services Network Management Practices, Performance Characteristics, and Commercial Terms and Conditions for Fixed Services Northwest Community
More informationThese practices, characteristics, terms and conditions are effective as of November 20, 2011.
Norvado Broadband Internet Access Services Network Management Practices, Performance Characteristics, and Commercial Terms and Conditions for Fixed Services Norvado ( the Company ) has adopted the following
More informationBest Practices for Network Security. Name. University/College. Unit Name. Unit Code. Lecturer
1 Best Practices for Network Security Name University/College Unit Name Unit Code Lecturer 27 March 2014 2 Outline Introduction...3 Developing Network Security Best Practices...5 I. The Pillars of network
More informationSecure VoIP for optimal business communication
White Paper Secure VoIP for optimal business communication Learn how to create a secure environment for real-time audio, video and data communication over IP based networks. Andreas Åsander Manager, Product
More informationCOUNCIL OF THE EUROPEAN UNION. Brussels, 24 February 2005 6566/05 LIMITE COPEN 35 TELECOM 10
COUNCIL OF THE EUROPEAN UNION Brussels, 24 February 2005 6566/05 LIMITE COPEN 35 TELECOM 0 REPORT from : Working Party on cooperation in criminal matters to : Article 36 Committee No. prev. doc. : 5098/04
More informationZIMPERIUM, INC. END USER LICENSE TERMS
ZIMPERIUM, INC. END USER LICENSE TERMS THIS DOCUMENT IS A LEGAL CONTRACT. PLEASE READ IT CAREFULLY. These End User License Terms ( Terms ) govern your access to and use of the zanti and zips client- side
More informationHow To Regulate Voice Over Internet Protocol (Voip) In The Uk
Introduction This note is intended to provide informal guidance for companies who are using Voice over Internet Protocol (VoIP) technology to deliver communications services to customers. The guidance
More informationPrivacy Policy. February, 2015 Page: 1
February, 2015 Page: 1 Revision History Revision # Date Author Sections Altered Approval/Date Rev 1.0 02/15/15 Ben Price New Document Rev 1.1 07/24/15 Ben Price Verify Privacy Grid Requirements are met
More informationGuidance Regarding Skype and Other P2P VoIP Solutions
Guidance Regarding Skype and Other P2P VoIP Solutions Ver. 1.1 June 2012 Guidance Regarding Skype and Other P2P VoIP Solutions Scope This paper relates to the use of peer-to-peer (P2P) VoIP protocols,
More informationINFORMATION TECHNOLOGY ENGINEER V
1464 INFORMATION TECHNOLOGY ENGINEER V NATURE AND VARIETY OF WORK This is senior level lead administrative, professional and technical engineering work creating, implementing, and maintaining the County
More informationVOIP Security Essentials. Jeff Waldron
VOIP Security Essentials Jeff Waldron Traditional PSTN PSTN (Public Switched Telephone Network) has been maintained as a closed network, where access is limited to carriers and service providers. Entry
More informationMCOLES Information and Tracking Network. Security Policy. Version 2.0
MCOLES Information and Tracking Network Security Policy Version 2.0 Adopted: September 11, 2003 Effective: September 11, 2003 Amended: September 12, 2007 1.0 POLICY STATEMENT The Michigan Commission on
More informationBuilding the Lync Security Eco System in the Cloud Fact Sheet.
Building the Lync Security Eco System in the Cloud Fact Sheet. [Type text] The need to secure all entries to the fastest growing Unified Communication application (UC) and allow for complete inter-operability
More informationTLS and SRTP for Skype Connect. Technical Datasheet
TLS and SRTP for Skype Connect Technical Datasheet Copyright Skype Limited 2011 Introducing TLS and SRTP Protocols help protect enterprise communications Skype Connect now provides Transport Layer Security
More informationWEB SERVICES SECURITY
WEB SERVICES SECURITY February 2008 The Government of the Hong Kong Special Administrative Region The contents of this document remain the property of, and may not be reproduced in whole or in part without
More informationCleveland Police. Data protection audit report. Executive summary November 2014
Cleveland Police Data protection audit report Executive summary November 2014 1. Background The Information Commissioner is responsible for enforcing and promoting compliance with the Data Protection Act
More informationPRIVACY AND DATA SECURITY MODULE
"This project has been funded under the fourth AAL call, AAL-2011-4. This publication [communication] reflects the views only of the author, and the Commission cannot be held responsible for any use which
More information7. Public Key Cryptosystems and Digital Signatures, 8. Firewalls, 9. Intrusion detection systems, 10. Biometric Security Systems, 11.
Content 1.Introduction to Data and Network Security. 2. Why secure your Network 3. How Much security do you need, 4. Communication of network systems, 5. Topology security, 6. Cryptosystems and Symmetric
More informationRecommendations for companies planning to use Cloud computing services
Recommendations for companies planning to use Cloud computing services From a legal standpoint, CNIL finds that Cloud computing raises a number of difficulties with regard to compliance with the legislation
More informationAPPROVED BY: DATE: NUMBER: PAGE: 1 of 9
1 of 9 PURPOSE: To define standards for appropriate and secure use of MCG Health electronic systems, specifically e-mail systems, Internet access, phones (static or mobile; including voice mail) wireless
More informationCambridgeshire Constabulary. Data protection audit report
Cambridgeshire Constabulary Data protection audit report Executive summary November 2014 1. Background The Information Commissioner is responsible for enforcing and promoting compliance with the Data Protection
More informationSafe and Secure Faxing with Dialogic Brooktrout Fax Boards
Small Logo Safe and Secure Faxing with Dialogic Brooktrout Fax Boards Executive Summary IT administrators look for solutions that balance the need for network security with those of reducing costs and
More informationHang Seng HSBCnet Security. May 2016
Hang Seng HSBCnet Security May 2016 1 Security The Bank aims to provide you with a robust, reliable and secure online environment in which to do business. We seek to achieve this through the adoption of
More informationA Technical Template for HIPAA Security Compliance
A Technical Template for HIPAA Security Compliance Peter J. Haigh, FHIMSS peter.haigh@verizon.com Thomas Welch, CISSP, CPP twelch@sendsecure.com Reproduction of this material is permitted, with attribution,
More informationCOSC 472 Network Security
COSC 472 Network Security Instructor: Dr. Enyue (Annie) Lu Office hours: http://faculty.salisbury.edu/~ealu/schedule.htm Office room: HS114 Email: ealu@salisbury.edu Course information: http://faculty.salisbury.edu/~ealu/cosc472/cosc472.html
More informationInformation Security: Roles, Responsibilities, and Data Classification. Technology Services 1/4/2013
Information Security: Roles, Responsibilities, and Data Classification Technology Services 1/4/2013 Roles, Responsibilities, and Data Classification The purpose of this session is to: Establish that all
More informationInformation Security and Electronic Communications Acceptable Use Policy (AUP)
Policy No.: AUP v2.0 Effective Date: August 16, 2004 Revision Date: January 17, 2013 Revision No.: 1 Approval jwv / mkb Information Security and Electronic Communications (AUP) 1. INTRODUCTION Southwestern
More informationChapter 6: Fundamental Cloud Security
Chapter 6: Fundamental Cloud Security Nora Almezeini MIS Department, CBA, KSU From Cloud Computing by Thomas Erl, Zaigham Mahmood, and Ricardo Puttini(ISBN: 0133387526) Copyright 2013 Arcitura Education,
More informationMANAGED FILE TRANSFER: 10 STEPS TO HIPAA/HITECH COMPLIANCE
WHITE PAPER MANAGED FILE TRANSFER: 10 STEPS TO HIPAA/HITECH COMPLIANCE 1. OVERVIEW Do you want to design a file transfer process that is secure? Or one that is compliant? Of course, the answer is both.
More informationAcceptable Use of Information Technology
Acceptable Use of Information Technology No.: 3501 Category: Information Technology Services Approving Body: Leadership Team Executive Division: Learning and Technology Services Department Responsible:
More information