Protecting Personally Identifiable Information (PII) Data Encryption for the Emergency Services Sector (ESS)
|
|
- Jeffery Joel McCoy
- 8 years ago
- Views:
Transcription
1 Protecting Personally Identifiable Information (PII) Data Encryption for the Emergency Services Sector (ESS)
2 FOREWORD In 2007, more than 79 million records were reported compromised in the U.S. according to the Identity Theft Resource Center. The scope and breath of data collected, stored, shared and/or disposed of by government agencies, is crucial and far-reaching. The highly interdependent nature of agencies within the Emergency Services Sector (ESS) necessitates the sharing of high-stakes information (often laden with personally identifiable information [PII]) across multiple cooperating agencies in real-time, which makes cyber security a major concern. Although some similarities exist, each discipline uses electronic systems differently, which combined with widely varying standards and resources, adds an additional layer of difficulty in securing data across the ESS. This ebook will review the basics of data encryption; data concerns specific to ESS; how data encryption addresses the unique data security challenges facing ESS, and key points to consider when building the case for data encryption. TABLE OF CONTENTS FOREWORD 1 INTRODUCTION 2 CHALLENGES FACING THE EMERGENCY SERVICES SECTOR 3 PROTECTING SENSITIVE DATA ACROSS MULTIPLE PLATFORMS 3 COMPLYING WITH PRIVACY LAW AND FEDERAL REGULATIONS 4 ENABLING SECURE SHARING OF DATA 5 DATA ENCRYPTION DEFINED 6 BENEFITS OF DATA ENCRYPTION 7 TOTAL COST OF OWNERSHIP (ESS) 8 WHAT TO LOOK FOR 9 READY TO LEARN MORE? 13 1
3 INTRODUCTION The Emergency Services Sector (ESS) includes five disciplines: Law Enforcement, Fire and Emergency Services, Emergency Management, Emergency Medical Services (EMS), and Public Works. These disciplines, and their personnel, work in close tandem with each other, with large numbers cross-trained to work in one or more other agencies. Data sharing is requisite to the sector, but variances in cyber usage are common from discipline to discipline. The very nature of the information collected by ESS agencies makes it very attractive to cyber criminals. Post-9/11 national directives to government agencies consistently underscore the need to achieve and maintain high levels of cyber security. Cyber security is defined by the 2009 U.S. National Infrastructure Protection Plan (NIPP) as: prevention of damage to, unauthorized use of, or exploitation of electronic information and communications systems and the information contained therein to ensure confidentiality, integrity, and availability. That directive, taken together with the vast amount of Personally Identifiable Information (PII) routinely collected by ESS, and the inherent complexity of IT and cyber systems, makes data security a serious concern for the sector. 2
4 CHALLENGES FACING THE EMERGENCY SERVICES SECTOR The ESS, the first-responder network of Federal, State, local, tribal, territorial, and private partners, functions to prevent and mitigate the risk from physical and cyberattacks, and manmade and natural disasters and provides life-safety and security services across the nation. In the course of normal operations, branches of the ESS come in contact with, collect, and share, large quantities of PII, which can be defined as: information which can be used to distinguish or trace an individual s identity, such as their name, social security number, biometric records, etc. This information may be gathered as part of an ongoing criminal investigation, may involve zero data-breach subjects (i.e., witness protection candidates, victims of domestic violence or child abuse, confidential patient information, informants, undercover officers, etc.), or contain evidence that could be linked to a future criminal investigation. In some instances, a data breach could compromise an entire investigation, impair a rescue operation, or worse, put people s lives at risk. As such, the nature of the information collected by ESS mandates the strictest of data security controls. The key challenges prompting the ESS to consider data protection solutions are the need to: Protect sensitive data and personal identifiable information (PII) on multiple platforms and devices Comply with privacy law and Federal regulations Enable secure sharing of data within ESS and with other Federal agencies If someone s identity were a whole pie, each piece of PII would be a slice. PROTECTING SENSITIVE DATA ACROSS MULTIPLE PLATFORMS Core ESS activities, such as emergency operations communications, database management, biometric activities, telecommunications, and electronic systems (e.g., security systems), are conducted via atrest and portable data systems and require vigorous data security controls. The ESS also operates in a highly mobile environment in which agents collect and disseminate highlysensitive information through a variety of portable electronic devices (e.g., USB keys, tablets, mobile devices, etc.). This information, however, can carry significantly higher stakes than information collected by other industries. For the ESS in particular, data integrity is paramount, as it can inform the actions of a suite of ESS and other Federal agencies and carry legal ramifications for a number of interested parties. 3
5 CHALLENGES FACING THE EMERGENCY SERVICES SECTOR COMPLYING WITH PRIVACY LAW AND FEDERAL REGULATIONS Information data breaches (the viewing, leaking, or accessing of data by anyone not the individual or authorized to have access to this information as part of his/her duties) have now become commonplace. In lieu of the elevated risks involved in a data breach for all government agencies, including the ESS, strict guidance and laws have been proposed and/or enacted. One example would be the existing U.S. Privacy Act of 1974, which has undergone revisions to ensure compliance with the emerging technology capabilities. U.S. Privacy law impacts records creation, file management for both active and inactive records, records protection, records access, and records retention and disposition. As an example, US ESS organizations have two privacy laws they must comply with which are The Privacy Act of 1974 and The E-Government Act of The Privacy Act of 1974 (U.S.) specifically provides strict limits on the maintenance and disclosure by any Federal agency of information both outside and under the rubric of PII, such as: education, financial transactions, medical history, and criminal or employment history and that contains [the] name, or the identifying number, symbol, or other identifying particular assigned to the individual, such as a finger or voice print or a photograph. The limited exceptions to this law still require strict recordkeeping on any disclosure. One common application of privacy law is the medical profession s adherence to HIPAA (the Health Insurance Portability and Accountability Act, which also applies to EMS), whose principal focus is protecting a patient s PII. The E-Government Act of 2002 (U.S.) was enacted to ensure public trust in electronic government services, in response to the increased use of computers and the Internet to process government information. The E-Government Act also directed the Office of Management and Budget (OMB) to issue implementation guidance to Federal agencies. OMB continually provides privacy such guidance to Federal agencies on many PII protection topics such as remote access to PII, encryption of PII on mobile devices, and breach notification. 4
6 CHALLENGES FACING THE EMERGENCY SERVICES SECTOR ENABLING SECURE SHARING OF DATA Another data security challenge specific to ESS is the highly mobile platform of its personnel: fire and emergency services, law enforcement, public works, emergency medical services, and emergency management personnel, are perpetually in the field. As such, data they collect, share and store has a greater chance of unauthorized access and or disclosure through being lost or stolen than if it were within the physical boundaries of the organization. The interrelated nature of each division of the sector, and the sharing of information throughout, creates strong ties of collaboration and cooperation, but carries a significant drawback: the more people and systems that access PII, the more opportunities for it to be compromised. While every piece of data ESS collects may not be classifiable as PII, even partially identifying data can be sufficient to identify an individual, due to the versatility of current re-identification algorithms. These algorithms can take a piece of data and combine it with other data elements to complete the puzzle, making any and all data collected and shared by ESS highly sensitive. Ironically, to operate at peak efficiency, ESS must be able to share sensitive data across all divisions, rapidly and continuously, which consequently makes that data even more vulnerable to unauthorized access. For example, in the U.S. Department of Homeland Security s (DHS) Emergency Services Sector- Specific Plan, An Annex to the National Infrastructure Protection Plan 2010, the DHS recognized that each ESS division has, and works to address, its own sectorspecific cyber-related issues, but also indicated that an integrated cross-sector The interrelated nature of ESS agencies necessitates greater controls to ensure data integrity. cyber-security perspective is needed to address mutual concerns and issues all agencies within ESS share. The DHS argued that such a crossfunctional approach would facilitate greater implementation of best practices in data security. Another example of such an initiative is the U.S. National Institute of Standards and Technology s (NIST) Guide to Protecting the Confidentiality of Personally Identifiable Information (PII), an exhaustive survey of data security best practices (including Federal guidance, regulations, and privacy law) for Federal agencies, of which data encryption for at-rest and mobile data storage devices, is a recurring component. The NIST s method for protecting PII, The Cryptographic Module Validation Program (CMVP), is operated jointly by the NIST Computer Security Division and the Communications Security Establishment (CSE) of the Government of Canada. The use of validated cryptographic modules is required by the United States Government for all unclassified uses of cryptography. The Government of Canada also recommends the use of FIPS 140 validated cryptographic modules in unclassified applications of its departments. Each country has their own Privacy and Data Protection policies that local ESS organizations need to adhere to. As a result many have turned to data encryption as one of the prime methods of securing critical PII data across their networks. 5
7 DATA ENCRYPTION DEFINED Data encryption refers to the process of transforming electronic information into a coded form that can only be read by those authorized to access it. To read an encrypted file, a user must have access to a secret key or password that enables them to decrypt it. The way in which an organization can protect their data encompasses a variety of options. The foundation or core group of options typically start with: Full Disk Encryption (FDE): Protects the entire hard disk (all sectors and volumes) and can only be accessed with a secure key. Removable Media Encryption (RME): The protection of all or a portion of a USB key, external hard drive, or similar removable media. File and Folder Encryption (FFE): Protection is associated with specific folder or files where they are encrypted with specific user access permissions, much like network permissions. There are a number of solutions available to fulfill virtually any data protection requirement, so before embarking on any new project, it s important to research and understand the options that work best for your unique situation. 6
8 BENEFITS OF DATA ENCRYPTION The US Privacy Act, PIPEDA, FERPA, and the Data Protection Acts of the United Kingdom and European Union have all defined the way that data can be used and the penalties for its mishandling. REGULATORY COMPLIANCE Data encryption enables organizations to better adhere to numerous local, state, federal and global privacy laws and regulations. DATA SECURITY Encrypting data provides protection for sensitive information whether it s stored on a desktop or laptop, a smartphone, tablet, removable storage media, an server or even the network, so in the event the device is lost or stolen, the information is protected. TRANSPARENCY Data encryption solutions enable agencies to run at their normal pace while the encryption solution silently secures critical data in the background. Some of the best data encryption options perform without the user even being aware. PEACE OF MIND Despite best efforts, data breaches can occur. Laptops and removable storage devices are prone to theft and loss. Data encryption protects critical assets if it falls into the wrong hands, and protects the integrity and credibility of your organization. The use of encryption provides a safe harbor in the event of a data breach. 7
9 TOTAL COST OF OWNERSHIP (ESS) The challenge with data security solutions for most organizations is trying to balance the expense of the solution against the productivity of the users. Maximizing that total cost of ownership (TCO) of the solution is critical. A recent study from the Ponemon Institute looked into what an encryption solution would cost an average organization per year. The results were shocking. What became apparent was that with features like pre-boot network authentication (WinMagic s PBConnex), data encryption solutions could help reduce TCO by not only managing encryption and security but improving the efficiency of other processes for IT Administrators such as support. Looking at typical costs associated with Password resets and device staging alone, the savings were staggering. Cost Savings with Pre-Boot Network Authentication Password Resets over 8,000 Users Cost of Password Reset WITHOUT Pre-Boot Network Authentication Cost of Password Reset WITH Pre-Boot Network Authentication PASSWORD RESET - SAVINGS Times per user per annum 3.3 STAGING AN FDE COMPUTER - SAVINGS Time to stage a computer with FDE 20 mins per machine Value of Tech and User Time for reset $8.10 Time to stage computer using Pre-Boot Network Authentication 5 mins per machine Total cost of password reset for user/tech per annum $26.70 Value of Tech time to stage machine $12.00 Savings with Pre-Boot Network Authentication Total Cost Saving in Password resets per organization of 5,000 devices $20.04 $100,200 Value Saved with Pre-Boot Network Authentication Size of Organization Total Cost Saving to stage a computer per organization $9.00 5,000 $45,000 8
10 WHAT TO LOOK FOR IN A BEST-IN-CLASS DATA ENCRYPTION PROVIDER 1 Before embarking on a data encryption initiative, you ll need to determine which provider can offer you the protection that best suits your needs. Obviously, there s a lot to think about, but by taking the time to select the INTEGRATION Look for a provider that has proven third party integration with hardware and software companies for optimal security offerings and increased functionality. Be sure they offer services for different operating systems and hardware, and mobile device management for devices like tablets and smart phones. 2 3 PRE-BOOT NETWORK BASED AUTHENTICATION Pre-boot network authentication (wired or wireless) utilizes network based resources to authenticate users, enforce access controls, and manage end point devices before the operating system loads. This approach to FDE management also results in significant cost savings for organizations by streamlining the time and cost associated with things such as password resets and device staging. This capability truly separates the best from the rest. right provider, you ll be poised for success as you move forward with your deployment. These are some key things to look for when seeking out a best-in-class data encryption solution. MULTI-PLATFORM/MULTI DEVICE MANAGEMENT 76 percent of employees today use more than one mobile device and cyber usage varies widely with the ESS sector. Ensure the provider you select can offer central management for systems running any operating system, whether it s Windows, Mac OS X or variants of Linux, Android, ios. Mobile device management offers the proof that information security officers require to ensure compliance with key sector regulations. 9
11 WHAT TO LOOK FOR IN A BEST-IN-CLASS DATA ENCRYPTION PROVIDER 4 SINGLE MANAGEMENT CONSOLE Monitoring and tracking devices from a single console supports the information system security division of each ESS agency in their operations, enables easy integration into accounts with laptops, desktops, tablets, smart phones, and SED devices, and supports full mobile device management. A central view of all devices reduces the need for desk side support calls because administrators can determine if a device is in a secure, compliant state, and if not, quickly contact the user to rectify the situation. 5 6 SUPPORT FOR SELF ENCRYPTING DRIVES (SEDS) While SED technology has improved the security of laptops and workstations, it does not require specific authentication during boot up, leaving data at risk. Providers on your short list should have the capability to centrally support users with SED devices and employ a pre boot authentication to ensure the drive is encrypted, compliant and functioning properly, while taking advantage of the transparency, performance and security that a SED offers. FILEVAULT MANAGEMENT OR FULL DISK ENCRYPTION FOR MAC OS Some organizations prefer to leverage the native encryption and security offered by Mac OS X s FileVault 2. Using a solution that supports FileVault 2 and offers centralized management to oversee all devices ensures you ve got the best of both worlds. 10
12 WE LL PROTECT YOU... WinMagic understands the data security challenges and changing needs of the ESS. In order to help effectively meet and adapt to the changing needs of the sector and the expectations of the public, WinMagic works closely with the ESS and other critical infrastructure and key resources (CIKR) sectors, such as the Department of Homeland Security (DOHS) and Department of Defense (DOD), to develop and deliver the most secure data encryption protection. SECUREDOC SecureDoc is a comprehensive disk encryption and data security solution that secures data at rest. It has two main components: the client software used to encrypt and protect data and the server software (SecureDoc Enterprise Server or SES) used to configure, deploy, and manage encryption for an entire organization. SecureDoc is FIPS validated, meeting U.S. NIST and Canadian CSE requirements and guidelines for data encryption and security. When you consider the relatively tiny cost of protecting each laptop to the potentially high cost associated with a single user losing their data, it is remarkable to think that every organization is not protecting information in this fashion. Installing encryption software makes perfect sense from both a data security and an ROI perspective. Andrew Labbo, Privacy and Data Security Officer and Information Security Manager, The Children s Hospital, Denver, Colorado 11
13 PBCONNEX SES WEB CONSOLE MOBILE DEVICE MANAGEMENT (MDM) FILEVAULT 2 SUPPORT SecureDoc with PBConnex is The SES web console provides a SecureDoc s MDM feature is a key SecureDoc offers one of the the only data encryption and web-based interface for SecureDoc component of the SES Web console, strongest Mac OS X FDE solutions management solution that allows Enterprise Server, WinMagic s offering government agencies available on the market today. For for pre-boot network authentication solution for centrally managing a holistic view to their status of customers that prefer to leverage either wired or wirelessly. encrypted devices in an enterprise their mobile devices, allowing the native encryption and security PBConnex utilizes network based environment. The SES web them to manage the deployment offered by Mac OS X s FileVault 2 resources to authenticate users, console supports many of the daily of Android and ios devices and solution, SecureDoc can manage enforce access controls, and administration features provided by also to ensure that the appropriate that as well. FileVault 2 enterprise manage end point devices before the SecureDoc Enterprise Server, security and password policies are management gives agencies the the operating system loads. This including user management, enforced. SecureDoc MDM offers flexibility to choose how they want unique and ground-breaking administrator management, the proof that IT administrators to encrypt and manage their Apple approach to FDE management also device management and recovery, require to ensure compliance with devices yes still have the ability to results in significant cost savings password management, and report key sector regulations while at the have all their devices managed by for organizations by streamlining management. It also includes a same time offering a strong solution SES s central management console. the time and cost associated with Mobile Device Management (MDM) for BYOD environments. things such as password resets server component. and device staging. In addition, multiple users can safely use the same device without ever putting confidential data at risk. 12
14 READY TO LEARN MORE? WinMagic provides the world s most secure, manageable and easy-to-use data encryption solutions. With a full complement of professional and customer services, WinMagic supports over five million SecureDoc users in approximately 84 countries. We can protect you too. For more information on SecureDoc Enterprise Server contact sales@winmagic.com or visit our website to access a number of valuable resources: PRODUCT PAGE WHITE PAPERS CONTACT WinMagic Inc. Phone: Fax: Toll Free: sales@winmagic.com SOCIAL MEDIA WANT TO TRY OUR SOFTWARE?
Protecting Student and Institutional Privacy Data Encryption for Education
20130311 Protecting Student and Institutional Privacy Data Encryption for Education FOREWORD Schools, colleges and universities are facing data security issues on a regular basis and the nature of their
More informationSecuring Corporate Data and Making Life Easier for the IT Admin Benefits of Pre Boot Network Authentication Technology
20140115 Securing Corporate Data and Making Life Easier for the IT Admin Benefits of Pre Boot Network Authentication Technology TABLE OF CONTENTS What s at risk for your organization? 2 Is your business
More informationA Guide to Managing Microsoft BitLocker in the Enterprise
20140410 A Guide to Managing Microsoft BitLocker in the Enterprise TABLE OF CONTENTS Introduction 2 Why You Can t Ignore Effective FDE 3 BitLocker by Default 4 BitLocker s Total Cost of Ownership 5 SecureDoc
More informationTop Five Ways to Protect Your Network. A MainNerve Whitepaper
A MainNerve Whitepaper Overview The data security challenges within the business world have never been as challenging as they are today. Not only must organizations providers comply with stringent State
More informationNew Drive Technologies Enable Strong Data Protection Strategies: Managing Self-Encrypting Drives in the Enterprise
New Drive Technologies Enable Strong Data Protection Strategies: Managing Self-Encrypting Drives in the Enterprise Contents Addressing Common Encryption Issues... 2 Always-On Encryption... 2 Timesavings...
More informationEncryption Buyers Guide
Encryption Buyers Guide Today your organization faces the dual challenges of keeping data safe without affecting user productivity. Encryption is one of the most effective ways to protect information from
More informationKaspersky Lab s Full Disk Encryption Technology
Kaspersky Lab s Full Disk Encryption Technology In the US alone, an estimated 12,000 laptops are lost or stolen each week. According to the Ponemon Institute, a laptop is stolen every 53 seconds; more
More informationYOUR DATA UNDER SIEGE. DEFEND IT WITH ENCRYPTION.
YOUR DATA UNDER SIEGE. DEFEND IT WITH ENCRYPTION. With Kaspersky, now you can. kaspersky.com/business Be Ready for What s Next Your Data Under Siege. Defend it with Encryption. 1.0 Keeping up with the
More informationDSHS CA Security For Providers
DSHS CA Security For Providers Pablo F Matute DSHS Children's Information Security Officer 7/21/2015 1 Data Categories: An Overview All DSHS-owned data falls into one of four categories: Category 1 - Public
More informationLeveraging innovative security solutions for government. Helping to protect government IT infrastructure, meet compliance demands and reduce costs
IBM Global Technology Services Leveraging innovative security solutions for government. Helping to protect government IT infrastructure, meet compliance demands and reduce costs Achieving a secure government
More informationWhy Email Encryption is Essential to the Safety of Your Business
Why Email Encryption is Essential to the Safety of Your Business What We ll Cover Email is Like a Postcard o The Cost of Unsecured Email 5 Steps to Implement Email Encryption o Know Your Compliance Regulations
More informationManaging BitLocker Encryption
Managing BitLocker Encryption WWW.CREDANT.COM Introduction Organizations are facing a data security crisis. Despite decades of investment in security, breaches of sensitive information continue to dominate
More informationSecureAge SecureDs Data Breach Prevention Solution
SecureAge SecureDs Data Breach Prevention Solution In recent years, major cases of data loss and data leaks are reported almost every week. These include high profile cases like US government losing personal
More informationNavigating Endpoint Encryption Technologies
Navigating Endpoint Encryption Technologies Whitepaper November 2010 THIS WHITE PAPER IS FOR INFORMATIONAL PURPOSES ONLY, AND MAY CONTAIN TYPOGRAPHICAL ERRORS AND TECHNICAL INACCURACIES. THE CONTENT IS
More informationFileDrawer An Enterprise File Sharing and Synchronization (EFSS) solution.
FileDrawer An Enterprise File Sharing and Synchronization (EFSS) solution. In today s world the potential for ready access to data from virtually any device over any type of network connection creates
More informationData Security in a Mobile, Cloud-Based World
Data Security in a Mobile, Cloud-Based World Jacob Buckley-Fortin CEO ehana What we ll cover Trends Risks Recommendations 1 Trends Mobile Has Taken Over Trend #1 2 3 450 million users worldwide Adopted
More informationFACT SHEET: Ransomware and HIPAA
FACT SHEET: Ransomware and HIPAA A recent U.S. Government interagency report indicates that, on average, there have been 4,000 daily ransomware attacks since early 2016 (a 300% increase over the 1,000
More informationSecureDoc for Mac v6.1. User Manual
SecureDoc for Mac v6.1 User Manual Copyright 1997-2012 by WinMagic Inc. All rights reserved. Printed in Canada Many products, software and technologies are subject to export control for both Canada and
More informationFull Drive Encryption Security Problem Definition - Encryption Engine
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 Full Drive Encryption Security Problem Definition - Encryption Engine Introduction for the FDE Collaborative Protection Profiles
More informationSecurity Architecture Whitepaper
Security Architecture Whitepaper 2015 by Network2Share Pty Ltd. All rights reserved. 1 Table of Contents CloudFileSync Security 1 Introduction 1 Data Security 2 Local Encryption - Data on the local computer
More informationBring Your Own Device Mobile Security
Abstract Energized by the capability of consumer mobile devices employees demanded them in the workplace. Information technology organizations had neither the time nor budget to satisfy employee demands.
More informationBest Practices for Protecting Laptop Data
Laptop Backup, Recovery, and Data Security: Protecting the Modern Mobile Workforce Today s fast-growing highly mobile workforce is placing new demands on IT. As data growth increases, and that data increasingly
More informationSymantec Endpoint Encryption Deployment Best Practices and Roadmap
Symantec Endpoint Encryption Deployment Best Practices and Roadmap Jon Allen Baylor University Chief Information Security Officer & Assistant Vice President Rene Kolga Symantec Principle Product Manager
More informationCloud Computing: A Question of Trust Maintaining Control and Compliance with Data-centric Information Security
Russ Dietz Vice President & Chief Technology Officer Cloud Computing: A Question of Trust Maintaining Control and Compliance with Data-centric Information Security By Russ Dietz Vice President & Chief
More informationEnsuring HIPAA Compliance with AcclaimVault Online Backup and Archiving Services
Ensuring HIPAA Compliance with AcclaimVault Online Backup and Archiving Services 1 Contents 3 Introduction 5 The HIPAA Security Rule 7 HIPAA Compliance & AcclaimVault Backup 8 AcclaimVault Security and
More informationRSA Solution Brief RSA. Encryption and Key Management Suite. RSA Solution Brief
RSA Encryption and Key Management Suite The threat of experiencing a data breach has never been greater. According to the Identity Theft Resource Center, since the beginning of 2008, the personal information
More informationSeagate Secure Technology
Seagate Secure Technology Marketing Bulletin Frequently Asked Questions What is the value of a self-encrypting drive (SED)? SEDs ensure user data can be quickly deleted (erased) using standard drive commands,
More informationHow to use the Alertsec Service to Achieve HIPAA Compliance for Your Organization
How to use the Alertsec Service to Achieve HIPAA Compliance for Your Organization Alertsec offers Cloud Managed - Policy Controlled - Security Modules for Ensuring Compliance at the Endpoints Contents
More informationData Encryption Demystified: Seven Common Misconceptions and the Solutions That Dispel Them
Data Encryption Demystified: Seven Common Misconceptions and the Solutions That Dispel Them 20120316 Table of Contents Prevalent encryption myths and misconceptions... 3 Myth #1: Passwords adequately protect
More informationThe Impact of HIPAA and HITECH
The Health Insurance Portability & Accountability Act (HIPAA), enacted 8/21/96, was created to protect the use, storage and transmission of patients healthcare information. This protects all forms of patients
More informationExcerpt of Cyber Security Policy/Standard S05-001. Information Security Standards
Excerpt of Cyber Security Policy/Standard S05-001 Information Security Standards Issue Date: April 4, 2005 Publication Date: April 4, 2005 Revision Date: March 30, 2007 William F. Pelgrin Director New
More informationCHOOSING THE RIGHT PORTABLE SECURITY DEVICE. A guideline to help your organization chose the Best Secure USB device
CHOOSING THE RIGHT PORTABLE SECURITY DEVICE A guideline to help your organization chose the Best Secure USB device Introduction USB devices are widely used and convenient because of their small size, huge
More informationSupporting FISMA and NIST SP 800-53 with Secure Managed File Transfer
IPSWITCH FILE TRANSFER WHITE PAPER Supporting FISMA and NIST SP 800-53 with Secure Managed File Transfer www.ipswitchft.com Adherence to United States government security standards can be complex to plan
More informationCloud Computing and the Federal Government: Maximizing Trust Supporting the Mission and Improving Assurance with Data-centric Information Security
Cloud Computing and the Federal Government: Maximizing Trust Supporting the Mission and Improving Assurance with Data-centric Information Security Table of Contents Executive Summary...3 Introduction...3
More informationPreemptive security solutions for healthcare
Helping to secure critical healthcare infrastructure from internal and external IT threats, ensuring business continuity and supporting compliance requirements. Preemptive security solutions for healthcare
More informationDeciphering the Code: A Simple Guide to Encryption
Deciphering the Code: A Simple Guide to Encryption By Anthony Merry, Director of Product Management - Data Protection A business s success is increasingly dependent on its ability to leverage its data.
More informationHow To Protect Your Mobile Devices From Security Threats
Back to the Future: Securing your Unwired Enterprise By Manoj Kumar Kunta, Global Practice Leader - Security Back to the Future: Securing your Unwired Enterprise The advent of smartphones and tablets has
More informationData Loss Prevention Whitepaper. When Mobile Device Management Isn t Enough. Your Device Here. Good supports hundreds of devices.
Data Loss Prevention Whitepaper When Mobile Device Management Isn t Enough Your Device Here. Good supports hundreds of devices. Contents Shifting Security Landscapes 3 Security Challenges to Enterprise
More informationSecuring Data at Rest ViSolve IT Security Team
Securing Data at Rest ViSolve IT Security Team 1 Table of Contents 1 Introduction... 3 2 Why Data at Rest needs to be secure?... 4 3 Securing Data... 4 3.1 Encryption - Access Control Approach... 5 3.1.1
More informationDisk Encryption. Aaron Howard IT Security Office
Disk Encryption Aaron Howard IT Security Office Types of Disk Encryption? Folder Encryption Volume or Full Disk Encryption OS / Boot Volume Data Volume Managed or Unmanaged Key Backup and Data Assurance
More informationWhat Consumers Believe About Cloud File Sharing & Why That s a Warning to IT Pros
20151019 What Consumers Believe About Cloud File Sharing & Why That s a Warning to IT Pros TABLE OF CONTENTS THE ELEPHANT IN THE ROOM 3 ADDRESSING EMPLOYEE CLOUD SECURITY PERCEPTIONS 4 1) COMPLETELY BLOCK
More informationFor Managing Central Deployment, Policy Management, Hot Revocation, Audit Facilities, and Safe Central Recovery.
Investment and Governance Division 614.995.9928 tel Ted Strickland, Governor 30 East Broad Street, 39 th Floor 614.644.9152 fax R. Steve Edmonson, Director / State Chief Information Officer Columbus, Ohio
More informationGlobal security intelligence. YoUR DAtA UnDeR siege: DeFenD it with encryption. #enterprisesec kaspersky.com/enterprise
Global security intelligence YoUR DAtA UnDeR siege: DeFenD it with encryption #enterprisesec kaspersky.com/enterprise Contents Your Data Under Siege: Defend it with Encryption 3 Steps Taken to Minimise
More informationDid security go out the door with your mobile workforce? Help protect your data and brand, and maintain compliance from the outside
Help protect your data and brand, and maintain compliance from the outside September 2006 Copyright 2006 Entrust. All rights reserved. Entrust is a registered trademark of Entrust, Inc. in the United States
More informationThe True Story of Data-At-Rest Encryption & the Cloud
The True Story of Data-At-Rest Encryption & the Cloud by Karen Scarfone Principal Consultant Scarfone Cybersecurity Sponsored by www.firehost.com (US) +1 844 682 2859 (UK) +44 800 500 3167 twitter.com/firehost
More informationHIPAA PRIVACY AND SECURITY AWARENESS. Covering Kids and Families of Indiana April 10, 2014
HIPAA PRIVACY AND SECURITY AWARENESS Covering Kids and Families of Indiana April 10, 2014 GOALS AND OBJECTIVES The goal is to provide information to you to promote personal responsibility and behaviors
More informationUsing BitLocker As Part Of A Customer Data Protection Program: Part 1
Using BitLocker As Part Of A Customer Data Protection Program: Part 1 Tech Tip by Philip Cox Source: searchsecuritychannel.com As an information security consultant, one of my jobs is to help my clients
More informationHands on, field experiences with BYOD. BYOD Seminar
Hands on, field experiences with BYOD. BYOD Seminar Brussel, 25 september 2012 Agenda Challenges RIsks Strategy Before We Begin Thom Schiltmans Deloitte Risk Services Security & Privacy Amstelveen tschiltmans@deloitte.nl
More informationComprehensive Endpoint Security
Comprehensive Endpoint Security Protecting Data-at-Rest Compliance with data and security regulations Joseph Belsanti Director, Marketing WinMagic Inc. Agenda Key Messages Company Snapshot Evaluation Criteria
More informationDHHS Information Technology (IT) Access Control Standard
DHHS Information Technology (IT) Access Control Standard Issue Date: October 1, 2013 Effective Date: October 1,2013 Revised Date: Number: DHHS-2013-001-B 1.0 Purpose and Objectives With the diversity of
More informationTOP FIVE RECOMMENDATIONS FOR ENCRYPTING LAPTOP DATA A BEST PRACTICES GUIDE
TOP FIVE RECOMMENDATIONS FOR ENCRYPTING LAPTOP DATA A BEST PRACTICES GUIDE TODAY S HIGHLY MOBILE WORKFORCE IS PLACING NEW DEMANDS ON IT TEAMS WHEN PROTECTING LAPTOP DATA To guard this corporate data at
More informationAIRDEFENSE SOLUTIONS PROTECT YOUR WIRELESS NETWORK AND YOUR CRITICAL DATA SECURITY AND COMPLIANCE
AIRDEFENSE SOLUTIONS PROTECT YOUR WIRELESS NETWORK AND YOUR CRITICAL DATA SECURITY AND COMPLIANCE THE CHALLENGE: SECURE THE OPEN AIR Wirelesss communication lets you take your business wherever your customers,
More informationAIRDEFENSE SOLUTIONS PROTECT YOUR WIRELESS NETWORK AND YOUR CRITICAL DATA SECURITY AND COMPLIANCE
AIRDEFENSE SOLUTIONS PROTECT YOUR WIRELESS NETWORK AND YOUR CRITICAL DATA SECURITY AND COMPLIANCE THE CHALLENGE: SECURE THE OPEN AIR Wirelesss communication lets you take your business wherever your customers,
More informationJOINT EXPLANATORY STATEMENT TO ACCOMPANY THE CYBERSECURITY ACT OF 2015
JOINT EXPLANATORY STATEMENT TO ACCOMPANY THE CYBERSECURITY ACT OF 2015 The following consists of the joint explanatory statement to accompany the Cybersecurity Act of 2015. This joint explanatory statement
More informationEnsuring HIPAA Compliance with Pros 4 Technology Online Backup and Archiving Services
Ensuring HIPAA Compliance with Pros 4 Technology Online Backup and Archiving Services Introduction Patient privacy has become a major topic of concern over the past several years. With the majority of
More informationSafeguarding Data Using Encryption. Matthew Scholl & Andrew Regenscheid Computer Security Division, ITL, NIST
Safeguarding Data Using Encryption Matthew Scholl & Andrew Regenscheid Computer Security Division, ITL, NIST What is Cryptography? Cryptography: The discipline that embodies principles, means, and methods
More informationHow To Manage A Mobile Device Management (Mdm) Solution
Mobile Device Management Buyers Guide IT departments should be perceived as the lubricant in the machine that powers an organization. BYOD is a great opportunity to make life easier for your users. But
More informationOdyssey Access Client FIPS Edition
Odyssey Access Client FIPS Edition Data Sheet Published Date July 2015 Product Overview The need today is greater than ever to ensure that systems are securely configured. Government agencies and secure
More informationMobile Device Security Is there an app for that?
Mobile Device Security Is there an app for that? Session Objectives. The security risks associated with mobile devices. Current UC policies and guidelines designed to mitigate these risks. An approach
More informationBring Your Own Device (BYOD) and Mobile Device Management. tekniqueit.com
Bring Your Own Device (BYOD) and Mobile Device Management tekniqueit.com Bring Your Own Device (BYOD) and Mobile Device Management People are starting to expect the ability to connect to public networks
More informationBring Your Own Device (BYOD) and Mobile Device Management. www.cognoscape.com
Bring Your Own Device (BYOD) and Mobile Device Management www.cognoscape.com Bring Your Own Device (BYOD) and Mobile Device Management People are starting to expect the ability to connect to public networks
More informationNeoscope www.neoscopeit.com 888.810.9077
Your law firm depends on intelligence. But can you count on your technology? You may not be in the intelligence technology business, but it s probably impossible to imagine your practice without IT. Today,
More informationCOMMONWEALTH OF PENNSYLVANIA DEPARTMENT S OF PUBLIC WELFARE, INSURANCE AND AGING
COMMONWEALTH OF PENNSYLVANIA DEPARTMENT S OF PUBLIC WELFARE, INSURANCE AND AGING INFORMATION TECHNOLOGY STANDARD Name Of Standard: Mobile Device Standard Domain: Security Date Issued: 09/07/2012 Date Revised:
More information7 VITAL FACTS ABOUT HEALTHCARE BREACHES. www.eset.com
7 VITAL FACTS ABOUT HEALTHCARE BREACHES www.eset.com 7 vital facts about healthcare breaches Essential information for protecting your business and your patients Large breaches of Personal Health Information
More informationEnterprise Information Security Procedures
GHL Network Services Ltd Enterprise Information Security Procedures Prepared By Nigel Gardner Date 16/11/09 1 Contents 1. Openwork s Information Security Policy...3 2. Enterprise Information Security Procedures...3
More informationWIRELESS LOCAL AREA NETWORK (WLAN) IMPLEMENTATION
United States Department of Agriculture Marketing and Regulatory Programs Grain Inspection, Packers and Stockyards Administration Directive GIPSA 3140.5 11/30/06 WIRELESS LOCAL AREA NETWORK (WLAN) IMPLEMENTATION
More informationEndpoint protection for physical and virtual desktops
datasheet Trend Micro officescan Endpoint protection for physical and virtual desktops In the bring-your-own-device (BYOD) environment, protecting your endpoints against ever-evolving threats has become
More informationEndpoint protection for physical and virtual desktops
datasheet Trend Micro officescan Endpoint protection for physical and virtual desktops In the bring-your-own-device (BYOD) environment, protecting your endpoints against ever-evolving threats has become
More informationBEST PRACTICE GUIDE TO ENCRYPTION.
BEST PRACTICE GUIDE TO ENCRYPTION. CONTENTS 1. INTRODUCTION...2 Page 2. BEST PRACTICE APPROACHES...3 3. POLICY FIRST TECHNOLOGY SECOND...4 4. FULL DISK ENCRYPTION OR FILE LEVEL ENCRYPTION?...5 5. ENFORCE
More informationIBM Data Security Services for endpoint data protection endpoint encryption solution
Protecting data on endpoint devices and removable media IBM Data Security Services for endpoint data protection endpoint encryption solution Highlights Secure data on endpoint devices Reap benefits such
More informationEmulexSecure 8Gb/s HBA Architecture Frequently Asked Questions
EmulexSecure 8Gb/s HBA Architecture Frequently Asked Questions Security and Encryption Overview... 2 1. What is encryption?... 2 2. What is the AES encryption standard?... 2 3. What is key management?...
More informationBring Your Own Device:
Bring Your Own Device: Finding the perfect balance between Security, Performance, Flexibility & Manageability SECURELINK WHITEPAPER 2012 By Frank Staut Management summary This white paper discusses some
More informationResearch Information Security Guideline
Research Information Security Guideline Introduction This document provides general information security guidelines when working with research data. The items in this guideline are divided into two different
More informationPolicies and Procedures Audit Checklist for HIPAA Privacy, Security, and Breach Notification
Policies and Procedures Audit Checklist for HIPAA Privacy, Security, and Breach Notification Type of Policy and Procedure Comments Completed Privacy Policy to Maintain and Update Notice of Privacy Practices
More informationMobile Device Management for CFAES
Mobile Device Management for CFAES What is Mobile Device Management? As smartphones and other mobile computing devices grow in popularity, management challenges related to device and data security are
More informationMobile Medical Devices and BYOD: Latest Legal Threat for Providers
Presenting a live 90-minute webinar with interactive Q&A Mobile Medical Devices and BYOD: Latest Legal Threat for Providers Developing a Comprehensive Usage Strategy to Safeguard Health Information and
More informationDell s Five Best Practices for Maximizing Mobility Benefits while Maintaining Compliance with Data Security and Privacy Regulations
Dell s Five Best Practices for Maximizing Mobility Benefits while Maintaining Compliance with Data Security and Privacy Regulations Inside ü Tips for deploying or expanding BYOD programs while remaining
More informationSupplier Information Security Addendum for GE Restricted Data
Supplier Information Security Addendum for GE Restricted Data This Supplier Information Security Addendum lists the security controls that GE Suppliers are required to adopt when accessing, processing,
More informationHIPAA Security Alert
Shipman & Goodwin LLP HIPAA Security Alert July 2008 EXECUTIVE GUIDANCE HIPAA SECURITY COMPLIANCE How would your organization s senior management respond to CMS or OIG inquiries about health information
More informationSecureDoc Disk Encryption Cryptographic Engine
SecureDoc Disk Encryption Cryptographic Engine FIPS 140-2 Non-Proprietary Security Policy Abstract: This document specifies Security Policy enforced by SecureDoc Cryptographic Engine compliant with the
More informationHow To Write A Mobile Device Policy
BYOD Policy Implementation Guide BYOD Three simple steps to legally secure and manage employee-owned devices within a corporate environment We won t bore you with the typical overview that speaks to the
More informationBEST PRACTICES IN BYOD
1 BEST PRACTICES IN BYOD Addressing BYOD Challenges in the Enterprise Whitepaper 2 Best Practices in BYOD Bring Your Own Device (BYOD) offers many potential advantages: enhanced productivity, increased
More informationFor your eyes only - Encryption and DLP Erkko Skantz
For your eyes only - Encryption and DLP Erkko Skantz Symantec Finland 1 USER PRODUCTIVITY INFORMATION MANAGEMENT DATA CENTER SECURITY 2 Focus on information 3 Today's System-Centric Enterprise Data Center
More informationAcceptable Encryption Usage for UTHSC
This document explains the acceptable use of encryption for the UTHSC system. It includes: acceptable encryption software, techniques, algorithms and instructions. Encryption methods and software are arranged
More informationTNC is an open architecture for network access control. If you re not sure what NAC is, we ll cover that in a second. For now, the main point here is
1 2 This slide shows the areas where TCG is developing standards. Each image corresponds to a TCG work group. In order to understand Trusted Network Connect, it s best to look at it in context with the
More informationHosting for Healthcare: ADDRESSING THE UNIQUE ISSUES OF HEALTH IT & ACHIEVING END-TO-END COMPLIANCE
Hosting for Healthcare: ADDRESSING THE UNIQUE ISSUES OF HEALTH IT & ACHIEVING END-TO-END COMPLIANCE [ Hosting for Healthcare: Addressing the Unique Issues of Health IT & Achieving End-to-End Compliance
More informationIdentity and Access Management Initiatives in the United States Government
Identity and Access Management Initiatives in the United States Government Executive Office of the President November 2008 Importance of Identity Management within the Federal Government "Trusted Identity"
More informationS E A h a w k C r y p t o M i l l CryptoMill Technologies Ltd. www.cryptomill.com
SEAhawk CryptoMill CryptoMill Technologies Ltd. www.cryptomill.com OVERVIEW S EAhawk is an endpoint and removable storage security solution for desktop PCs and laptops running the Microsoft Windows operating
More informationTechnical Safeguards is the third area of safeguard defined by the HIPAA Security Rule. The technical safeguards are intended to create policies and
Technical Safeguards is the third area of safeguard defined by the HIPAA Security Rule. The technical safeguards are intended to create policies and procedures to govern who has access to electronic protected
More informationHIPAA Compliance Review Analysis and Summary of Results
HIPAA Compliance Review Analysis and Summary of Results Centers for Medicare & Medicaid Services (CMS) Office of E-Health Standards and Services (OESS) Reviews 2008 Table of Contents Introduction 1 Risk
More informationThe Security Rule of The Health Insurance Portability and Accountability Act (HIPAA) Security Training
The Security Rule of The Health Insurance Portability and Accountability Act (HIPAA) Security Training Introduction The HIPAA Security Rule specifically requires training of all members of the workforce.
More informationSamsung SED Security in Collaboration with Wave Systems
Samsung SED Security in Collaboration with Wave Systems Safeguarding sensitive data with enhanced performance, robust security, and manageability Samsung Super-speed Drive Secure sensitive data economically
More informationBUSINESS PROTECTION. PERSONAL PRIVACY. ONE DEVICE.
BUSINESS PROTECTION. PERSONAL PRIVACY. ONE DEVICE. Enhanced Security for Your Network and Business Intelligence. Work Hard. Rest Easy. Today, employees are always on, which for you means always vulnerable.
More informationDRAFT Standard Statement Encryption
DRAFT Standard Statement Encryption Title: Encryption Standard Document Number: SS-70-006 Effective Date: x/x/2010 Published by: Department of Information Systems 1. Purpose Sensitive information held
More informationEnsuring HIPAA Compliance with eztechdirect Online Backup and Archiving Services
Ensuring HIPAA Compliance with eztechdirect Online Backup and Archiving Services Introduction Patient privacy continues to be a chief topic of concern as technology continues to evolve. Now that the majority
More informationCertification Report
Certification Report EAL 4 Evaluation of SecureDoc Disk Encryption Version 4.3C Issued by: Communications Security Establishment Certification Body Canadian Common Criteria Evaluation and Certification
More informationEndpoint data protection solutions for Healthcare
Endpoint data protection solutions for Healthcare Your patient data might be at risk Do your doctors use their smart phones, tablets, or personal computing devices for work in addition to their PC at the
More informationSecureD Technical Overview
WHITEPAPER: SecureD Technical Overview WHITEPAPER: SecureD Technical Overview CONTENTS section page 1 The Challenge to Protect Data at Rest 3 2 Hardware Data Encryption Provides Maximum Security 3 3 SecureD
More information