Which is more costly to a business? Spending the money to become compliant with federally mandated security regulations or remaining noncompliant?
A recent study by the Ponemon Institute compared the cost of complying with state and federal security regulations vs. the cost of potential business disruption, productivity loss, revenue loss, and fines. Read more about it here.
Check out the new cartoon “Bad Luck, Good Luck” starring the Kanguru Defender Elite. No chance for data thieves!
A number of these incidents involve laptops or USB hard drives. The rule of thumb should be: If it’s portable, it’s easy to steal.
GovInfoSecurity.com has a timeline of data breaches affecting US Financial Institutions in 2009. “Stolen or Missing Hardware” was cited in a number of the incidents, along with “Insider Theft”.
These data breaches could lead to penalties under a number of state laws. The FTC could also impose fines under the Gramm Leach Bliley Act (GLBA), which requires financial institutions to protect consumer data.
Version 2.2 of the Kanguru Remote Management Console (KRMC) has a new feature that will make provisioning secure flash drives easier than ever. Administrators can now import directly from an Active Directory database and program Kanguru flash drives in an automated fashion. The drives will then be hard-coded with Employee data that can be tracked and logged including Name, Email and Phone Number.
While built-in encryption goes a long way towards securing your USB thumbdrives, KRMC goes a step further by providing control and accountability even after the drives have been distributed to employees. The logging and auditing features are extremely useful for showing compliance with HIPAA, GLBA, and a wide range of state laws that are popping up across the country.
The full press release is available at the Kanguru News website.
Last month the FTC cracked down on a mortgage company for violating the privacy rules in the Gramm Leach Bliley Act (GLBA). A lack of information security measures is going to cost the company 10 years of audits.
Agent Genius has a good rundown on how GLBA affects financial institutions like banks, insurance companies, brokers, lenders and so on. As the author notes, “financial institution” can be broadly interpreted.
Data encryption with the ability to log and audit should be a key part of any GLBA compliance plan. Regulators want to see clear proof that information security policies are in place and are being enforced.
Nate Cote, VP of Product Management, chats with BankInfoSecurity.com at RSA Conference 2009. Nate discusses how Kanguru’s encryption and management solutions fit into the broader security and compliance architecture.
Direct link to audio.
Smaller companies often ignore or put off security concerns because their organization is not regulated by SOX or GLBA (regulations for large publicly-traded corporations). You should be aware that even smaller companies are included in state data breach notice laws. There’s only a handful of states left without regulations.
Follow us on Twitter