Filter by Category

Silence the Nagging By Securing Your Data

Compliance issues and the ever-growing list of compliance regulation acronyms (HIPAA, PCI DSS, SOX, etc.) are persistently nagging IT folks who must meet tough mandates and overly complicated rules. compliance, HIPAA, PCI DSS, data security

Of course, the real reason we must now pay so much attention to compliance is others' irresponsible abuse. Somewhere along the data strewn path, a few malicious malcontents had to succumb to the voice of greed and abuse their technological skill sets. All IT professionals' jobs are tougher thanks to those that through hacking, sniffing, or lifting data sources chose to steal and sell inadequately secured information.

The truth is, though, that "data" really is sensitive information and we live in a paranoid modern world where dastardly damage is done with a just a little twist of the facts. So in response to the cries of outrage among our citizens, politicians have wrung their bureaucratic hands and offered plenty of passing legislation designed to protect our data.

Because IT is responsible for the company's data, we need to stay abreast of the laws that apply to it. We also need to to fully understand and implement the three types of data protection: physical, transitional, and procedural.

Physical

Physical protection is probably the easiest. We secure the data on our servers, backup tapes and offsite facilities with technologies such as passwords, drive encryption, backup encryption, data center surveillance, physical locks, etc. We spare no expense in securing the physical because we can see it and believe it is secured. Or so we think.

Transitional

Transitional protection is a little more difficult. Any data files that leave our networks should be secured with managed FTP solutions that encrypt the files with SFTP, FTPS, HTTPS, PGP, and other protocols. Firewalls are set up to control what can leave or enter our data domain. DMZ gateways are set up to increase the virtual protection of the data and still allow designated users access to it.

Learn More: DMZ Gateways: Secret Weapons for Data Security

Procedural

Procedural security is a type of data protection that is least understood and implemented. A clear and understandable security policy needs to be communicated to the end users so they become familiar with sensitive data is secured, and what consequences may loom if procedures aren't followed.

The majority of us in IT are protective about who has access to our own sensitive data, so we can understand the reason for protecting everyone else, too. Yes, it's a lot of work, but it's part of the new normal.

Meet various compliance requirements with GoAnywhere MFT:

Latest Posts


Should You Use a File Sharing App?

November 12, 2019

Should You Use a File Sharing App?File sharing apps like Dropbox and Google Drive certainly have their appeal. They are user-friendly, often free, and do the job of getting information from one user…


File Transfers: Do Them the Right Way

November 7, 2019

File Transfer Done Right When it comes to transferring information such as patient files or legal files from point A to point B, you’ve got options. Lots of options. However, not all file transfers…


7 Essential Resources on PCI DSS Security

November 5, 2019

Note from the Editor: This article was originally published in February 2017. It has been updated with resources current to PCI DSS version 3.2.1. Did you know that 80% of…


How Can an EDI Solution Simplify Business Processes?

November 1, 2019

What is EDI? Electronic Data Interchange (EDI) is a flat file format or technology that B2B trading partners use to send and receive business transactions. It’s a straightforward and secure…


We're Emotional - About Ranking #1 in Info-Tech's Newest Report

October 30, 2019

We’ve Caught the Feels We’re emotional, it’s true. Info-Tech's latest results are in for their Managed File Transfer Emotional Footprint Report! Out of nearly 40 vendors evaluated and 580…