Filter by Category

Silence the Nagging By Securing Your Data

Compliance issues and the ever-growing list of compliance regulation acronyms (HIPAA, PCI DSS, SOX, etc.) are persistently nagging IT folks who must meet tough mandates and overly complicated rules. compliance, HIPAA, PCI DSS, data security

Of course, the real reason we must now pay so much attention to compliance is others' irresponsible abuse. Somewhere along the data strewn path, a few malicious malcontents had to succumb to the voice of greed and abuse their technological skill sets.  All IT professionals' jobs are tougher thanks to those that through hacking, sniffing, or lifting data sources chose to steal and sell inadequately secured information.

The truth is, though, that "data" really is sensitive information and we live in a paranoid modern world where dastardly damage is done with a just a little twist of the facts.  So in response to the cries of outrage among our citizens, politicians have wrung their bureaucratic hands and offered plenty of passing legislation designed to protect our data.

Because IT is responsible for the company's data, we need to stay abreast of the laws that apply to it. We also need to to fully understand and implement the three types of data protection: physical, transitional, and procedural.

Physical

Physical protection is probably the easiest. We secure the data on our servers, backup tapes and offsite facilities with technologies such as passwords, drive encryption, backup encryption, data center surveillance, physical locks, etc. We spare no expense in securing the physical because we can see it and believe it is secured. Or so we think.

Transitional

Transitional protection is a little more difficult.  Any data files that leave our networks should be secured with managed FTP solutions that encrypt the files with SFTP, FTPS, HTTPS, PGP, and other protocols.  Firewalls are set up to control what can leave or enter our data domain. DMZ gateways are set up to increase the virtual protection of the data and still allow designated users access to it.

Procedural

Procedural security is a type of data protection that is least understood and implemented.  A clear and understandable security policy needs to be communicated to the end users so they become familiar with sensitive data is secured, and what consequences may loom if procedures aren't followed.

The majority of us in IT are protective about who has access to our own sensitive data, so we can understand the reason for protecting everyone else, too. Yes, it's a lot of work, but it's part of the new normal.

Meet various compliance requirements with GoAnywhere MFT:

 

Comments (1)

  1. HITECH and HIPAA Compliance Tough on IT Staffs:
    Jun 19, 2012 at 12:05 PM

    [...] (Health Insurance Portability Accountability Act), passed in 1996, has received the most attention (see our blog), the more recently implemented HITECH law is quickly having an [...]

Add a Comment

Allowed tags: <b><i><br>

Latest Posts


What’s the Difference Between GoAnywhere 6.0 and 6.1?

May 20, 2019

We’re excited to share that GoAnywhere 6.1 is now available for download! The newest version of our managed file transfer solution includes over 30 new features, such as X12 data…


How to Encrypt Files in Linux

May 16, 2019

If your organization uses Linux operating systems to run key business processes, it’s important to implement tried-and-tested Linux security practices that support critical files as they…


Everything You Need to Know about FTP Automation Software

May 9, 2019

So, you want to automate your FTP file transfers. Whether you send a dozen file transfers a week, hundreds a day, or even more, automation is a smart step for most businesses. The benefits are…


15 Ways to Avoid Document Chaos with Secure Forms

May 9, 2019

Vendors, employees, customers, and trading partners exchange an abundance of files every day, often by a variety of means including mail, email, telecomm apps like Skype, shared file storage like…


How to Prevent Data Breaches with MFT | Checklist and Plan

May 2, 2019

You know what a data breach looks like in the movies. A character’s computer is suddenly overtaken by lines of green code. Windows and browsers pop up at lightening speed, as if the PC itself…