Filter by Category

Silence the Nagging By Securing Your Data

Compliance issues and the ever-growing list of compliance regulation acronyms (HIPAA, PCI DSS, SOX, etc.) are persistently nagging IT folks who must meet tough mandates and overly complicated rules. compliance, HIPAA, PCI DSS, data security

Of course, the real reason we must now pay so much attention to compliance is others' irresponsible abuse. Somewhere along the data strewn path, a few malicious malcontents had to succumb to the voice of greed and abuse their technological skill sets. All IT professionals' jobs are tougher thanks to those that through hacking, sniffing, or lifting data sources chose to steal and sell inadequately secured information.

The truth is, though, that "data" really is sensitive information and we live in a paranoid modern world where dastardly damage is done with a just a little twist of the facts. So in response to the cries of outrage among our citizens, politicians have wrung their bureaucratic hands and offered plenty of passing legislation designed to protect our data.

Because IT is responsible for the company's data, we need to stay abreast of the laws that apply to it. We also need to to fully understand and implement the three types of data protection: physical, transitional, and procedural.

Physical

Physical protection is probably the easiest. We secure the data on our servers, backup tapes and offsite facilities with technologies such as passwords, drive encryption, backup encryption, data center surveillance, physical locks, etc. We spare no expense in securing the physical because we can see it and believe it is secured. Or so we think.

Transitional

Transitional protection is a little more difficult. Any data files that leave our networks should be secured with managed FTP solutions that encrypt the files with SFTP, FTPS, HTTPS, PGP, and other protocols. Firewalls are set up to control what can leave or enter our data domain. DMZ secure gateways are set up to increase the virtual protection of the data and still allow designated users access to it.

Learn More: DMZ Secure Gateways: Secret Weapons for Data Security

Procedural

Procedural security is a type of data protection that is least understood and implemented. A clear and understandable security policy needs to be communicated to the end users so they become familiar with sensitive data is secured, and what consequences may loom if procedures aren't followed.

The majority of us in IT are protective about who has access to our own sensitive data, so we can understand the reason for protecting everyone else, too. Yes, it's a lot of work, but it's part of the new normal.

Meet various compliance requirements with GoAnywhere MFT:

Latest Posts


The Top 5 Reasons Why Government Agencies Need MFT

January 21, 2021

GoAnywhere MFT is Crucial for Government Agencies Government agencies are facing more responsibilities than ever to keep increasingly sensitive data safe and away from prying eyes. GoAnywhere…


How to Comply with Brazil's Lei Geral de Proteção de Dados (LGPD)

January 14, 2021

What is Brazil’s LGPD?LGPD stands for Lei Geral de Proteção de Dados (General Data Protection Law), which is a law streamlining what was previously 40 separate statutes protecting personal data…


What is SSL, TLS, and HTTPS?

January 13, 2021

Meet the Trio SSL, TLS, and HTTPS are a unique trio that each work to help keep your important data secure on the Internet. If you've ever wondered how each of these protocols compares, you’ve…


Is FTPS or SFTP More Secure?

January 12, 2021

FTPS vs. SFTP – Level of Security FTPS and SFTP are two of the mainstream protocols for transferring your sensitive files, but they are not 100 percent equal when it comes to their level of…