When it comes to data leakage, it doesn't really make a difference whether your business is B2B or B2C—customer communications is still risky business. Selling business-to-business often involves exposing sensitive parts of the enterprise—giving your business customers access to online payment portals, shared drives, and sensitive information like bank account numbers.
It’s a fact – if you do anything online these days the information and the computer systems that you use could be the target of malicious outsiders. This goes for banking transactions, email messages, file exchanges with your Box or DropBox accounts, and, yes, the votes that you cast for your local mayor or even the President of the United States.
In our ongoing series on compliance and security, we've covered the history of information security compliance, compliance regimes in general, and how to prepare for a SOX audit. Now, let's move on to the catchily-named NIST 800-53. This security standard covers all federal organizations, except for those under the purview of the defense agencies, and all non-governmental agencies who wish to work with the U.S. government.
For most voters, the first intrusion of the prefix "cyber" into the 2016 election occurred in late July, when hackers stole 20,000 emails from the Democratic National Committee and posted them on WikiLeaks.
“In order to truly counter the threat of data loss, companies need to moderate the exchange of content across the perimeter in a way that largely hasn't been done until now. What enterprises need is a brain, an epicenter, that can moderate data exchange channels across an entire organization.”
SOX compliance, while similar in some respects to both HIPAA and PCI, represents one of the most rigorous compliance standards currently applied to US companies. It is rigorous because it has to be.
In the course of human history, we’ve managed to discover the most efficient and effective ways of delivering a message. Our language has expanded and our messages have evolved, but for the great majority of recorded history, data exchange remained basic.