Published: May 1, 2006 - 9:37am
I spend a fair bit of time on both sides of the US/Canada border. It is interesting to watch the different stages of the data breach issue.
In Washington, the legislative calendar is counting down to mid-term elections and there are two remaining data breach bill contenders in the House. One is out of the Energy & Commerce while the other is from the Financial Services Committee. One of the key differences is that the Energy & Commerce bill is consistent with the raft of state-level legislation that calls out encryption as a safe harbor. The Financial Services bill provides no such provision and, as such, neglects this powerful incentive for organizations to act proactively to protect their customer data.
In Ottawa, this debate is long over and encryption is viewed as a key technology to protecting sensitive data – including that of the citizen. In this backdrop of continuing data breach incidents (Utimaco has a good compendium of stats), the Canadian government is accelerating on-line programs to improve service delivery but with the requisite security. For example, the 2006 national census is being launched tomorrow and includes the option to complete individual returns on-line. Cost effective and convenient, the on-line census will employ end-to-end encryption. Submissions are persistently encrypted on the user’s desktop and then uploaded so that only the authorized back-end application can get access to the data.
Such practical applications show that due care of sensitive data need not impede the delivery of on-line products and services. Further, in an environment where user confidence is continually being eroded by these public breaches (ad passim ad nauseam), the right security is not optional. Congress needs to get the issue resolve and move forward with the Energy & Commerce bill. With elections coming up it’s a good news story to take to the constituents. And it’s the right thing to do.
Bookmark/Search this post with:
| | | | | | | |
Tips to Deploy Web Services Security This white paper discusses the three critical Web services deployment issues-security, provisioning connections, and operations. As each is owned by different factions within an enterprise, each can become a “show stopper” to Web services deployment initially, and every time a change must be made.
Microsoft Windows Vista: What To Expect What should you expect from Microsoft Windows Vista? Learn about all of the new features, from the latest Windows interface to Windows Defender and everything in between.
Ensuring Security and Compliance through Automated Patch Management- Today's data centers are increasingly under attack. Hackers are able to compromise organizational security within minutes or days of a vulnerability announcement. In the face of today's security challenges, IT organizations are forced to respond quickly, decisively and efficiently in patching systems while minimizing any downtime impact.