More on security and privacy — internal policy and regulatory compliance. This article presents more of the why, as well as the status and possibilities. Internet security and legal
Excerpt: I agree. But using a fortress-like Simplified Single Signon (SSO) with a non-password strong authentication method to access it (such as a hardware token or a proximity device) could go a long way towards mitigating the risk of data breaches. Yes, it will be an expense both in terms of hardware/software purchases as well as setup time and user education. But the immediate payoff is protection of the organization’s reputation while the long term benefit is keeping the organization solvent and its officers out of jail.
Solvency? Jail time? Businesses breaching European Union privacy rules will soon face fines of up to 5 per cent of their global turnover, which could extend to billions of euros for large multinationals. Expect that other western democracies in North America and the Asia-Pacific region will soon follow suit. From there, it’s a small step to criminalizing the behavior of corporate officers who ignore the potential for data breaches. Already (as in the recent Facebook breach) we’re seeing class-action civil lawsuits in the US against the company alleging they failed to protect the interests of their users.
Read full article via User views on Privilege Management | Dave Kearns.