- Contacts
- Encryption Solutions
- Solutions for email
- Enterprise Mobile Solutions
- Security Solutions
- Remote Access SSL VPN
- Password & Identity Management
- Internet Firewall
- Secure DNS Server
- Document Collaboration
- Web Content Management
- E-commerce
- Alumni Membership
- Network File Encryption
- USB Memory Drives
- Smart Cards & Single Signon
- Aladdin eToken
- URL Web Filter
- Fault Tolerant IP
- SSL Acceleration
- Tape Backup
- Network Storage
- Wireless Networking
- Domain Names
- Resources
- Site
Achieving regulatory compliance through effective data management, encryption and two factor authentication solutions
In today’s world most industries including the Public Sector now have some form of regulatory body mandating compliance with information security guidelines. Recent highly publicised cases have raised public awareness of the difficulty in securing all end-points within an organisation and in ensuring that only authorised employees or Government officers have access to data which they need for their role.
Nearly every type of organisation has some form of obligation under the law to protect data, whether that’s holding details about personnel, recording communications with suppliers and clients, financial transactions, contractual communications and of course holding personal data.
Key laws and regulatory compliance mandates are:
- Freedom of Information Act
- Data Protection Act
- Regulatory Investigatory Powers Act
- Regulatory Investigatory Powers Act (Communications Data) Order 2003
- Money Laundering Regulations 2007
- FSA Compliance - Data Security Report and Recommendations
- Law Society Guidelines
- Securities & Exchange Commission (SEC) proposed rule 248
- HIPPA
- Government Code of Connect (CoCo)
- Payment Card Industry Data Security Guidelines
Ecommnet has been at the forefront of assisting organisations across a broad spectrum of industries including Government, education, healthcare, finance, legal and manufacturing with organisations ranging in size from small businesses through to large corporate organisations. Our proposition is:
- Preventing leakage of data through data content management
- Controlling usage of external devices such as USB Drives and Removable Media Devices
- Protecting data in the event of loss, theft or misuse through deploying encryption technologies
- Controlling who has access to devices, the network, applications and data through two-factor authentication
- Archiving of communications and data for future evidentiary disclosure and auditing
- Ensuring that end-points are secure and free from viruses and spyware and suitable for connection to data resources
Some or all of these areas are required in order to ensure compliance with the regulations detailed above. Our processes include evaluating vulnerabilities in people, processes and technology to ensure that the correct solution and policies are applied to ensure compliance.
Key to implementing any of these forms of security is transparency for users. There is little use in implementing security which restricts organisations from performing their day-to-day activities as very quickly these security policies are rolled back introducing vulnerabilities and preventing audit processes.
ecommnet has carefully selected the vendors products which we recommend. We believe our choice of vendors represents the best products and services available on many fronts – but specifically under their suitable for purpose, integration or complimentary nature, low cost of ongoing support and management and initial cost of acquisition.
Further background reading:
- http://news.bbc.co.uk/1/hi/uk/7449927.stm
- http://news.bbc.co.uk/1/hi/business/7576572.stm
- http://www.computerweekly.com/Articles/2008/10/16/232701/regulatory-action-is-biggest-data-protection-fear-for-financial.htm
- http://www.computerweekly.com/Articles/2007/03/16/222461/high-price-of-failing-to-tighten-it-security.htm