The internet generation has brought instant information to our fingertips. Unfortunately, like most good things, there are those that try to take advantage and use good, often required services, for bad purposes. Hackers, also known as Cyber Criminals, or the "Online Mafia" take advantage of security breaches and may use, sell, or hold you hostage to the data they have extracted from your servers, clouds, website, PC, or mobile device. Providing your clients or patients with critical essential data online allows your staff to operate more efficiently while allowing them to get information they may require 24 hours a day, 7 days a week. When offering online and or automated services, it is essential to make sure the servers and delivery systems are secure. Utilizing our automated penetration testing service, LionCageDefender.com will allow you to know about vulnerabilities in your system before a "hacker" does. While we all care about security, many of us do not understand or are aware of the security risks out there. To ensure your school, office, and/or practice remains compliant, governments across the globe have enacted security regulations to help stay one step ahead of cyber criminals.
These security regulations, which may sound intimidating, are often the result of past data breaches and may be placed into law to protect you as much as to protect your clients and patients. These security regulations are usually centered on protecting personally identifiable data such as private health information, credit card, check and debit card numbers, passwords of online and offline records, financial account information, as well as social security numbers and other records that may be collected. Information security is not just something to give attention to when you get around to it! There are regulations that require organizations to protect personal information, and the fines and penalties for not doing so can be significant.
These regulations are often the result of past data breaches and are usually centered on protecting personally identifiable data such as Health Information, Credit/Debit Card numbers, Email Addresses, Passwords, Financial Account information and Social Security numbers. Compliance with regulations may be required in your industry. For example, Medical and Accounting practices are required to show that they took preemptive measures to secure their data from hackers. Penetration testing services such as LionCageDefender.com provide an essential method in taking that preemptive security step. While our core security service is vulnerability testing, our easy to use solution scans devices for open ports, checks the status of Windows, firewalls, and anti-virus updates, and offers additional service such as IP Geolocation of devices and time stamping web and program activity. While LionCageDefender.com is a proactive security solution, to remain compliant such as online and offline backup, screen locking and password rotation maybe required to security law compliance. Compliance with regulations almost always requires a combination of security products, policies and management commitment. The cost of non-compliance can be devastating to an organization.
Help ensure your office remains compliant and secure, signup today for… LionCageDefender.com
|Regulation||Who is affected?||What does it cover?|
|Sarbanes-Oxley Act (SOX)||Publicly held USA based corporations||Sox - Reliability and security of financial disclosure|
|Payment Card Industry Data Security Standard (PCI DSS) (Standard vs. Regulation)||Websites that handle their own transactions, retailers, credit card companies, credit card data handlers||PCI - Security of financial processed data.|
|Gramm-Leach-Bliley Act (GLBA)||Financial institutions handling Consumer Financial Information||GLBA - Protect end users personal financial information.|
|Health Insurance Portability and Accountability Act (HIPAA)||Medical practices, health plans and business associates||Hipaa - Ensuring medical data remains secure and confidential.|
|The Health Information Technology for Economic and Clinical Health Act (HITECH)||Medical practices, health plans, business associates – Similar to Hipaa regulations||HiTech - Widens the scope of privacy and security protections available under HIPAA, increases the potential legal liability for non-compliance and provides for more enforcement.|
|Federal Information Security Management Act (FISMA)||USA Government, Federal agencies.||Fisma - Security preparation for federal and federal mandated agencies.|
|Personal Information Protection and Electronic Documents Act (PIPED Act)||Privately owned companies doing business in Canada and or with Canadian owned businesses.||Piped - It governs how private businesses and organizations collect, use and disclose personal information in the course of commercial business|
|Law on the Protection of Personal Data Held by Private Parties—Mexico (Ley federal de protección de datos personales en posesión de los particulares)||Mexican owned businesses, as well as any company that operates, does business or advertises in Mexico||LPPDPM - This law governs all aspect of the use and storage of Personal Data and Sensitive Personal Data, including the purposes for which companies collect such information as well as the way they store it, with whom they share it, and if/when and how they delete the secure information once it is no longer required.|
|European Union Data Protection Directive||This is a European Union directive which regulates and limits the processing of personal data within the European Union as well as companies doing business with EU based countries.||Limits the use and collection and sharing of personal data within and between EU States.|
|Safe Harbor Act||U.S. companies doing business with or within EU countries.||Limit of use or transfer of financial and or personal data to the USA of citizens of EU countries.|