As increasing amounts of critical and sensitive data comes to be stored with businesses and consequent to some situations where significant amounts of data have been lost or stolen, regulatory pressure to ensure protection of sensitive data continues to increase.
As new threats are discovered, we can expect regulations to get tighter. Requirements will continue to change and evolve. The US does not have one single law governing data security. There are a number of Federal and State laws on the subject. Some key regulations / standards are -
- Laws such as Sarbanes-Oxley Act (SOX) of 2002
- The executive order recently issued by President Obama on protection of critical infrastructure and services from cyber attack
- The Federal Trade Commission Act - covering offline and online data security
- Financial Services Modernization Act (also known as Gramm-Leach-Bliley Act (GLBA)) - relates to the disclosure of personal information that is not in the public domain.
- Health Insurance Portability and Accountability Act (HIPPA) - regulates security to be provided to protected health information
- Health IT for Economic & Clinical Health Act (HITECH)
- Payment card industry data security standards
At least 46 US States have enacted laws that require companies to notify if they have had any breaches of private data. 29 of these states have laws that require companies to ensure that individuals’ data cannot be deciphered or read.
If you are in possession of personal data that belongs to your clients, employees or other individuals, you are responsible for its security and for compliance with all regulatory provisions. It does not matter where you choose to store the data or which third party you entrust it to, the responsibility stays with the company that owns the data.
CloudMask’s patent pending persistent encryption technology ensures compliance with regulatory requirements for data protection. The CloudMask solution ensures that your data is never in clear text even if it is being processed by a third party cloud-based solution. From the moment of its generation, your data is protected by CloudMask. It is encrypted as it leaves your end device and it stays encrypted in transit, processing and storage. There is no loss of application functionality or any requirement to re-write any applications to make them compatible with CloudMask security.
With CloudMask, only your authorized parties can decrypt and see your data. Not hackers with your valid password, Not Cloud Providers, Not Government Agencies, and Not even CloudMask can see your protected data. Twenty-six government cybersecurity agencies around the world back these claims.
Watch our video and demo at www.vimeo.com/cloudmask
Share this article: