Compliance franchise or real security


Flask Data provides a one-stop cloud subscription for EDC, data management and statistics.

I’ve been saying for a long time now that compliance standards like PCI DSS 1.2 have created a marketing franchise for auditors instead of improving security.

Empirical evidence of the past 2 years suggests that compliance focuses on meeting auditor requirements instead of assuring actual security of your systems and customer data assets.    Here’s an interesting interview with Chris Nickerson who is billed by SearchSecurity.com as “your worst nightmare. He’s the guy you never see coming, the one who can slip into your data center, install malware on any server he chooses and ease back out without so much as a shadow on your security cameras”.

Newspaper hype aside – Nick had an important insight on PCI compliance:

You might be compliant, but if your system is compromised, you’re going home without a paycheck. People err on the side of compliance versus security.

Related Posts Plugin for WordPress, Blogger...

Flask Data is a technology company with a strong people focus. We are a diverse group of computer scientists and clinical operations specialists based in Israel, the US and India. We are accomplished at providing our customers with the most effective way to achieve high quality clinical data and assure patient safety. There is no single solution that works for every clinical trial. We work hard to understand your unique situation. We work with your team to develop the best solution to achieve high quality clinical data and assure patient safety the same day you engage with patients.

Flask Data – same data data and safety solutions for clinical trials.

Contact us to learn more

Tell your friends and colleagues about us. Thanks!
Share this
,

Leave a Reply