Archives

Weekly Archive for: ‘04’

Data security and compliance – Best practices

Posted in: Anti-Fraud, Compliance, Data leakage, PCI DSS, Privacy, Risk Assessment|Tags: , , , , , |By: Danny Lieberman|1 Comment

Compliance is about enforcing business process – for example, PCI DSS is about getting the transaction authorized without getting the data stolen. SOX is about sufficiency of internal controls for financial reporting and HIPAA is about being able to disclose PHI to patients without leaks to unauthorized parties. So where and how does DLP fit into the compliance …

Read more »

Building a business case for DLP

Posted in: Anti-Fraud, Compliance, Data leakage|Tags: , , , |By: Danny Lieberman|3 Comments

At a meeting with one of our clients last week – the question of business case for data loss prevention came up quite strongly.   It started with the client saying that they were hearing that while vendors like Symantec and Websense were getting a lot of customers to buy their DLP products – many …

Read more »

How to valuate information assets

Posted in: Data leakage, Information security|Tags: , , , |By: Danny Lieberman|1 Comment

A client recently asked: How do I assign a dollar value to an assets?…should I use the  purchase value of the asset, replacement value or expected damage to the company if the asset were stolen or exploited? Estimating asset value is without doubt the most frequent question we get when it comes to calculating data …

Read more »