Course Hero Logo

Compliance-eBook-PORTNOX (1).pdf - Compliance as a Strategy...

Course Hero uses AI to attempt to automatically extract content from documents to surface to you and others so you can study better, e.g., in search results, to enrich docs, and more. This preview shows page 1 - 4 out of 16 pages.

Compliance as a Strategy forBusiness Success
2With the increasing trends of Bring-Your-Own-Device(BYOD), remote workforces and the rapid growth ofthe Internet of Things (IoT), there are more devices oncorporate networks than ever before. These trends, whilegreat for innovation and productivity, have made securingcorporate networks and their data extremely complex.Each of these devices are a potential point of entry forhackers to exploit in search of sensitive company anduser information.The latest count from the Identity Theft Resource Center (ITRC) indicatesthere have been 456 data breaches recorded this year through April 18 andthat nearly 8 million records have been exposed since the beginning of theyear. The total represents a 31% increase in the number of breaches to datecompared with 20151.Ensuring compliance and protecting sensitive data andintellectual property should be at the forefront of every security discussion.Oftentimes organizations view compliance as a headache, but withoutit, they would not be able to successfully run their business, work withcustomers and partners, and if they are a SMB, it would prohibit them fromworking with large enterprises. The perception of compliance can often leadto security as an afterthought. But compliance has become so importantthat the discussions and decisions have shifted from security officers andIT manager titles to the C-Suite, underscoring the fact that compliance is astrategic decision for organizations. Those that include compliance in theiroverall security strategy from the start, rather than a siloed or reactionaryapproach, are in an even better position for business success.Introduction1
33Protection of private information has become so importantthat both governments and organizations across industrieshave formalized data security rules associated with penaltiesfor data exposure.Within the United States, there are laws and industry agreements thatrequire organizations to institute policies and procedures for identifyingdata exposure risks. These risks must be further classified based ontheir level of severity and the rules require instituting specific safeguardsand controls to protect that data. If a breach occurs, companies arerequired to provide public reports of the data exposure and whether itwas done accidentally or through malicious intent.In the EU, organizations are facing GDPR becoming law in May 2018that will significantly affect how companies deal with information it holdson any EU citizen. Under GDPR, all companies and organizations willneed to adopt strict procedures when it comes to collecting, protecting,and storing data. Like the US, if a breach does occur, GDPR requirescompanies to notify customers which data it holds within 72 hours ofthe breach.

Upload your study docs or become a

Course Hero member to access this document

Upload your study docs or become a

Course Hero member to access this document

End of preview. Want to read all 16 pages?

Upload your study docs or become a

Course Hero member to access this document

Term
Fall
Professor
NoProfessor
Tags
Computer Security, Health Insurance Portability and Accountability Act

Newly uploaded documents

Show More

Newly uploaded documents

Show More

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture