How to protect and manage personal identity information in internet age

Personally identifiable information (PII)-In the news, these 6 words often hang in the mouth of the security Department, as many institutions appear data leakage events, "Personally identifiable information" The word appears more frequently.

The advent of data leaks is almost always caused by PII----PII contains data that can be used as identity theft (each data can point to a specific user, we can learn about this person's information, such as name, theme, date of birth, telephone number or social security number, and somehow this data is in the hands of cyber hackers.

In the past few years, compliance rules have become more widespread in the Asia-Pacific region, and PII protection has become more important, urging institutions to adjust security mechanisms. The rise of identity theft has finally strengthened the resolve of administrators and corporate managers to enforce compliance rules, as well as the Data Protection Encryption Act, within the national scope and the corporate context. Breaches of these laws are subject to high fines and other fines for business-related businesses.

The above method has little effect and identity theft is still on the rise. Cloud collaboration platforms, social networks, mobility, and other IT trends provide an opportunity for cyber hackers to steal the most important personal information from the Web. The number of data leaks http://www.zzddos.com/zixun/2012/15.html more and more every year, and law enforcement mechanisms only increase the penalties for all departments, while the number of institutions dealing with customer information is increasing, These organizations often handle and store the most sensitive information for customers. Globally, for example, the demand for Sox certificates from listed companies has increased, and banks and financial companies have been strictly enforcing the GLB (maximum bottom limits) regulations, and transactions with credit card payments as the main form of payment are also on the rise.

In these institutions, the implementation of PII data protection will not only be the key to business, but will also help supervisors avoid huge fines and even jail sentences.

Fines can be as high as hundreds of thousands of dollars or more, however, the cost of cleaning up and fixing the security mechanism can easily exceed this number, so in the event of a data disclosure incident, the customer PII data is either accidental or maliciously leaked. "Cleanup" includes: physical letters for the entire database, resources to respond to customer inquiries, and resources to deal with the potential manufacturing costs of new credit cards, not to mention the loss of credibility. These costs are stacked enough to make a company bankrupt.

Because of the almost astronomical cost, IT administrators are afraid of PII loss or leakage, while the highest level C-level executives almost sleep at night.

Keep in mind, of course, that there is no 100% data security, especially when it comes to storing data on a network server and dealing with regular transactions through mobile applications. However, some institutions have found the best way to make the situation less severe through practice.

In the alleviation of organizational risk, management and staff education is the key factor, therefore, the role of security tools emerged.

In particular, when data leaks out, the role of data loss protection products can not only be recorded, and to the IT administrator issued a warning, but also enable the security Department to the data leakage to respond accordingly. These mitigation technologies can be used for data transmission from archival to use alarm management to suspend users or dangerous transactions before the threat process is completed.

But if so, knowledge empowerment, and the most important step of the organization, will be to locate all areas of risk and conduct a comprehensive assessment. In essence, this means that the company needs to determine where all PII are stored, determine who has access to the information, and how to move PII within and outside the organization. Once the information is discovered and categorized, IT administrators are responsible for implementing appropriate security policies to protect the data.

This article comes from the Http://www.mkddos.com/wendang/2012/1023/15.html DDoS Group specializes in providing DDoS attackers, DDoS attack software, DDoS attack tools and tutorials, as well as traffic attackers, web site attackers to download