Posts Tagged data security

The Debate Over Data Information Breach: A Proposed Uniform Data Security Act

Our good friends and Sponsor CompTIA asked us to help them get the word out about a Webcast they are sponsoring regarding a topic on many IT providers' minds:

Comptia

 

 

CompTIA Webinar:
The Debate Over Data Information Breach: A Proposed Uniform Data Security Act
Presented by Stephen Chow, Burns & Levinson LLP
Friday, June 11, 11:30am – 12:30pm ET

Register today by clicking here! 

What happens when consumer data information is compromised?  What constitutes a data breach? Who needs to be notified and of what? Who is liable for what?

The answers are not simple. Currently, there are 47 different state laws that differ in substance and approach to these questions, creating uncertainty for the IT channel. To complicate the issue further, the Federal Trade Commission lays claim to some jurisdiction on this issue, and there are also several pieces of legislation in the U.S. Congress that address data breach, but they too vary in scope and size. 

Join CompTIA for a webinar presentation from attorney Stephen Chow to help shed light on key issues around consumer data breach. Chow has been at the forefront of this debate, both in Massachusetts and nationally, and proposes a new avenue – to achieve a Uniform Data Security Act through the nationally recognized Uniform Law Commission.  Such a model code could drive states to a more uniform approach.  Help us to address some challenging questions in relation to this proposal:

  • What is the likelihood that current federal legislation will pass?  Is there an appetite for federal pre-emption?
  • What are the shortcomings of the current federal legislation?  Can liability be addressed, or do they simply set forth who should be notified about what?
  • Would pursuing a model code undercut the ability to advocate on behalf of any legislation?  Or can this/should this proceed on a dual track?
  • What is the financial cost of pursuing a “model code” avenue?
  • How does this proposed effort compare to the effort behind E-signatures?  More complex?  Easier?  Likely to result in desired outcome?
  • How long overall to get to the desired outcome?

 

Click here to find out how to attend our next Boot Camp with SPECIAL EMR BREAKOUT SESSIONS ABSOLUTELY FREE ($2995 VALUE)!

Erick Simpson
MSP University
Check out our FREE live training schedule here
Subscribe to my blog here
Subscribe to our Newsletter here
Join MSP University FREE for all things Managed Services
LinkedInIconFacebookIconTwitterIconYouTube 
MSP University helps solution providers succeed…period.

Posted in: Events, Industry Trends

Leave a Comment (0) →

Security Lessons for MSPs

Security_lock_01 A recent disclosure of a data breach by Heartland Payment Systems; a leading payroll processing company that handles 100 million transactions per month for 250,000 businesses, offers a number of lessons for MSPs in keeping their customers protected from similar problems under their watch.  Heartland Payment Systems' data was accessed via hackers who installed keylogging software and a sniffer program that grabbed credit card details during a millisecond of the transfer process when this information was not encrypted.

Heartland Payment Systems is not a small company – in fact, its purpose is to assist banks and businesses with payment transactions and to protect their clients from the very problems that they themselves experienced. If a company as large as Heartland Payment Systems can experience a major security breach – what can you do to keep your clients' data safe?

Security measures are becoming state mandated for both enterprises and SMBs, with Nevada and Massachusetts leading the pack by mandating; among other things, that companies encrypt the financial records containing personal data of all of their residents stored on any portable device, including laptops, cell phones and flash drives. As the requirements for mandating security measures become clearer, more states are expected to follow suit.

As a result of higher security requirements, small businesses that previously managed their own IT departments may seek out the services of Managed Services Providers to help them meet those requirements.  For businesses already using MSPs, they'll expect higher security.

Here's what you can do to position yourself as a highly secure provider of Managed Services:

  1. Make sure you spend time staying on top of the latest technology and regulations in the area of data protection. As you know, IT is constantly evolving, and you need to keep up to date with the evolution of data protection in order to understand and provide it effectively.

  2. Always consider potential gaps in security throughout the entire lifecycle of data.  Consider data at the bit level – from the source all the way to its final destination in order to understand your clients' data security needs.

  3. Assess your own current state of security and look for ways to constantly improve.  Seek out a fulfillment partner with the proper specializations to help you assess your own and your clients' risk levels if you do not possess these competencies internally, and develop remediation and ongoing testing strategies to stay in front of security threats and maintain compliance in these areas.

Erick Simpson
MSP University
Subscribe to my blog here
Subscribe to our Newsletter here 
Join MSP University FREE for all things 
Managed Services
MSP University helps Solution Providers succeed…period.

Posted in: Uncategorized

Leave a Comment (0) →