Protecting Personal Data: Can IT Security Management Standards Help?
نویسنده
چکیده
Compelled to improve information security by the introduction of personal data protection legislation, organizations worldwide are adopting standardized security management guidelines to inform their internal processes. This paper analyzes whether existing security management standards support process requirements for personal data management, drawing from experience with security policies in private organizations and through an analysis of current European and US legislation. Various aspects of personal data management not commonly addressed by security standards are identified, and a number of generally applicable enhancements are proposed to one common standard, IS17799. The appropriateness of including data protection guidelines in security standards is discussed, showing how these enhancements could simplify the definition of personal data management procedures in organizations.
منابع مشابه
Trusted Ticket Systems and Applications
Trusted Computing is a security base technology that will perhaps be ubiquitous in a few years in personal computers and mobile devices alike. Despite its neutrality with respect to applications, it has raised some privacy concerns. We show that trusted computing can be applied for service access control in a manner protecting users’ privacy. We construct a ticket system, a concept at the heart...
متن کاملInformation Security Management System Standards: A Comparative Study of the Big Five
-It cannot be denied that nowadays information is a very important asset for any modern organization. Therefore protecting its security is very important and becoming a top priority for many organizations. Unfortunately there is no single formula that can guarantee 100% of information security. Therefore there is a need for a set of benchmarks or standards to ensure the best security practices ...
متن کاملAn Adaptive Technique using Advanced Encryption Standard to Implement Hard Disk Security
The main objective of the paper is to study and develop an efficient method for Hard Disk Drive(HDD) Security using Full Disk Encryption (FDE) with Advanced Encryption Standards(AES) for data security specifically for Personal Computers(PCS) and Laptops. The focus of this work is to authenticate and protect the content of HDD from illegal use. The paper proposes an adaptive methods for protecti...
متن کاملThe Adoption of IT Security Standards in a Healthcare Environment
Security is a vital part of daily life to Hospitals that need to ensure that the information is adequately secured. In Portugal, more CIOs are seeking that their hospital IS departments are properly protecting information assets from security threats. It is imperative to take necessary measures to ensure risk management and business continuity. Security management certification provides just su...
متن کاملUsing Trusted Computing for enhancing Embedded Computing Platforms
Overview: The Trusted Computing (TC) technology is today already widely applied on Personal Computer (PC) oriented platforms. Typical use scenarios are measuring system integrity for Trusted Operating Systems, secure storage for key material and certificates, identification of platforms and together with other technology like smartcards and biometrics also the authentication and identification ...
متن کامل