GLBA: Raising Email Security Awareness
Corporations are under the gun to protect financial information and consumers are watching!Just a few weeks ago, one of the world’s largest banks announced that it had lost computer data containing th...
Corporations are under the gun to protect financial information
Even without government regulations defining acceptable communication behavior, financial institutions are faced with the need to protect confidential data and keep their networks operational and secure. The consequences of a failure to perform in any of these areas could have devastating effects on the business itself – potentially causing existing and potential customers to lose faith in the company’s ability to protect their identities and financial information. If that doesn’t strike fear into your heart, GLBA provides for imprisonment of company officers and steep monetary fines for non-compliance.
Components of GLBA Compliance
There are five general sections of the “safeguards” rule contained in GLBA. They outline, at a very high level, what to implement to meet these requirements – not how to implement them. In fact, nowhere does the safeguards rule mention specific technologies or products such as firewalls, encryption, and content filtering that must be in place in order to contribute to compliance. However, the use of each of these technologies is necessary in order to properly secure the email gateway against compliance violations. On the same note, experience and time have shown that technology alone is not an information security catch-all.
An effective information security program also needs specific policies and procedures in place to assist with managing information risks on an ongoing basis. Once these policies and procedures have been defined, the technology should provide automated implementation, enablement and enforcement of them.
Obviously, no single email security component can be used to secure all information; a solid information security infrastructure must consist of a combination of several technologies:
The need to establish centralized policy-based governance over the transmission, encryption, and archival of sensitive information requires a secure gateway-based solution. The solution should be capable of interfacing with all of an organization’s business partners regardless of the partner’s technological capabilities, and it should be transparent to the user in order to maximize the efficiency and utility of email and encourage adoption of acceptable means of corporate communication.
IronMail: The Compliance Appliance
The award-winning IronMail email security appliance from CipherTrust is widely recognized as the benchmark by which all others are measured. IronMail’s Compliance Control allows organizations to set customize policies to easily and automatically manage non-compliant messages as soon as they are detected. Because Compliance Control is policy-driven, most functions are automated, with exceptions handled directly by a decision-maker such as the compliance officer, rather than by an intermediary such as a network administrator interpreting rules made by another party. In addition, powerful reporting and monitoring tools give executives and administrators access to real-time information pertaining to non-compliant email messages.
To learn more about IronMail’s Compliance Control and how it can help your organization comply with the stringent GLBA legislation, download CipherTrust’s free whitepaper, "IronMail Compliance Control: Contributing to Corporate Regulatory Compliance".
Source: Free Articles from ArticlesFactory.com
ABOUT THE AUTHOR
CipherTrust is the leader in anti-spam and email security. Learn more by downloading our free whitepaper, “IronMail Compliance Control: Contributing to Corporate Regulatory Compliance” or by visiting www.ciphertrust.com.