Seven keys for complete message security

July 13th, 2006 · No Comments

In today’s highly regulated, highly networked international work environment, message security is vital both to protect the organization’s sensitive information and to comply with business regulations such as the Sarbanes-Oxley Act and the Health Insurance Portability and Accountability Act (HIPAA) in the U.S. and various data privacy regulations abroad.

It isn’t enough to protect data at rest, says Tom Dunbar, global chief security officer at XL Global Services, the IT services subsidiary of XL Capital Ltd., a large global insurance, reinsurance and financial risk specialist. As the head of security for a major financial organization that must comply with U.S. and foreign regulations, he has become an expert in data security.

Both e-mail messages and attachments containing sensitive information must be encrypted during transmission and on e-mail servers, particularly when they are sent outside the corporate firewalls, Dunbar says. Doing that isn’t easy, however, and the traditional approach of public-key encryption (PKI) can prove cumbersome and expensive to manage.

Dunbar, who is responsible for XL Capital’s IT security strategy, tactics, planning, governance, architecture and operations, as well as security policies and standards — including information risk management and the disaster recovery program — cites the following as key considerations in designing an adequate message security system for a highly regulated environment: Seven keys for complete message security

The Network Security. Org

Seven keys for complete message security

July 13th, 2006 · No Comments

From around the Web

Advertisments

Sponsors

Sponsors

Earlier Archives

Web Links