Information security is a matter of law, not just technology.Information security isn't is·n't Contraction of is not. isn't is not isn't be just a technology issue, it's a legal issue, and one that every employee at a company should be concerned with, said two experts on the front line of insurance technology and security. Thomas (language) Thomas - A language compatible with the language Dylan(TM). Thomas is NOT Dylan(TM). The first public release of a translator to Scheme by Matt Birkholz, Jim Miller, and Ron Weiss, written at Digital Equipment Corporation's Cambridge Research Laboratory runs J. Smedinghoff, an attorney with Baker & McKenzie in Chicago, said insurers have a legal obligation to protect their systems and data. "Even if you outsource the work, you cannot outsource the responsibility," Smedinghoff said. He added that companies and their directors and officers can be held liable for security breaches and might have to face class-action lawsuits. Security is an issue that must be discussed throughout the company; said Jane Koppenheffer, chief information officer and vice president of Penn National Insurance Penn National Insurance is a property-casualty insurance company, headquartered in Harrisburg, Pennsylvania. Founded in 1919 by the Pennsylvania Farmers and Threshermen's Mutual Protective Association, under the name Pennsylvania Threshermen's and Farmer's Mutual Casualty Company, , a regional property/casualty company. Koppenheffer said every new employee is trained in technology security, and an entire month is to be dedicated to educating employees about security issues. The company will even award prizes to employees for participating. "We try to keep security awareness Security awareness is the knowledge and attitude members of an organization possess regarding the protection of the physical and, especially, information assets of that organization. in front of people," she said. Companies Need to Do The Following: * Identity data assets to be protected. * Conduct a risk analysis. * Develop and implement a written security program and response plan. * Test and monitor the plan to ensure it's effective. * Review, reassess reassess Verb to reconsider the value or importance of reassessment n Verb 1. reassess - revise or renew one's assessment reevaluate and adjust the plan over time in light of new threats. * Obtain an independent audit. * Enforce security on outsourcing (1) Contracting with outside consultants, software houses or service bureaus to perform systems analysis, programming and datacenter operations. Contrast with insourcing. See netsourcing, ASP, SSP and facilities management. providers as well. |
|
||||||||||||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion