An EU General Data Protection Regulation enforcement action against a hospital in Portugal demonstrates complying with GDPR may be even tougher than complying with HIPAA. Regulatory experts analyze the implications of the case.
Leading the latest edition of the ISMG Security Report: Microsoft's Joram Borenstein highlights his top three areas of focus for 2019. Plus, Randy Vanderhoof of the US Payments Forum on securing card transactions in the coming year.
As India's Parliament prepares to finalize a privacy and data protection law in the weeks ahead, there's still no consensus among security practitioners about what approach the legislation should take. But the government should ensure all companies comply with clearly defined standards - or face punishment.
Multifactor authentication and privilege-based controls are among the forms of identity and access management that can help security leaders address key vulnerabilities in their organizations, says Charanjit Singh Sodhi of Normura Wholesale, who offers advice.
As enterprises improve defense of their networks and data centers, cybercriminals increasingly are shifting their efforts to targeting privileged credentials. It's time, then, to take an identity-centric approach to security, says Aneesh Dhawan of Microsoft.
Uber has been slammed with $1.2 million in fines by U.K. and Dutch privacy regulators for its cover-up of a 2016 data breach for more than a year. The breach exposed millions of drivers' and users' personal details to attackers, whom Uber paid $100,000 in hush money and for a promise to delete the stolen data.
In an interview, Rohas Nagpal, a chief architect at Primechain Technologies, describes how blockchain can be used for authentication and pinpoints areas where blockchain is not the ideal technology. He'll be a featured speaker at ISMG's Security Summit in Mumbai Thursday.
Identity and access management is not about compliance anymore - It's really about security, says Gartner's Felix Gaehtgens. With cloud, virtualization, DevOps and other IT trends, IAM has evolved from being a one-off project to an ongoing initiative.
A user identity management system can help improve visibility of data residing in the cloud and improve security, says Deepen Desai, a vice president at Zscaler, a cloud-based information security company.
Privacy and security practitioners wonder if Aadhaar data collected by private firms can actually be deleted in the next six months as directed by the Supreme Court of India, which recently determined that it's unconstitutional for companies to collect or ask for Aadhaar data from consumers.
Step away from the social media single sign-on services, cybersecurity experts say, citing numerous privacy and security risks. Instead, they recommend that everyone use password managers to create unique and complex passwords for every site, service or app they use.