Governance, compliance and Privacy

Author

Marcia Kaufma, COO and Principal Analyst

Sponsored by Voltage Security

Many data breaches occur at companies that already have a data security policy in place. While some of the millions of stolen credit card numbers have been easily lifted from unsuspecting companies with unprotected data, an increasing number of companies implement data security technology and find they are still at risk. These companies understand how important it is to keep their data assets safe from unlawful and malicious intrusion. As a result, they have a strategy for protecting their physical and digital perimeters. However, their data protection strategy is flawed. What is the problem and why do you need to make it a top priority to evaluate your current data security strategy? Typically, intrusion detection and other technologies designed to keep intruders out of your system are built to protect against previously known hacking strategies. This approach exposes your IT systems to great risk as new methods of intrusion are constantly being devised.

This paper will provides an overview of the evolving approaches hackers use to steal private data and describe the key requirements for protecting corporate data assets with a data-centric encryption strategy.

Authors

Judith Huwitz, CEO

Marcia Kaufman, COO and Principal Analyst

Sponsored by IBM

As SOA takes hold in companies, IT is charged with creating and managing business services.

There is a major transition underway in terms of how organizations view their information technology platforms. Indeed, since more aspects of the business have been automated over the past decade, organizations have realized that these applications and technology enablers are a key business asset. One of the reasons that IT is emerging as a potent enabler of business flexibility is the advent of Service Oriented Architectures. With Service Oriented Architectures (SOAs) organizations are able to codify key business rules and processes as business services that support organizational objectives. In brief, a Service Oriented Architecture is software architecture for building applications that implement business processes or services as a set of loosely coupled blackbox components orchestrated to deliver a well-defined level of service.

Authors

Robin Bloor, Partner
Dr. Fern Halper, Partner

Sponsored by IBM

The sharing of personal data in this secure way is of particular use in situations where the data being shared is highly sensitive.
All organizations hold and use information about people. These people may be customers, employees, contractors, agents, suppliers, or contacts. The information that is held is gradually accumulated over time. Some of it may have been acquired through agencies or via indirect sources of data. Some of the information may have been provided on an as-needed basis by ad-hoc information sources.
Unfortunately, such information can be and often is inaccurate in many different ways and this lack of accuracy creates a need for Identity Resolution. Identity Resolution technology is software that applies a set of logical rules to information about people in order to increase accuracy and reduce the possibility of misidentification. Misidentification can, of course, have a large impact in specific areas such as money laundering and fraudulent claims as well as an across the board impact in corporate functions such as marketing.