|
PCI DSS Positioning
Introduction - Why should we care about protecting data in the first place?
Over the past five years there have been no shortages of data breaches in Europe or in the US. The UK has been badly hit with a string of multiple data leakage issues involving major financial institutions and government departments such as HM Customs ending up with losing two unencrypted disks containing details of 25m citizens. The UK data Protection Act 998 includes 8 principles which are aimed, amongst other objectives, at ensuring that sensitive information held by businesses and government on their customers/citizens is obtained fairly, for clear purposes only, maintained up to date, maintained securely and is not provided to the third parties if the data owner has not agreed to it and that data is not transferred outside the EU unless the country receiving the information has at least the same level of data protection as in The E.U. It is also worth noting that the recent changes to the UK Data Protection Act empower the Information Commissioner to impose fines of up to 500,000.00 Pounds and whilst he has indicated that fines would take into account the size of the organization breached and the type of breach, SMEs can expect a steep rise in the average fine such that ICO fines will impact their P & L.
 Click Here to read the complete Whitepaper...
|
|
