Pages

Saturday, February 2, 2013

Computer and Network Security: Addressing Privacy Concerns

Computer and network security have become increasingly important across all industries. From protecting corporate networks from malware, hackers, and denial of service attacks to securing government networks from cyber espionage and cyber terrorism, modern network administrators and Windows Server security specialists are tasked with an important, ever-evolving challenge. In addition to securing computers, servers, and networks from threats in order to protect data and as a matter of national security, computer and network security must also protect the privacy of employees, customers, legal clients, patients, and others whose personal information is stored within an entity's servers.

For example, health plans, health plan clearinghouses, healthcare providers, business associates, and other covered entities must comply with the Health Insurance Portability and Accountability Act's (HIPAA's) Security Rule and Privacy Rule. These rules are in place to protect patients' "protected health information" (PHI) which is defined as "individually identifiable health information." When a covered entity transmits PHI electronically (such as via fax, email, or file upload), it must do so in compliance with HIPAA. Though the HIPAA Security Rule doesn't necessarily specify which Windows Server security product should be used, it does provide national standards to protect PHI and requires appropriate safeguards to ensure that the security, integrity, and confidentiality of PHI is protected.


Computer and network security is also a concern for financial institutions, retailers, and even law firms. Obviously, banks should have strong safeguards in place to ensure that only authorized account holders have access to bank accounts; however, privacy is also expected by consumers who place their assets and their trust in these institutions.

Retailers have an obligation to safeguard credit card transactions both at the point of sale as well as long after. For example, there have been numerous security breaches where hackers have infiltrated commercial databases and accessed hundreds of thousands of stored customer records. These records can contain everything from name, phone number, and address to login credentials, credit card numbers, and Social Security numbers.

Law firms have an obligation to protect the confidentiality and privacy of their clients, making computer and network security a must in any law firm. Those handling high profile cases or representing celebrity clients could even be at risk for targeting by hackers.

Computer and network security is an industry in its own right with information security professionals who specialize in securing computers and networks of all sizes. The size of the network, the organization type, the nature of data stored, level of risk, and applicable regulations influence the Windows Server security approach. In general, any computer that accesses an external source should be secured against threats such as computer viruses, malware, and intrusions. The complexity of computer and network security increases with the complexity of the organization.

In addition to basic computer and network security solutions such as Windows Server security software, firewalls, and intrusion detection systems, security awareness training is a must as is a comprehensive mobile device security policy. A single inadvertent click on a phishing email or a lost laptop can make even the most secure system vulnerable and confidential data could be severely compromised.

Computer and network security and privacy go hand-in-hand. Patch the holes in your security system and protect your own confidential data as well as the private information your customers and patients have entrusted you with.



No comments:

Post a Comment