Friday, September 27, 2019

Secure Computer Systems Essay Example | Topics and Well Written Essays - 1500 words

Secure Computer Systems - Essay Example The press release from OCABR made it amply clear that the new amendments are to be applicable to all the big and small businesses that possess or have licensed personal information of any resident of Massachusetts (Mondaq Business Briefing, 2009). The primary purpose of these amendments is to upgrade the existing data security standards, while taking into cognizance the emerging risks to data, to bring them in consonance with the Federal Trade Commission's Safeguard Rule (Mondaq Business Briefing, 2009). This risk-based approach to data security takes into consideration the overall size and potential of a business, resources accessible to a business, the nature and the magnitude of data collected by or in the possession of a business and an appraisal of the requisite security needs to implement a worthy information security program (Mondaq Business Review, 2009). As per the OCABR, the compliance to security standards to any business is not to be standardized, but is to be accessed on the basis of the data risks inherent in a business (Mondaq Business Review, 2009). The hallmark of these statutory regulations is that they do acknowledge that the choice or application of any data security and privacy program cannot be standardized for each business (Kairab, 2004). Hence, the lawmakers are aware of the glaring reality that every business is unique so far as its needs for consumer information and data is concerned and thus the businesses should be left free to decide as to what kind of data security program and guidelines they need to put in place. Even if the governments do not interfere into the arena of data security, the consumers today are more then concerned about the sanctity of their personal data. Thus, the purpose of any statutory arrangements should be more in the nature of the guidelines and awareness drives, whose purpose should be to sensitize the individuals and businesses as to the possible threats to data and the consequences and repercussions of any instance of data theft or loss (Matsura, 2001). The thrust of any government activism ought to be on the corporate and consumer education and not regulation. Aware corporations will certainly take the appropriate steps to retain competitiveness, while well-informed consumers will naturally gravitate towards businesses that they can trust with their personal information and data. A state policing of the corporate compliance to data security is not only pragmatically impossible, but also oblivious of the essential principles governing free markets. Total Words: 525Works Cited Kairab, Sudhanshu (2004). A Practical Guide to Security Assessments. NewYork: Auerbach Publications. "Privacy and Security Alert: Analysis of Amendments to Massachusetts DataSecurity Regulations". Mondaq Business Briefing. Mondaq Ltd. 2009.Retrieved Sept. 20, 2009, from HighBeam Research: http://www .highbeam.com Matsura (2001). Security, Rights, and Liabilities in E-Commerce. Toronto: Artech House Publishers.

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.