If the Feds Came Knocking, What Level of Security Would They Find on Your Mainframe?

Hi everyone,

It may have taken several high-profile data breaches (the IRS and Anthem, to name a couple) but the United States government is starting to wake up to the fact that something more needs to be done about companies that don’t put the proper security measures in place to protect their customers’ sensitive data. After all, these companies are betraying millions of Americans’ trust.

And it’s worse than just broken trust—in some cases it’s an issue of national security. Ray Blanco of the Daily Reckoning recently commented about the hack of the U.S. government’s Office of Personnel Management’s employee database: “Questionnaires for national security positions may have been purloined,” Blanco wrote. “Prospective applicants are required to put some very private personal information in these forms. The attack raises the question of whether or not civil servants in some of the most sensitive national security jobs might now be subject to blackmailing.”

Change is in the air. A U.S. appellate court recently ruled that the Federal Trade Commission can legally take action against any organization that they deem is not taking reasonable measures to protect their customers’ data. When a company’s privacy policy promises to protect a customer’s personal information and then doesn’t back up that claim with solid security measures and the data is breached, the FTC can take legal action against that company. This ruling, along with sweeping legislation in the European Union concerning customer privacy, suggests to many experts—myself included—that more widespread, tougher federal regulations are on the horizon.

Would your company’s mainframe data security hold up under such scrutiny? Be prepared. InfoSec offers resources like our Mainframe Auditor Practice for Security & Compliance Standards (MAP/SCS), which provides InfoSec consulting assistance and expertise to evaluate your state of preparedness.

Contact InfoSec today to find out how our team of experienced security consultants can help you choose the right product and service to ensure your compliance and protect your most important asset—your customers’ trust.

Until next time…