ビットコインについては日系金融機関の会議でも講演を予定しています。
As we wrote last week, data security breach is continuing to be a major problem for businesses large and small. Data breaches result in loss of consumer/customer. According to a poll by Consumer & Communication Industry Association released in December 2013, consumers are most concerned with the security of the personal information they provide to various businesses and will modify their actions to protect their information.
States prosecute businesses that fail to notify the affected individuals or notify them in time. In California and in New York, businesses are required to notify affected individuals "in the most expedient time possible." Last week, California's Attorney General filed a suit against Kaiser Foundation Health Plan, Inc. for failure to notify the affected individuals in time for a breach that occurred in 2011. The U.S. Senate is working on a breach notification law that will most likely replace Many class action lawsuits have been filed against businesses whose systems were breached. Within hours of reporting the December 2013 data breach, a lawsuit was filed against Target. While outsiders cause the majority of the havoc, insiders, such as employees and contractors cause a noticeable number of breaches.
How do you protect your business? Preparation, Prevention and Prompt Action.
-Encrypt the data you maintain on your system.
-Allow access to limited number of employees/contractors.
-Provide training about the negative consequences of unauthorized use of the data to your employees.
-Respond to any suspension of data breach -deal with them, they will not go away.
-Understand your legal obligations in case of breach.
Security breaches also affect small to midsize entities. In 2011, hackers obtained customer credit card information (which was not encrypted) from the Briar Group that owns and operates about 10 restaurants in Massachusetts. Because of its failure to encrypt the information, the Briar Group paid $110,000 in penalty and agreed to implement certain procedures to safeguard personal information. Incidentally, the Briar Group was hacked again last October. Whether it is found to be responsible in anyway remains to be seen.
So, what should businesses know to protect themselves to the extent possible? First, you should know the security breach laws that apply. Second, you should fully understand the environment where you maintain your customers' data and which of your service providers has access to this environment. Third, you should work with your legal and IT team to implement policies and procedures to protect you as best as possible. In addition, you should protect yourself in contracts with third party service providers. Damage control in case of security breach should start today and not when there is a breach -- by then it is too late.
内容はソーシャル・ネットワークによる会社への中傷行為と労働者の組合活動の権利とを米国でどのように折り合いをつけているか、というものです。米国でビジネスを行う日系企業にとっては有益な情報だと思いますので、是非お読みください。
- 2014年2月 (3)
- 2014年1月 (1)
- 2013年11月 (1)
- 2013年3月 (1)
- 2013年1月 (2)
- 2012年10月 (1)
- 2012年5月 (6)
- 2012年4月 (2)
- 2012年3月 (1)
- 2012年1月 (2)
- 2011年12月 (1)
- 2011年11月 (1)
- 2011年8月 (1)
- 2011年6月 (1)
- 2011年3月 (1)
- 2010年7月 (4)
- 2009年8月 (1)
- 2009年7月 (1)
- 2009年5月 (1)
- 2009年4月 (1)
- 2009年3月 (1)
- 2009年2月 (2)
- 2009年1月 (1)
- 2008年12月 (1)
- 2008年9月 (1)