The requirement to protect stored-data permeates local, national, and international privacy and data protection legislation and regulations. Corporate councils and compliance officers need to become aware of these requirements and react accordingly. Severe fines, in addition to public embarrassment and loss of trust, have been quite visible in the public literature (see Threat Landscape).
To prepare your corporation for what is needed, first consider this :
- Data-at-rest protection mandated requirements
- Breach notification with encryption safe harbor
- Penalties re: data breach
- Breach statistics
- Risk assessment of deployed IT infrastructure (w/SEDs), including security Best Practices deployed by IT
- Contingency planning
The Drive Trust Alliance offers a complete set of services to help you navigate these issues.