Monitored network for security breaches, recommended software such as firewalls and
data encryption programs, and conducted simulated attacks to identify vulnerabilities before they could be exploited.
They need to be comfortable installing and using software designed to protect information, such as firewalls and
data encryption programs.
Not exact matches
Protection should comprise anti-malware and / or whitelisting software as well as establishing secure policies such as not allowing
programs to auto - instal, blocking ports, web filtering, share access restrictions, and
encryption of
data.
Vendors should be required to use technical, administrative and physical safeguards to protect the
data, including tracking
data access and use, firewalls, antimalware
programs, individual user accounts, regularly updated passwords and
encryption.
In a recent survey of 500 information technology and
data security workers, 40 percent said they could easily use their knowledge of
encryption keys, shared passwords, weak controls and loopholes in
data security
programs to make off with information, or hold their organization's
data hostage.
Data classification and retention
programs are in place and applied
encryption techniques are used.
But the problem for the government is that use of e2e
encryption has been growing in recent years as awareness of both privacy risks and cyber security threats have stepped up, thanks to
data breach scandal after
data breach scandal, as well as revelations of the extent of government agencies» surveillance
programs following the 2013 Snowden disclosures.