Insights

Security Regulations

Towerwall has compiled summaries of key regulations in a variety of vertical markets, which helps a company establish and implement an information security policy.

Establish a Security Policy with These Security Regulations:

HIPAA

+ Learn More

(HIPAA) is a law that was in 1996 to provide better access to health insurance and make sure that a patient’s health information is protected and remains private. There are standards to this bill: electronic health standards, unique identifiers for employers and employees, security standards regarding their signature and privacy and confidentiality standard.

FISMA

+ Learn More

A federal act to promote the development of key security standards and guidelines to support the implementation and compliance with the Federal Information Security Management Act.

Information Technology – ISO 27002

+ Learn More

This code was established in 2005 to establish guidelines and general principles for initiating, implementing, maintaining and improving security management in an organization. These objectives are the commonly accepted goals of information security management.

Financial Services, The Graham-Leach-Bliley Act of 2001

+ Learn More

(GLBA) is an act which protects consumers’ personal financial information held by financial institutions. IT security has to comply with this regulation.

NIST 800-3

+ Learn More

These are special publications from the National Institute of Standards and Technology which were established in 1990 to provide a separate identity for information technology security publications. These 800 series reports on ITL’s research, guidelines, and outreach efforts in computer security and its collaborative activities with industry, government and academic organizations.

COBIT

+ Learn More

The Control Objectives for Information and related Technology (COBIT) is a set of best practices (framework) for information technology (IT) management created by the Information Systems Audit and Control Association (ISACA) and the IT Governance Institute (ITGI) in 1992. COBIT provides managers, auditors and IT users with a set of generally accepted measures, indicators, processes and best practices to assist them in maximizing the benefits derived through the use of information technology and developing appropriate IT governance and control in a company.

SOX

+ Learn More

The Sarbanes Oxley Act of 2002 , also known as the Public Company Accounti8ng Reform and Investor Protection Act, commonly called Sox is a federal law enacted after a number of major corporate and accounting scandals of major public companies. Named after Senator Sarbanes and Rep. Oxley, the law establishes standards of public account8ing which all public companies must adhere to.

PCI

+ Learn More

This is the standard from the Payment Card Industry (debit, credit card, pre-paid, e-purse, ATM and POS cards) Security Standards Council, developed to ensure consistent financial data security standards.