FISMA assigns responsibility to various agencies to ensure the security of data in the federal government, it requires annual reviews of information security programs to keep risks below specified levels.
Thales can help prepare federal agencies and their suppliers to meet these FISMA compliance regulations through:
According to TechTarget’s SearchSecurity website:
FISMA compliance requires program officials, and the head of each agency, to conduct annual reviews of information security programs, with the intent of keeping risks at or below specified acceptable levels in a cost-effective, timely and efficient manner. The National Institute of Standards and Technology (NIST) outlines nine steps toward compliance with FISMA compliance:
Core Thales capabilities that help meet FISMA compliance standards include:
In addition to helping you comply with FISMA; NIST 800-53, Revision 4; FIPS 140-2; FIPS 199; FIPS 200 and FedRAMP, Thales solutions are designed to help you comply with:
The Vormetric Data Security Platform from Thales is the only solution with a single extensible framework for protecting data-at-rest under the diverse requirements of Federal Agencies across the broadest range of OS platforms, databases, cloud environments and big data implementations. The result is low total cost of ownership, as well as simple, efficient deployment and operation.
Vormetric Transparent Encryption from Thales provides file and volume level data-at-rest encryption, secure key management and access controls required by regulation and compliance regimes.
Vormetric Key Management from Thales enables centralized management of encryption keys for other environments and devices including KMIP compatible hardware, Oracle and SQL Server TDE master keys and digital certificates.
Vormetric Security Intelligence from Thales provides another level of protection from malicious insiders, privileged users, APTs and other attacks that compromise data by delivering the access pattern information that can identify an incident in progress.
Vormetric Application Encryption enables agencies to easily build encryption capabilities into internal applications at the field and column level.
Vormetric Tokenization with Dynamic Masking from Thales lets administrators establish policies to return an entire field tokenized or dynamically mask parts of a field. With the solution’s format-preserving tokenization capabilities, you can restrict access to sensitive assets, yet at the same time, format the protected data in a way that enables many users to do their jobs.
Die DSGVO ist vielleicht die bisher umfassendste Datenschutznorm und betrifft jede Organsation, die personenbezogene Daten von EU-Bürgern verarbeitet - unabhängig davon, wo die Organisation ihren Sitz hat.
Jede Organisation, die eine Rolle bei der Verarbeitung von Kredit- und Debitkartenzahlungen spielt, muss die strengen PCI-DSS-Anforderungen für die Verarbeitung, Speicherung und Übermittlung von Konteninformationen erfüllen.
Vorschriften zur Benachrichtigung bei Datenschutzverletzungen nach dem Verlust personenbezogener Daten wurden von Ländern rund um den Globus erlassen. Sie variieren je nach Gerichtsbarkeit, enthalten aber fast immer eine "Safe-Harbour"-Klausel.