Researchers explore adapting geolocation technology to identify where data reside on the cloud so organizations can comply with IT security laws and regulations, RSA Chief Technology Officer Bret Hartman says.
From the White House to the State House, here are the 10 most important happenings in government IT security in 2010. Not everything promised at the beginning of the year came about as some had hoped. So, what else is new in government?
The National Institute of Standards and Technology issues two special publications: SP 800-119, Guidelines for the Secure Deployment of IPv6 and SP 800-135, Recommendation for Application-Specific Key Derivation Functions.
"The environment that started by supporting whistleblowers ... is essentially morphing into 'Gee, we as an organization need to be completely transparent, whether we want to or not,'" says Cal Slemp, managing director of Protiviti.
"Managing risk with regard to information systems and security sometimes doesn't go to the highest levels and that's why the risk framework is a way to get senior leaders involved early in the process," NIST senior computer scientist Ron Ross says.
The innocent use for three years of a Yahoo calendar application exposed personally identifiable information of 878 patients at the Department of Veterans Affairs' Chicago Healthcare Systems, a violation of VA policy.