Security Standards & Least Privilege Security Standards Essay

Open, View, and/or
Download this Document

Total Length: 667 words ( 2 double-spaced pages)

Total Sources: 4

Page 1 of 2

Security Standards & Least Privilege

Security Standards and Legislative Mandates

Industries are required by law to follow regulations to protect the privacy of information, do risk assessments, and set policies for internal control measures. Among these polices are: SOX, HIPAA, PCI DSS, and GLBA. Each of these regulations implements internal control of personal information for different industries. Where GLBA is for the way information is shared, all of them are for the safeguard of sensitive personal information.

Sarbanes-Oxley Act of 2002 (SOX) created new standards for corporate accountability in reporting responsibilities, accuracy of financial statements, interaction with auditors, and internal controls and procedures (Sarbanes-Oxley Essential Information). When audits are done to verify the validity of the financial statements, auditors must also verify the adequacy of the internal control and procedures. The Health Insurance Portability and Accountability Act (HIPAA) is designed to protect personal health information held by covered entities and gives patients' rights with respect to that information (Understanding Health Information Privacy). The Privacy Rule is balanced permitting disclosure of personal information need for patient care and other important purposes.

Stuck Writing Your "Security Standards & Least Privilege Security Standards" Essay?

View All Our Example Security Standards & Least Privilege Security Standards Essay

Have A Custom Example Essay Written

The Gramm Leach Bliley Act regulates financial institutions to explain how information is shared and requires the safeguarding of sensitive information (Gramm Leach Bliley Act). Payment Card Industry's Data Security Standard (PCI DSS) protects privacy rights and requires encryption of credit and debit cards for purchases (Brenner, 2007).

Regardless of the industry, safeguarding sensitive information for employees, customers, and financial data is required to be safeguarded by at least one regulation. That means that information systems are required to do risk assessments on an ongoing basis and risk management is responsible for internal controls and procedures.

Principles of Least Privilege

The principle of least privilege is the practice of limiting access to the minimal level that will allow normal functioning (principle of least privilege (POLP)). This means that the lowest levels of user rights are given based on what is needed to perform the job. Some operating systems have least privilege built in.….....

Show More ⇣

     Open the full completed essay and source list


OR

     Order a one-of-a-kind custom essay on this topic


sample essay writing service

Cite This Resource:

Latest APA Format (6th edition)

Copy Reference
"Security Standards & Least Privilege Security Standards" (2012, July 25) Retrieved May 31, 2024, from
https://www.aceyourpaper.com/essays/security-standards-least-privilege-security-81328

Latest MLA Format (8th edition)

Copy Reference
"Security Standards & Least Privilege Security Standards" 25 July 2012. Web.31 May. 2024. <
https://www.aceyourpaper.com/essays/security-standards-least-privilege-security-81328>

Latest Chicago Format (16th edition)

Copy Reference
"Security Standards & Least Privilege Security Standards", 25 July 2012, Accessed.31 May. 2024,
https://www.aceyourpaper.com/essays/security-standards-least-privilege-security-81328
   

Open, View, and/or
Download this Document
order custom essay example