What are your regulatory compliance requirements for email security?

Before deploying an email security project, you must ask your client the right questions. Find out why it's important to know your clients' regulatory compliance requirements before implementing email security.

The federal government has gotten more and more involved in the regulation of information security in a variety

of industries. If you provide any services in a regulated industry, you could be responsible for meeting security requirements, including email security. Healthcare is defined by the HIPAA security rules. Educational institutions are governed by FERPA. Institutions that conduct financial transactions could fall under one or more sets of requirements, including PCI if you accept credit card data.

About the author
 Russ Rogers is an information security expert and author of Nessus Network Auditing, 2nd Edition. Russ is currently a penetration tester for the federal government. Listen to Russ's supplemental podcast on email security.

You need to understand what your responsibilities are regarding protection such as email security, so appropriate steps can be taken to ensure that protection exists. No one wants expensive fines from government agencies, but the costs of lawsuits, bad press or loss of client confidence could potentially be the final nail in the coffin for your business.

This was first published in April 2008

Dig deeper on Application security and data protection

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

MicroscopeUK

SearchCloudProvider

SearchSecurity

SearchStorage

SearchNetworking

SearchCloudComputing

SearchConsumerization

SearchDataManagement

SearchBusinessAnalytics

Close