Group items tagged

I. INTRODUCTION The globalization revolution is undeniably well underway. Some of the primary leaders of the revolution are the off-shoring outsourcers of the world in search of readily available talent at prices below what is available in the traditional geographical outsourcing centers. Certainly, U.S. companies seeking information technology resources--as well as those looking for human resources to support the ever-growing customer care requirements of their business--are at the forefront of the movement. Some of those companies are seeking their own solutions, but many have turned to business process outsourcing companies for assistance. Business process outsourcing is, generally speaking, the contracting of a specific business task to a third party service provider. Processes that are best suited to be outsourced are those that a company requires but does not depend upon to maintain its position in the marketplace. There are two primary categories of business process outsourcing. One category is commonly referred to as "back office outsourcing" which includes internal business functions such as billing or purchasing. The other category is commonly referred to as "front office outsourcing" which includes customer-related services such as marketing, customer contact management, and technical support. The globalization of business in general has resulted in the need for companies to be able to provide support to their customers in many different languages. At the same time, developments in technology have provided the ability for business process outsourcers to provide a cost effective global delivery platform. The convergence of the need for a portfolio of services to be sourced globally with the ability of business process outsourcers to do so on a cost effective basis has driven the outsourcers to geographic locations previously ignored by most business sectors. By many estimates, there are currently off-shore outsourcing vendors in more than 175 different

IT and business both understand the need to protect regulated customer and business data -- so long as they're in business, analysts say. Here's a look at how some folding businesses are falling short protecting data and the possible liabilities for the IT group and CIO. From HIPPA to Sarbox, a slew of regulations to protect customer and employee data force CIOs to step lively to comply. The punishment for failure to do so is costly and even dire. But once a company folds-and more are folding every week given the economy-what happens to that data? Who in the business and IT could be hit by the splatter if it all hits the fan? "Certain companies have been disposing of records containing sensitive consumer information in very questionable ways, including by leaving in bags at the curb, tossing it in public dumpsters, leaving it in vacant properties and/or leaving it behind in the offices and other facilities once they've gone out of business and left those offices," says Jacqueline Klosek, a senior counsel in Goodwin Procter's Business Law Department and a member of its Intellectual Property Group. "In addition, company computers, often containing personal data, will find their ways to the auction block," she adds. "All too often, the discarded documents and computer files will sensitive data, such as credit card numbers, social security numbers and driver's licenses numbers. This is the just the kind of data that can be used to commit identity theft." Discarded and unguarded data is now low-hanging fruit for criminal harvesters and corporate spies. "Recent client activity supports that competitors are beginning to buy up such auction devices specifically with the intention of trying to salvage the data," says James DeLuccia, author of IT Compliance & Controls. "Hard drives are being removed and sold online, or whole servers are sold via Craigslist and Ebay." In some cases, the courts insist data be sold during a bankruptcy. "Company servers, once I restore

"Consumers are often oblivious to the fact that some businesses share a great deal of their personal information with other businesses who deliver targeted behavioral advertising, says Anzen analysts Megan Brister and Jordan Prokopy. In an e-mail interview with IT Business Edge editor Lora Bentley, Brister and Prokopy say most consumers are just not aware of the business practices of companies that use personal information for profit. The Federal Trade Commission recently held meetings with consumer and privacy advocates, business and government leaders to discuss privacy, regulatory, and business issues of online behavioral advertising. It plans plan to ramp up efforts to protect consumers and possibly push for tougher legislation to protect consumers. One issue, Brister and Prokopy say, is the lack of transparency by companies that engage in behavioral advertising. These companies have been slow to adopt clear data-management policies and even when they do have policies, they are often written in language that is difficult to understand. Fortunately for consumers, some type of regulation appears to be on the way. The FTC appears eager to penalize businesses who lack transparency regardless of whether the consumer actually experienced any real negative effects as a result, Brister and Prokopy say."

"Lora Bentley spoke with Anzen analysts Megan Brister and Jordan Prokopy via e-mail regarding behavioral advertising - what companies are doing, what regulators want to do and what we, as advertising consumers, need to know. With their coworker Miyo Yamashita, the analysts recently wrote a guest opinion for IT Business Edge. Bentley: Why are so many concerned about privacy when it comes to behavioral advertising? What is it about the Internet that convinces consumers that information they share there is not being used? Brister and Prokopy: Most concerns stem from the lack of transparency around data disclosure practices. While consumers may value a Web site's product and service offerings, they are generally unaware that businesses share their information with an extensive group of other businesses in order to deliver targeted advertising. This group includes news Web sites, advertising networks, profiling services, and Web analytics providers, to name a few. As Pamela Jones Harbour, a Commissioner at the Federal Trade Commission (FTC), discussed at the FTC Roundtable earlier this week, there is an asymmetry between consumer perceptions and business realities. Once consumers are informed of businesses' data handling practices, they will want to have more control over how businesses manage their information. As we discuss in our article, some businesses engaged in online behavioral advertising have been slow to adopt transparent consumer data management policies. This is a concern particularly for vulnerable groups, such as minors or non-English speaking consumers, because they may not understand legally written policies. Consumer advocacy groups argue that without knowledge and control over the collection, use, and disclosure of data, Web sites may misuse or expose sensitive data about consumers' health, lifestyles and finances."

The global business community is faced with an unprecedented level of uncertainty and risk. Are you prepared? The BCI announces Business Continuity Awareness Week, a week-long global event that is aimed at raising awareness of business continuity, disaster recovery and resiliency around the globe and bringing to the forefront the escalating significance of Business Continuity Management (BCM) as a critical management tool for corporations and government groups of all sizes and industries. We have aligned with other industry leaders in the Business Continuity education, development and standards fields to support The Business Continuity Institute (BCI) in its production of a series of 9 FREE webinars and virtual meetings throughout the world which will include surveys, case studies, analysis processes and much more. We would strongly urge you to mark the dates on your calendar and take advantage of all of this great knowledge! Please feel free to forward this announcement to anyone that you feel would benefit from this event. For the most up to date information and event schedule please visit: www.businesscontinuityawarenessweek.org

Is your company keeping information secure? Are you taking steps to protect personal information? Safeguarding sensitive data in your files and on your computers is just plain good business. After all, if that information falls into the wrong hands, it can lead to fraud or identity theft. A sound data security plan is built on five key principles: * Take stock. Know what personal information you have in your files and on your computers. * Scale down. Keep only what you need for your business. * Lock it. Protect the information in your care. * Pitch it. Properly dispose of what you no longer need. * Plan ahead. Create a plan to respond to security incidents. To learn more about how you can implement these principles in your business, play our interactive tutorial. You'll see and hear about practical steps your business can take to protect personal information. After you experience the tutorial, we hope you'll take advantage of the other resources on this site to educate your employees, customers, and constituents. Order copies of our brochure, Protecting Personal Information: A Guide for Business, or publish an article on information security in your newsletter, magazine, or website. All of the information on this site is in the public domain; we hope you'll share it freely.

In this video, Andre Gold, vice president and CISO of MoneyGram International, will discuss the basics of disaster recovery and business continuity planning, and define several general terms associated with disaster recovery and business continuity planning to help organizations develop a more accurate understanding. The text transcript of Gold's comments is included below. Andre Gold: Over the past four to five years, I've spent a lot of time in disaster recovery and business continuity planning as part of my role as the chief risk officer as well as the CISO for a couple major organizations. During that time, in working with those firms, I've had a greater appreciation of disaster recovery and business continuity planning, and I've learned that although BCP and DR are very important to firms, when its actually time to execute upon those respected strategies, many firms fail, and they fail fundamentally because they lose sight of the core elements of disaster recovery and business continuity planning. And with that, it's those core elements that we will be discussing today.

More electronic records were exposed in 2008 than in the previous four years combined and most of those breaches -- nine out of 10 -- could have been easily avoided with basic preventative controls consistently applied. In its 2009 Verizon (NYSE: VZ) Business Data Breach Investigations Report, Verizon Business Security Solutions analyzed 90 confirmed breaches that occurred in 2008, affecting 285 million compromised records. The company's previous data breach report covered from 2004 through 2007, a period that saw 230 million compromised records. About a third of the breaches in Verizon Business' caseload have been publicly disclosed, and additional disclosures are expected before the end of the year. But many breaches will remain unreported because of the absence of any applicable disclosure requirement. Among the report's findings: 91% of all compromised records were linked to organized criminal groups; customized malware attacks doubled; and the most common attack vectors were default credentials and SQL injection. In a statement, Peter Tippett, VP of research and intelligence for Verizon Business Security Solutions, described the report as a wake-up call. Businesses need strong security and a proactive approach, he said, particularly because the economic crisis is likely to spur even greater criminal activity.

Like this http://www.hdfilmsaati.net Film,dvd,download,free download,product... ppc,adword,adsense,amazon,clickbank,osell,bookmark,dofollow,edu,gov,ads,linkwell,traffic,scor,serp,goggle,bing,yahoo.ads,ads network,ads goggle,bing,quality links,link best,ptr,cpa,bpa. www.killdo.de.gg

Promoting Privacy And Free Speech Is Good Business This Guide will help you make smart, proactive decisions about privacy and free speech so you can protect your customers' rights while bolstering the bottom line. Failing to take privacy and free speech into proper account can easily lead to negative press, government investigations and fines, costly lawsuits, and loss of customers and business partners. By making privacy and free speech a priority when developing a new product or business plan, your company can save time and money while enhancing its reputation and building customer loyalty and trust.

A majority of business executives believe that they have a right to know what their employees are doing on social-networking sites, but most workers say it's none of their bosses' business, according to a new survey by Deloitte. The survey was conducted in April with about 2,000 U.S. adults. Of the 500 respondents with managerial job titles (vice president, CIO, partner, board member, etc.), 299, or 60%, agreed that businesses have a right to know how employees portray themselves or their companies on sites like Facebook and MySpace. But 53% of employee respondents said their profiles are none of their employers' business, and 61% said that they wouldn't change what they were doing online even if their boss was monitoring their activities. That disagreement, says Sharon Allen, chairman of Deloitte's board and the sponsor of the survey, is one that companies need to address, particularly as these sites have become part of younger workers' lives. "It does, in fact, tee up the challenging debate or discussion that needs to take place to try to resolve both of their concerns," she said. Few businesses are having that conversation, according to the survey, though many executives indicated that it was on their minds. When asked what their company's policy was regarding social-networking use, roughly a quarter (26%) of employees said they knew of specific guidelines as to what they could and couldn't post. Similar numbers said their office didn't have a policy or they didn't know if their company had a policy - 23% and 24%, respectively.

Should individual states mandate that businesses comply with the Payment Card Industry's Data Security Standard (PCI DSS)? The answer is "yes," according to Nevada, which has passed a new law that, as of next year, requires businesses to comply with PCI when collecting or transmitting payment card information. Nevada is the first state to mandate full PCI compliance for businesses. Minnesota in 2007 incorporated only a portion of PCI in its Plastic Card Security Law. According to Nevada's new law, if a data collector doing business in that state accepts a payment card in connection with a sale of goods or services, the data collector shall comply with the current version of PCI DSS, as adopted by the PCI Security Standards Council or its successor organization, with respect to those transactions, not later than the date for compliance set forth in the Payment Card Industry (PCI) Data Security Standard or by the PCI Security Standards Council or its successor organization. Is it a Game-Changer? As states rush to adopt or strengthen privacy legislation, Nevada's move is seen by some observers as a potential "game-changer." But they question whether states should be in the business of mandating compliance with an industry standard.

Mixed receptionThe state hopes changes to Massachusetts' data privacy regulation plan will calm business community fears over the cost of the new controls, but watchers of the process say the government may have made things worse. One thing seems certain: the recent changes aren't likely to be the last word on regulating sensitive data in the Bay State. The regulations mandate all "personal information" belonging to Massachusetts residents be encrypted whenever it is stored on portable devices, transmitted wirelessly or shared on public networks. Changes enacted just in time to beat a deadline of Thursday, Feb. 12, pushed the effective date back eight months, from May 1 to Jan. 1, 2010. They also removed a requirement that businesses certify third-party vendors' compliance. The latter move was aimed to address an issue raised in a public hearing with business leaders held Jan. 15 at the State House. The change was designed to make the third-party regulations more adaptable to companies of various sizes and business models, said Massachusetts Consumer Affairs undersecretary Daniel Crane.

For most insurers, business intelligence means point solutions at best. But those carriers that weave analytics into the fabric of their organizations are equipped to drive more precision in pricing and greater profitability to the bottom line. For businesses that run on the analysis of information, insurers have proven notably reluctant to apply business intelligence (BI) and analytic technologies to risk management at both the corporate strategic level and in the front lines of underwriting. For a variety of reasons, enterprise risk management (ERM) solutions have been talked about far more than implemented, and BI and predictive analytics generally have been applied haphazardly or piecemeal, if at all. The financial crisis, however, has heightened interest in risk management technologies, owing to senior executives' fears of disastrous overexposure to risk. Their concerns are legitimate, but for insurance more than any other financial services sector, risk also is opportunity, and BI should be utilized more as a competitive weapon than a defensive shield. As insurance has become commoditized and investment returns have become less reliable, carriers' ability to more precisely analyze and underwrite risks can be a key source of competitive differentiation.

Stay Online on the world wide web online roulette from Contemporary sydney, Fun and Free! Now you is capable of doing Actual "www.funlivecasino.com.au" Stay Online on the world wide web online roulette for Fun in Contemporary sydney on a product new web page, FunLiveCasino.com.au. Using the newest on the world wide web operating technology, Fun Stay Gambling house allows you be a part of a genuine action occurring on a genuine desk in a genuine betting house, all approved on Live! You can see other real gamers in the betting house betting on the same outcomes you do providing you greatest believe in in the outcomes as they are not designed 'just for you a, like other action experiencing items such as 'live studios' or pc designed actions. Its awesome to think next time your really in the betting house that you might be on digicam, and individuals on the world wide web might be watching! The long run is scary! Believe one day soon this will be the only way individuals would bet on the world wide web because the worldwide web is complete of fraudsters, you have to be extremely cautious, and why would you perform Online Online on the world wide web online roulette any other way except from a Actual Gambling house you can check out, see, pay attention to and trust! Amazingly this site is absolutely 100 % 100 % 100 % free and has no determining upon up process, no junk, no pc rabbit mouse mouse clicks and no pressure. Just Immediate Fun "www.funlivecasino.com.au" 100 % 100 % 100 % free Stay Roulette! Give it a try, its value verifying out! "www.funlivecasino.com.au"Australia's Online Fun Stay Casino! Backlinks designed from http://fiverr.com/radjaseotea/making-best-156654-backlink-high-pr

A top lawyer for P&G called upon industry execs to work harder than ever to defend self-regulation of the ad business at a gathering of top advertisers today. Speaking about the tough economic environment and increased government involvement in business affairs, Deborah Platt Majoras, VP-general counsel at P&G, said the ad business has to tout that it has been responsible and doesn't need additional oversight. The current business environment -- one in which market failures have prompted government bailouts and heightened government oversight -- is leading to a more skeptical outlook from policymakers about self-regulation. ' "The road ahead is not going to be easy, but we are not helpless," said Ms. Majoras, who, prior to joining P&G served as chairman of the Federal Trade Commission from 2004 to 2008. "The industry has been far more responsible than we get credit for. It's time that we backed up rhetoric with facts," she said.

IT security typically has been deemed one of those services best provided in-house. But the stigma attached to outsourcing security and Security as a Service -- namely that an outsider does not know your company well enough to protect it -- may be falling away, as businesses look for more ways to cut costs. Certainly, some heavy-hitter providers believe attitudes are changing. This month, McAfee Inc. announced its new SaaS Security Business Unit. Headed by former Hewlett-Packard Co. SaaS executive Marc Olesen, the unit will oversee all McAfee products delivered over the Internet, including security scanning services, Web and email security services and remote managed host-based security software and hardware. Meanwhile, last April, IBM launched some hosted and managed services that it says help midsized businesses better manage risk and improve the security of their IT systems, all while offering cost savings over traditional products. Indeed, much of IBM's security strategy during the next 24 months will focus on moving security technologies into the cloud and expanding its managed services offerings, said Jason Hilling, an enterprise services business line executive with IBM Internet Security Systems. That includes providing some hosted implementations of technologies that once were located only at the customer premises. "Because the economy is struggling, I think there will be enough excitement in the marketplace over the cost benefits of Security as a Service that we are going to see a much higher degree of willingness to look at it as a real viable option," Hilling said. Hilling contended that a midmarket company with between 500 and 700 employees can realize costs savings from 35% to upwards of 60% by doing security as a managed service. Savings diminish as the deployment gets larger and more complicated, and the costs of managed services escalate. Yet outsourcing security is not just about cost. The world is becoming very hostile, said Sadik Al-Abdulla,

From the Heartland data breach to the new Massachusetts data protection law, privacy is the hot topic in business and government. In an exclusive interview, Peter Kosmala, assistant director of the International Association of Privacy Professionals (IAPP), discusses: The top privacy topics in business and government; How organizations are tackling these issues; The potential impact of state and federal privacy legislation; The value of the Certified Information Privacy Professional (CIPP) credential. Kosmala oversees product management for the IAPP with specific oversight of distance learning products, privacy certifications and industry awards programs. He also manages business development efforts between the IAPP and peer organizations in the information security, information auditing and legal compliance arenas as well as organizations based in the Asia-Pacific region. The IAPP, based in York, Maine, was founded in 2000 with a mission to define, promote and improve the privacy profession globally. Kosmala oversees product management for the IAPP with specific oversight of distance learning products, privacy certifications and industry awards programs. He also manages business development efforts between the IAPP and peer organizations in the information security, information auditing and legal compliance arenas as well as organizations based in the Asia-Pacific region. The IAPP, based in York, Maine, was founded in 2000 with a mission to define, promote and improve the privacy profession globally.

On September 12, 2009, Maine's Act to Prevent Predatory Marketing Practices Against Minors (the "Act") will take effect. The Act prohibits businesses from knowingly collecting or receiving a minor's health-related information or personal information for marketing purposes without first obtaining verifiable parental consent. Businesses are also prohibited from using any health-related information or personal information regarding a minor for the purpose of marketing a product or service to the minor. Pursuant to the Act, the use of information in such a manner is a predatory marketing practice, which may be sanctioned as an unfair trade practice. The law also allows individuals subject to unlawful data collection or predatory marketing practices to bring a private right of action against violators. For businesses, the implications of Maine's new data collection and marketing restrictions are far-reaching. The scope of the law covers both online and off-line marketing activities, and the broad definition of personal information includes a minor's name in combination with any information concerning the minor. In light of the Act's restrictive requirements and considerable scope, businesses would be well-advised to evaluate their current marketing practices and age verification mechanisms. The text of the law is available here.

The federal GLBA, HIPAA, FACTA and its Red Flags and Disposal Rules, state data Breach Notification Laws and many other federal and state laws and industry regulations like PCI-DSS are intended to protect the privacy and security of consumer's personally identifiable and financial information entrusted to businesses and other organizations. Many suchidentity theft, id theft, government security, government privacy regulations aim to prevent identity theft and privacy violations. While some businesses have been negligent in securing information, other businesses have been victimized by black hat hackers or "crackers" who operate ahead of the cybersecurity technology curve. Cybersecurity is an ongoing challenge for businesses and for government as discussed in the President's Cyberspace Policy Review. In the four-year period ending in 2008, 23% of all data breaches reported were attributed to hackers. For those data breaches involving more than one million profiles, hacking was identified as the cause in 66% of the breaches according to a recent research report on data breach risk factors.

"Disaster recovery and business continuity planning are processes that help organizations prepare for disruptive events-whether an event might be a hurricane or simply a power outage caused by a backhoe in the parking lot. Management's involvement in this process can range from overseeing the plan, to providing input and support, to putting the plan into action during an emergency. This primer (compiled from articles in CSO magazine) explains the basic concepts of business continuity planning and also directs you to more CSO magazine resources on the topic."

"Sun Microsystems, Inc. and Deloitte today announced a collaborative initiative to help companies develop efficient, cost-effective and sustainable technology and business processes to address their unique regulatory compliance and technology governance challenges. As part of this initiative, Sun and Deloitte today announced their plans for the Center for Technology Governance and Compliance (CTGC), which combines Deloitte's consulting and advisory services with Sun's IT management solutions and services, including its Information Lifecycle Management (ILM) and Identity Management technology portfolios. Access to the professionals and services within the CTGC is available through Sun Solution Centers. To learn more, please visit http://www.sun.com/compliance or http://www.deloitte.com/ . As a worldwide leader in network computing systems, Sun provides scalable solutions designed to protect and manage business-critical information through its lifecycle. The combination of Deloitte and Sun brings together complementary competencies to deliver a business-driven, technology-enabled framework for creating and implementing technology governance and compliance strategies and programs."