Ingrian Solutions Play Key Role in Addressing New 2005 Privacy Legislation and Security Mandates

The most recent piece of legislation affecting many U.S. enterprises is California’s General Security Standard for Businesses, Assembly Bill 1950, which took effect on January 1, 2005. This rule requires organizations that manage personal information to implement security procedures to safeguard that data. This law defines data that must be protected to include the combination of name and such information as credit card or debit card numbers, social security numbers, account numbers, driver’s license numbers, and other records. AB 1950 states that business managing that information must “implement and maintain reasonable security procedures and practices” in order to protect that data. Because it affects any company that stores or manages the information of California residents, the law has implications for virtually all large enterprises, which are also contending with such statutes as the Gramm-Leach-Bliley Act, the Sarbanes-Oxley Act, and the European Union Data Protection Directive. In light of these demands, many organizations are looking to leverage data encryption as part of a data privacy initiative. Organizations have been slow to implement data encryption because of challenges it had traditionally posed: complex application integration, time-consuming maintenance, and poor performance to name a few. Ingrian offers a solution that enables organizations to gain the security benefits of encryption while avoiding these traditional drawbacks. Ingrian DataSecure Platforms deliver capabilities for granular encryption, seamless integration, and centralized security management-enabling organizations to effectively address a range of critical security gaps, with unparalleled ease and cost effectiveness. With its solutions, Ingrian supports: - Organizations around the world seeking to comply with privacy legislation, such as California’s AB 1950, Europe’s Data Protection Directive, and many others. - Retailers and payment processors in adhering to card issuer security policies like Visa’s Cardholder Information Security Program and MasterCard’s Site Data Protection Program—programs that specifically mandate the encryption of data in databases. - Financial institutions seeking to comply with the Gramm-Leach-Bliley Act. - Government agencies seeking to adhere to the Federal Information Security Management Act.