[webinar slides] 4 ways to protect your captured data from theft and compliance violations

Underwri(enby: Presentedby: Brousseau&Assoc.

#AIIMTheGlobalCommunityofInforma4onProfessionals

WebinarTitle

PresentedDATE

4WaystoProtectYourCapturedDatafromThe@andComplianceViola4ons

AnAIIMWebinardeliveredonJanuary20,2016

Today’sSpeakers

MarkBrousseauPresidentBrousseau&Associates

Host:TheresaResekDirectorAIIM

WhyWeAreHere

The2015securityandcompliancewake-upcall:§  Massivedataleaks§  LostpaJentrecords§  Espionage

TheImpactofDataLeaks

§  60%oforganizaJonssaythepotenJalimpactofadataleakwouldbehigh

§  13%oforganizaJonssaythepotenJalimpactofadataleakwouldbedisastrous

Source:AIIM

AverageCostofaDataLeak

$7.2MILLIONSource:PonemonInsJtute

Increasingregula-onsandstandardsareraisingthestakes.

What’sAtRisk

§  CustomerinformaJon§  Intellectualproperty§  Financialrecords§  Projectdocuments

Organiza4onsUnderstandtheStakes

§  67%oforganizaJonsseeensuringtheprivacyofcustomerdataasessenJal.

§  65%oforganizaJonsseecompliancewithindustryandgov’tregsasessenJal.

Source:AIIM

IncreasingRegulatoryPressure

14,000

Federal,stateandindustrylaws,standards

andregulaJonsgoverningthemanagementofinformaJon.

Source:CadenceGroup

ExamplesofKeyDataGovernanceRegula4ons

§  HealthInsurancePortabilityandAccountabilityAct(HIPAA)§  PaymentCardIndustryDataSecurityStandard(PCI-DSS)§  FederalInformaJonSecurityandManagementAct(FISMA)§  BankSecrecyAct(BSA)§  Gramm-Leach-BlileyAct(GLBA)§  Sarbanes-Oxley(SOX)§  DefenseInformaJonSystemsAgency(DISA)

HowOrganiza4onsareProtec4ngThemselves

49%oforganizaJonsbelieveunauthorizedaccessbyinternalstaffposesthebiggestthreattotheirdata.§  Permissionsandaccesscontrols§  AnJ-virus/malwaretools§  Strongpasswords§  Perimetersecurity

TheAchillesHeel:DocumentImagingSystems

AtypicaldocumentimagingsystemcancreateFOUR

vulnerabiliJesthatincreasethepotenJalfordatathe@andviola4onsofinformaJonmanagementregulaJons.

Risk#1:PryingEyes

NoencrypJonwhiledataisinmoJonandnoprotecJonforimagesordataastheytravelthroughthecaptureworkflow.

Risk#1:PryingEyes

MostdocumentimagingsystemshavenotmadetheleaptofulldiskencrypJon.

Risk#1:PryingEyes

OperatorshavenetworkorfilesystemrightstothelocaJonwhereimagesarewri(en.

Risk#1:PryingEyes

Imagesarewri(entothescanner’slocalharddriveprior

towriJngthedatatoanetworkfilerepository.

Risk#2:LogFilesLe@Unsecured

Mostdocumentimaging

systemswritebatchlogfilestothelocalharddriveofthe

scanner’shostPC.

Risk#2:LogFilesLe@Unsecured

LogfilesmaycontainPersonalInformaJon(PI)orPersonalHealthInformaJon(PHI)suchascheck

MICRinformaJonorOCR/ICRresultsfrommedicalforms.

Risk#3:PoorVisibilityintoOperatorAc4vi4es

DifficultytrackingandaudiJngtheacJviJesofoperaJonal

staff.

Risk#4:PoorSecurityManagement

Mostdocumentimagingsystemsrequiremanualprocessesfornetworkadministratorstoreview

securityseings.

ELIMINATETHESERISKSHOWADVANCEDDOCUMENTIMAGINGSYSTEMS

Safeguard#1:“Impersona4on”

Dataiswri(entoadifferentuseraccountthantheone

usedbythescanneroperator.

Safeguard#2:ProtectedImagesandData

StrongencrypJonalgorithmsthatdonotimpactsystem

performance.

UseofInternetProtocolSecurity(IPSec)tunnelsto

encryptdatathatisinmoJon.

Temporaryimagesarestoredonlyinmemorypriortobeingwri(entothenetworkstore.

Safeguard#3:SecureAuditLogging

Detailedauditloggingtoacustomer’ssyslogserver.

Batchlogfilesarewri(endirectlytoauser’snetwork,insteadoftoalocaldrive.

NosensiJveinformaJonisincludedinlogfiles.

Safeguard#4:StrongSecurityManagement

AsecuritycontrolpanelthatprovidesinsightsandeasycontrolofconfiguraJons.

Summary

§  Securityandcomplianceisonthecorporateagenda§  OrganizaJonsknowtheymustworkhardertoprotectcontent§  MostscanningsystemscreateFOURvulnerabiliJes§  Advancedcapturesystemseliminatetheseissueswhile

aligningdocumentprocessingwithcorporatesecuritygoals

ibmlprovidesintelligentinformaJoncapturesoluJonsthatdrivebusinessprocessimprovements.Combiningintelligentscanners,somwareandservices,ibml’scomprehensivesoluJonsautomatethemostdemandingdocumentapplicaJonsinbanking,financialservices,healthcare,governmentservices,outsourcingandmore.Everyday,ibmlcustomersin48countriesrelyonourtechnologytoaccurately,efficientlyandsecurelycaptureandprocessmillionsofdocuments.Learnmoreatwww.ibml.com

SecureDocumentCaptureSolu4ons

FormoreinformaJon,emailDanLucariniat

dlucarini@ibml.com

#AIIMTheGlobalCommunityofInforma4onProfessionals

TakeyourskillstothenextlevelbylearningbestpracJcesandtechnologiesfordigitalimagingwithAIIM’sCapture&Imagingtrainingcourse.

Visit:AIIM.org/CaptureTraining

AIIMistheCommunityforInforma4onProfessionals

AIIMbelievesthatinforma4onisyourmostimportantasset–learntheskillstomanageit.

Ourmissionistoimprove

organizaJonalperformancebyempoweringacommunityofleaderscommi(edtoinformaJon-driven

innovaJon.

Learnmoreatwww.aiim.org

[webinar slides] 4 ways to protect your captured data from theft and compliance violations

Technology

compliance hotline · 2020-03-10 · • medicare/medicaid...

reducing internal theft 2deterring employee theft

toll violations

topic 13 theft topic 13 theft. topic 13 theft definition...

guzoo violations

anti-theft anti-theft - passive anti-theft system (pats

182 agents and identity theft - ceclass.com · agents and...

wireless power theft monitering - · pdf filewireless power...

092709 violations

deterring wage theft: alt-labor, state politics, and...

studentaid.ed.gov · record retention: program records ......

zoneoffensedaynight 1 theft - grand from a dwelling...

· web viewstudents will be held accountable for, or...

detecting re-captured videos using shot-based photo...

taking possession: the defining element of theft?€¦ ·...

federal bureau of investigation. what is the fbi?...

smart theft monitoring system - directory...

7.23.20 final recommendation - bullock armmand · 4-10-.02...

captured memories business plan - web viewcaptured memories...

the city of milpitas · the city of milpitas (“the...