RE: Data Security Law

• From: "Goulet, Richard" <Richard.Goulet@xxxxxxxxxxx>
• To: "Howard Latham" <howard.latham@xxxxxxxxx>
• Date: Wed, 28 Apr 2010 15:49:10 -0400

Yes, and we did it as a blanket policy.  Even for those of us who don't
have personally identifiable data on our laptops.  And it's been done
across the entire company no matter what state or nation your in.  UK
included. 


Dick Goulet
Senior Oracle DBA/NA Team Lead
PAREXEL International

-----Original Message-----
From: Howard Latham [mailto:howard.latham@xxxxxxxxx] 
Sent: Wednesday, April 28, 2010 3:46 PM
To: Goulet, Richard
Cc: daniel.fink@xxxxxxxxxxxxxx; oracle-l
Subject: Re: Data Security Law

Better than whats happened in the UK  a series of lost laptops with
unecrypted personal data of thousands of people. Oh and the expenses
scandal - if those disks had been encrypted well...

On 28/04/2010, Goulet, Richard <Richard.Goulet@xxxxxxxxxxx> wrote:
> Daniel,
>
>       As one of those who does have to comply it's done in a rather
> invasive way that really does protect the information.  All of our
> laptops are encrypted at boot and you need a smart card and pin to
> unlock the hard drive.  Boot off of a floppy and the hard drive
appears
> to be totally blank as if brand new.  Try to boot without the smart
card
> or the wrong pin(you get 3 tries and the pins are a minimum of 6
> characters) and the hard drive will be blank IAW DOD requirements.
It's
> not exactly funny, you can't bypass it, but once your through your ok,
> just a tad slower.
>
>
> Dick Goulet
> Senior Oracle DBA/NA Team Lead
> PAREXEL International
>
> -----Original Message-----
> From: oracle-l-bounce@xxxxxxxxxxxxx
> [mailto:oracle-l-bounce@xxxxxxxxxxxxx] On Behalf Of Daniel Fink
> Sent: Wednesday, April 28, 2010 2:46 PM
> To: oracle-l
> Subject: Data Security Law
>
> There is a law in Massachusetts (USA) that requires any Personal
> Identifying Information about any Massachusetts's resident be
encrypted
> and sets some pretty hefty penalties for violations. It is important
to
> note that it is not about businesses in/or doing business in
> Massachusetts, but any organization that has a client who resides in
> Massachusetts.
>
>
http://www.sqlmag.com/print/sql-server/A-New-Law-that-Will-Change-the-Wa
> y-You-Build-Database-Applications.aspx
>
>
http://www.informationweek.com/news/security/government/showArticle.jhtm
> l?articleID=224400426&queryText=massachusetts%20cmr
>
> Cheers,
> Daniel (Not a Massachusetts' resident, but still would like to have
his
> personal info protected) Fink
>
> --
> Daniel Fink
>
> OptimalDBA    http://www.optimaldba.com
> Oracle Blog   http://optimaldba.blogspot.com
>
> Lost Data?    http://www.ora600.be/
>
> --
> //www.freelists.org/webpage/oracle-l
>
>
> --
> //www.freelists.org/webpage/oracle-l
>
>
>


-- 
Howard A. Latham
--
//www.freelists.org/webpage/oracle-l

• References:
  • Data Security Law
    • From: Daniel Fink
  • RE: Data Security Law
    • From: Goulet, Richard

Other related posts:

• » Data Security Law- Daniel Fink
• » Re: Data Security Law- Andrew Kerber
• » RE: Data Security Law- Goulet, Richard
• » RE: Data Security Law - Goulet, Richard
• » Re: Data Security Law- Bill Ferguson
• » Re: Data Security Law- Niall Litchfield

1. Home
2. oracle-l
3. Archive
4. 04-2010

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---