|
Why do I, or does my organization,
need a ppn?
Every computer provides the capability to receive,
process, store and distribute confidential identity information,
credit card numbers,
passwords, access codes, financial information, health information
or other confidential information. As such, every computer data transfer
is a potential target for cyber-spying, prying and cyber-crime attacks.
Given the occurrence of such an unauthorized and illegal intrusion
every owner and user of a computer is exposed to potential financial
losses and also personal liability for any damages suffered by any
friends, users, clients, customers, employees and others who’s
confidential information was compromised. For a discussion of the need
for increased cyber-security see: Cyber-security
and the Networked Environment
Congress recently alerted the Federal government
agencies and the public of a serious new security vulnerability risk
posed by peer-to-peer
(P2P) file sharing and data file transfers. As a result of congressional
hearings, late last year the U.S. House of Representatives proposed
and passed H.R. 3159, the “Government Network Security Act of
2003 (GSNA).” The Act requires Federal agencies to protect their
computers and networks from the security risks posed by peer-to-peer
file sharing and data file transfers.
|
Although GSNA was not signed into law by the President,
this legislation demonstrated the continued and added emphasis on the
need for security in the transfer and the sharing of private, sensitive
and confidential information, “protected information,” between
computer users. The Act is consistent with the trend for increased
cyber-security of protected information as was mandated under the Federal
Information Security Management Act (FISMA), HIPAA, GLBA and is also
beginning to appear in many State laws and regulations. For details
see
• GSNA News Release
• GSNA
Fact Sheet
• GSNA-The
Act (H.R. 3159) Cyber-spying, prying and cyber-crime attacks, which
include cyber-theft of client and customer identities, upon the public
are increasing. Therefore, the file sharing security vulnerability
issue is not limited to the Federal government’s computers,
it is also a serious risk to every individual who owns or operates
a computer. Be aware that a cyber-spy or a cyber-thief
can access confidential information through a traditional data file
transfer and by an open P2P file-sharing program and will expose
the owner of the computer and the user of the computer to personal
liability for the losses suffered by the victim of the compromised
confidential information. Such confidential information may be identity
data, credit card or debit card data, banking or financial information,
employment information, medical records and many other types of sensitive
or confidential information. From a liability viewpoint, a ppn offers
a much better means of receiving and distributing electronic data
than an open file-sharing program.
|
