Raz-Lee Security has launched an innovative educational venture, in order to help Italian enterprises understand and implement the new amendments to the Italian Privacy Code 196/2003, concerning System Administrators’ role in company’s data security.

The new legislation specifies procedures for data protection, including technical and administrative measures which companies are required to implement. It holds IT departments directly responsible for user access and actions relating to companies’ information systems. Obviously, this has significant implications on System i Security as well. The legislation is expected to come into effect on June 30th 2009, after being publicized on 14 January 2009, followed by subsequent delays in its enforcement.

In the framework of the new venture, Raz-Lee has been holding free seminars explaining the requirements of the new legislation and how to implement it on System i. The sessions are conducted by Raz-Lee System i Security experts residing in Italy, who also provide ongoing technical support to Raz-Lee’s Italian customers. The meetings are conducted in intimate forums, with up to seven companies attending, in order to enable effective interactive discussions.

So far, Raz-Lee has held over 30 Round Table meetings across Italy, from Milan and Como to Naples and Sicily. Following the success and enthusiastic feedback from attending companies, Raz-Lee will continue to host such meetings. The meetings are attended by IT staff as well as top management of Italian companies.

The Round Table meetings cover the following topics:

- Security Assessment of System i
- Access monitoring & Control (FTP, ODBC, SQL)
- System auditing
- Centralized Management
- Reporting

“We are glad to be contributing tangible value to Italian enterprises in the area of our expertise, System i Security,” said Nicola Fusco, South Europe Area Manager, Raz-Lee Security. “We have a large, long-standing installed base in Italy, and it has widened further since we began this exceptional tour.”

For more information on Round Table meetings in Italy, email info.southeurope@razlee.com

Written by Shari Masafy, MarCom Manager at Raz-Lee Security
Email Shari Masafy at marketing@razlee.com

Finally, CyberSecurity is getting the importance it warrants, and by none other than the President of the United States, Barack Obama. The new administration announced on May 29th the launch of a major CyberSpace Security Project, headed by a top-level office to better protect information networks and critical infrastructure.

“From now on, our digital infrastructure — the networks and computers we depend on every day — will be treated as they should be: as a strategic national asset. Protecting this infrastructure will be a national security priority.” President Barack Obama

Hopefully, Obama’s enthusiastic drive for change will help alter overly complacent attitudes toward security. Amazingly, such attitudes are prevalent not only among the general public, but even at top government offices, as seen in the article Does the State Dept. Ignore Security? (Datamation.com). The article describes the frequency of incidents in which State Department employees access celebrities’ personal information out of curiosity. Moreover, an audit conducted at the State Department’s Office of the Inspector General (OIG) discovered “many control weaknesses – including a general lack of policies, procedures, guidance, and training” relating to information security.

The Obama administration’s Cyberspace Policy Review cites substantial damages caused by security hazards:

• Failure of critical infrastructures. CIA reports malicious activities against information technology systems have caused the disruption of electric power capabilities in multiple regions overseas, including a case that resulted in a multi-city power outage.

• Exploiting global financial services. In November 2008, the compromised payment processors of an international bank permitted fraudulent transactions at more than 130 automated teller machines in 49 cities within a 30-minute period, according to press reports. In another case reported by the media, a U.S. retailer in 2007 experienced data breaches and loss of personally identifiable information that compromised 45 million credit and debit cards.

• Systemic loss of U.S. economic value. Industry estimates of losses from intellectual property to data theft in 2008 range as high as $1 trillion.16

With such heavy tolls recognized, perhaps more conscientious approaches to information security will trickle down from government officials to private companies and IT managers.

Written by Shari Masafy, MarCom Manager at Raz-Lee Security
Email Shari Masafy at marketing@razlee.com