in

This Blog

Syndication

Tags

News

AlertBoot offers a cloud-based full disk encryption and mobile device security service for companies of any size who want a scalable and easy-to-deploy solution. Centrally managed through a web based console, AlertBoot offers mobile device management, mobile antivirus, remote wipe & lock, device auditing, USB drive and hard disk encryption managed services.

Archives

AlertBoot Endpoint Security

AlertBoot offers a cloud-based full disk encryption and mobile device security service for companies of any size who want a scalable and easy-to-deploy solution. Centrally managed through a web based console, AlertBoot offers mobile device management, mobile antivirus, remote wipe & lock, device auditing, USB drive and hard disk encryption managed services.

Malaysia Full Disk Encryption: SMEs Are Told To Protect Client Data

According to thesundaily.my, small and medium sized enterprises (SMEs) in Malaysia have reason to seriously start exploring the use of laptop encryption solutions like AlertBoot.

SMEs specifically have been warned about keeping safe the information they collect from clients.  Malaysia has become the first ASEAN (Association of Southeast Asian Nations) member to pass data protection legislation.  The law went into effect on November 15, 2013 (less than 90 days ago), and companies have until February 15 to register with the Personal Data Protection Department (PDPD) as "data users".

Penalties for Offenses

Companies who commit an offense can be fined up to RM500,000 (approximately US$150,000) or face three years in jail.

What kinds of offenses are included?  The article at thesundaily.my doesn't list them, but notes that sharing customer information with third parties, without the customers' consent, would be a breach of the data protection act.  

I found it interesting that the article included the following quote:
"Many SMEs in Malaysia have the wrong perception that they will be spared from cyber attacks, assuming that it would only happen to big corporations," Tan said.
It was further revealed that 31% of companies targeted by hackers were SMEs with fewer than 250 employees.

The above implication is that being attacked by hackers could also be categorized as a breach of the data protection act, leading to fines or jail time by the PDPD, as harsh as that may sound.  One assumes, however, that the PDPD has prosecutorial discretion over which SMEs to penalize, depending on the type of breach.

For example, as global trends over the past couple of months have shown, stopping hackers is hard (one may say it's impossible.  Not that this means one shouldn't be trying – if you're not trying, you deserve to be penalized).  However, if a company exposes customer data because they lost a computer that was not protected with laptop encryption software, then that's not the fault of hackers, is it?

In that particular case, the person that ought to be penalized, crucified, pilloried, and savaged is the SME that allowed such a data breach to take place.  After all, hackers had nothing to do with it.
Related Articles and Sites:
http://www.thesundaily.my/news/946127
 
<Previous Next>

Laptop Encryption: Coca-Cola Data Breach Affects 74,000

HIPAA Encryption: Sometimes, It's Not HIPAA You Should Be Worried About

Comments

No Comments

About sang_lee

Sang Lee is a Senior Account Manager and Security Analyst with AlertBoot, Inc., the leading provider of managed endpoint security services, based in Las Vegas, NV. Mr. Lee helps with the deployment and ongoing support of the AlertBoot disk encryption managed service. Prior to working at AlertBoot, Mr. Lee served in the South Korean Navy. He holds both a B.S. and an M.S. from Tufts University in Medford, Massachusetts, U.S.A.