What's VoIP Got to Do with GLBA Data Privacy

By Linda McGlasson, March 30, 2007.
What's VoIP Got to Do with GLBA Data Privacy

T

See Also: Insider Threat: Mitigating the Risk

he Gramm Leach Bliley Act may not appear to have anything to link it to the Voice Over IP technology being implemented in financial institutions, but IT departments and Information Security officers should look closely at how the new phone systems may be audited under GLBA regulations. GLBA audits would focus more on data privacy, and specifically under Section 501 Subtitle A that requires companies ensure the security and confidentiality of customer records and information. They also need to protect against any anticipated threats or hazards to the security and integrity of these records, and protect t against unauthorized access to or use of such records or information that could result in substantial harm or inconvenience to any customer.

A VoIP network has all the same security threats as an IP data network. All the steps to protect an IP data network should be taken in locking down a VoIP network.

For more information: http://www.cuinfosecurity.com/regulations.php?reg_id=42

(See Special NIST Publication800-58, Security Considerations for Voice over IP Systems)

  • Print
  • Tweet Like LinkedIn share
Get permission to license our content for reuse in a myriad of ways.
ARTICLE Cyber-Attacks Target Energy Firms

The Trojan "Laziok" targets energy firms throughout the Middle East, India, the U.S. and the U.K.,...

Latest Tweets and Mentions

ARTICLE Cyber-Attacks Target Energy Firms

The Trojan "Laziok" targets energy firms throughout the Middle East, India, the U.S. and the U.K.,...

The ISMG Network