Handling sensitive records in Hong Kong

By Tommi Lampila

Increasing awareness around personal privacy issues and handling of consumer data by organizations in Hong Kong is driving enterprises to evaluate how customer records are maintained within their organization – and how, and by whom, they can be accessed and transferred to outside networks.

Controlling the handling of sensitive records involves implementing strict data handling policies, as well as ensuring the organization has visibility over how data is accessed and by whom.

These controls need to extend not only to the persons who process customer or citizen records as part of their work, but also to the individuals who maintain the IT environment that houses and transfers this data – the IT administrators.

Often these roles carry the highest practical power within the organization when it comes to data access, but are the most difficult to ensure full accountability for.

Security policies, and industry standards such as PCI-DSS (Payment Card Industry Data Security Standard), typically mandate that network channels used by administrators and outsourced IT resources to manage IT assets are encrypted to protect privileged-user credentials.

This has the side-effect of preventing firewalls, Data Loss Prevention and Intrusion Detection Systems from inspecting the contents of that traffic, and makes it difficult to ensure that these channels only carry authorized traffic and content.

The fact that these privileged users may have the capability to edit and erase logs, or to disable processes such as monitoring agents, adds to the potential risk presented by the lack of control over the increasing amount of encrypted channels within and between enterprise networks.

Privileged user authorization systems often require changes to network topology, business processes, and the way the administrators perform their tasks, involving bastion servers, application gateways, or limited-functionality java or web applications.

The cumbersome deployment and process limitations make them expensive to maintain, and lead the users to find grey-IT workarounds to avoid the loss in productivity.

A suggested approach is to introduce transparent audit points into the environment. These audit points have the capability to unencrypt the privileged-user traffic, inspect the contents to enforce content policy (or to pass the content to DLP or IDS services), store a centralized audit archive of the session contents, and to re-encrypt the channel before sending it to its original destination.

This distributed audit environment avoids changes to the business processes or user experience, and enables cost-effective audit and controls for privileged user access, also over encrypted channels.

Follow the link for more news on

Join Hong Kong Business community
Since you're here...

...there are many ways you can work with us to advertise your company and connect to your customers. Our team can help you dight and create an advertising campaign, in print and digital, on this website and in print magazine.

We can also organize a real life or digital event for you and find thought leader speakers as well as industry leaders, who could be your potential partners, to join the event. We also run some awards programmes which give you an opportunity to be recognized for your achievements during the year and you can join this as a participant or a sponsor.

Let us help you drive your business forward with a good partnership!

Top News

AAHK signs $4.62b agreement to acquire Zhuhai Airport
Secretary for Transport & Logistics Lam Sai-hun witnessed the signing ceremony.
Aviation
Gov’t extends judiciary e-Appointment services
This will enable users to apply for self-bankruptcy petitions and probate applications online.
InvestHK opens office in Cairo
This is part of its effort to attract companies from MENA.
Hong Kong top court affirms same-sex spouses' housing rights
Two judicial reviews concerned rights under public rental housing and the Home Ownership Scheme.
Healthcare

Exclusives

Hong Kong Residency rule could boost office sector
The ultra-rich are also expected to set up family offices in the city.
Allegrow Biotech engineers technology to activate immune cells
The startup’s invention can be used to treat and potentially cure diseases like cancer.
Healthcare
Renminbi rise to fuel Bank of China HK’s growth
The lender expects the currency to be used more often in cross-border deals.