Massachusetts enforces data security

Massachusetts officials have given companies a second reprieve on complying with new regulations aimed at any entity that stores the personal data of state residents, says Computer World.

The state left intact other parts of the regulations that have sparked criticism from the business community both inside and outside of Massachusetts.

Even with the extension of the compliance deadline from 1 May to the start of next year, meeting the requirements could be a challenge for some companies.

A survey of 470 organisations has found that 75% of them intend to reallocate or increase their budgets to secure cloud computing and software-as-a-service (SaaS) within the next 12 months, states Public Technology.

Further, interviews conducted by Infosecurity Europe with a panel of 20 chief information security officers of large enterprises revealed they are concerned about availability and security aspects of software services in the cloud.

They were especially concerned about the lack of standards for working in the cloud, SaaS and secure Internet access - all of them said they would welcome the development of guidelines in this area.

Adoption of identity access management (IAM), and governance, risk management and compliance (GRC) is on the rise in the Asia-Pacific region, according to a CA executive, reports ZDNet Asia.

The IT management company's security director for Asia-Pacific and Japan, PF Vilquin, told ZDNet Asia that widespread layoffs and tighter scrutiny in the aftermath of the global financial crisis have led to the insider threat becoming an even greater concern.

Businesses have slowed with the downturn, giving rise to employees having more free time, he noted. In addition, they may be disgruntled about being laid off.