Welcome to Webroot Software, Inc. This site will work and look better in a browser that supports web standards, but it is accessible to any browser or Internet device.

Spyware and Impacts to Compliance Regulations

Enterprises and government agencies alike are experiencing an increasing rate of malicious activity directed towards obtaining sensitive data. The connection between maintaining government compliance initiatives and thwarting spyware continues to grow closer. Spyware, in its more nefarious forms as system monitors or Trojan horses, has the ability to push an enterprise out of compliance with one of the three major initiatives, HIPAA, Gramm-Leach-Bliley Act and Sarbanes-Oxley. It takes just one piece of spyware to place an enterprise in a position of non-compliance. If this occurs, the federal government can impose heavy fines or pursue other actions against a company. An enterprise may face fallout from its customers and partners that can severely impact their revenues and brand reputation. More recently, given the increasing number of financial institutions being targeted by spyware, the FDIC issued guidelines to their insured banking institutions recommending the internal implementation of anti-spyware technologies.

HIPAA

HIPAA compliance requires medical record privacy to be adequately protected, meaning unauthorized persons can't see it, it doesn't get misused, and those using it can be identified. Organizations that are held accountable if confidential patient information is accessed by an unauthorized 3rd party need to quickly put effective solutions in place to minimize the potential negative impact from spyware and other unwanted software programs.
Visit the site

Gramm-Leach-Bliley

Laws have been introduced recently to protect consumers - personal financial information held by financial institutions. These regulations apply to financial institutions, which include not only banks, securities firms, and insurance companies, but also companies providing other types of financial products and services to consumers. Organizations that maintain credit information for customers are being held accountable if that data is accessed or compromised by an unauthorized 3rd party. To protect themselves, companies must have solutions in place immediately to minimize the potential negative impact from spyware and other unwanted software programs.
Visit the site

Sarbanes-Oxley

Sarbanes-Oxley requires corporate management to certify and sign off that specified risk assessment and audit controls are in place when their annual reports are filed, with significant penalties for non-compliance. Ensuring that every part of Sarbanes-Oxley is implemented is the personal responsibility of the CEO and the CFO. Based on the accepted assessment and testing techniques, it is clear that auditors will not be able to attest that an organization is in compliance with Sarbanes-Oxley if system monitors and Trojans are found on enterprise computers.
Visit the site

Copyright 2007 Webroot Software, Inc.