Thursday, 03 July 2008

ISG Africa July meeting

I attended a very good get together of the ISG Africa Security forum today, the topics were around PCI DSS, PPI (Protection of Private Information) Bill, XSS and Client side web application security.

The PPI was the most interesting for me as it has MAMMOTH implications for anyone storing and using any information on anyone (natural or juristic). "Use" is defined in much the same way as the iron as can be said to have a high iron content, ie: is all pervasive by design.

I'll type up my notes and post them tomorrow, in the mean time think about this scenario post enactment: An organisation (irrespective of size) must be able to tell a customer where they got the customer's information, what they have used it for and who had access to it and when they are finished using it for its intended purpose, it must be destroyed.

No comments: