Developments April-May 2014 - (Page 46)

LEGAL In the Wake of the Target Debacle BY NICOLE C. EVANS AND AMY S. MUSHAHWAR T Nicole C. Evans, a partner in Ballard Spahr's Salt Lake City office, has a national, broad-based practice in resort and hospitality law, including resort and timeshare development in the United States, Canada, and Mexico; fractionals and other luxury real estate products; condominiums; and analysis of club structures. Amy S. Mushahwar, of counsel in Ballard Spahr's Washington, D.C., office, is an experienced data privacy, security, and management attorney who developed in-house compliance policies, procedures, and training programs for Fortune 500 companies across the nation. Nicole's email is EvansN@ballardspahr.com. 46 - Developments arda.org he recent prominence of data breaches in the news masks the fact that breaches regularly occur at companies, large and small. Companies are under constant attack by cyber criminals attempting to hack, skim, socially engineer, or even dumpster-dive consumer data. The hospitality industry has experienced major issues with cyber security breaches, including unintentional exposure of credit and debit card information, thieves breaching keycard locks and compromising guest security, and hackers breaking into internal networks, pilfering credit and debit card numbers, and ringing up millions in fraudulent charges. These cases underscore how important it is for companies to honor the promises made in their privacy policies through comprehensive data risk management planning, including security controls. Information security is no longer the responsibility of IT departments alone. Effective data risk management requires a top-driven, coordinated strategy implemented across the company. The following are tips to stimulate internal dialogue at your company regarding cyber security as a business process. Data Mapping All IT assets should be mapped to identify the fields of data available on each asset. If your organization's IT assets are mapped, this will increase your internal awareness of legacy systems and the systems coming into your organization via merger or other asset purchase. At a minimum, the inventory should include: * Name of system/platform, * DNS names, * Type of device, Data risk management requires a coordinated strategy, company-wide... * * * * * * Operating system, IP address(es), MAC address(es), Date of installation, Vendor contact (if applicable), and Data owner (with up-to-date contact information). In addition, you should make sure that your company regularly updates the mapping when systems are changed, acquired, or decommissioned. Employee Permissions and Policies Employees are your company's first line of defense to prevent a data security incident. Make sure your employees have the necessary tools to help the organization succeed, including: * Effective access controls and user permissions to limit information access to those with a need to know-it is a good idea to periodically review individual access privileges; * Policies that are up to date, crisp, clear, and comprehensible to all members of your organization; * Policies that address the issues of employees bringing their own mobile devices, remote-access employees, and social media use; http://www.arda.org

Table of Contents for the Digital Edition of Developments April-May 2014

UP FRONT
FIRST WORD
AROUND THE INDUSTRY
MEMBER PROFILE
TRENDS
INTERNATIONAL
LEGAL
LET'S ROC
RE-INNOVATE: FROM LEGACY TO CURRENCY
RECIPE FOR GROWTH: KEY INGREDIENT FOR SUCCESS
PROCESS AND PROGRESS
TAPPING IN
WIN
CHARITY SPOTLIGHT
FINANCE
AIF
RESORT OPS
MEMBERSHIP
MEMBERSHIP UPDATES
LAST WORD

Developments April-May 2014

http://www.nxtbook.com/ygsreprints/ARDA/G112065_arda_novdec2019
http://www.nxtbook.com/ygsreprints/ARDA/G398743_arda_oct2019
http://www.nxtbook.com/ygsreprints/ARDA/G110069_arda_sept2019
http://www.nxtbook.com/ygsreprints/ARDA/0919_arda_50thSup
http://www.nxtbook.com/ygsreprints/ARDA/G109015_arda_aug2019
http://www.nxtbook.com/ygsreprints/ARDA/G108120_arda_jul2019
http://www.nxtbook.com/ygsreprints/ARDA/G107369_arda_jun2019
http://www.nxtbook.com/ygsreprints/ARDA/arda_trusteedirectory_2019
http://www.nxtbook.com/ygsreprints/ARDA/G105240_arda_apr2019
http://www.nxtbook.com/ygsreprints/ARDA/G104323_arda_mar2019
http://www.nxtbook.com/ygsreprints/ARDA/G103171_arda_feb2019
http://www.nxtbook.com/ygsreprints/ARDA/G102857_arda_jan2019
http://www.nxtbook.com/ygsreprints/ARDA/G100505_arda_novdec2018
http://www.nxtbook.com/ygsreprints/ARDA/G993377_arda_oct18
http://www.nxtbook.com/ygsreprints/ARDA/G98243_arda_sept2018
http://www.nxtbook.com/ygsreprints/ARDA/G97455_arda_aug2018
http://www.nxtbook.com/ygsreprints/ARDA/G96594_arda_july2018
http://www.nxtbook.com/ygsreprints/ARDA/G93341_arda_may2018
http://www.nxtbook.com/ygsreprints/ARDA/G92771_arda_apr2018
http://www.nxtbook.com/ygsreprints/ARDA/G91395_arda_mar2018
http://www.nxtbook.com/ygsreprints/ARDA/G90172_arda_feb2018
http://www.nxtbook.com/ygsreprints/ARDA/G88761_arda_jan2018
http://www.nxtbook.com/ygsreprints/ARDA/G85176_arda_novdec2017
http://www.nxtbook.com/ygsreprints/ARDA/G83609_arda_october2017
http://www.nxtbook.com/ygsreprints/ARDA/G81545_arda_september2017
http://www.nxtbook.com/ygsreprints/ARDA/G80017_arda_august2017
http://www.nxtbook.com/ygsreprints/ARDA/G79156_arda_july2017
http://www.nxtbook.com/ygsreprints/ARDA/G77028_arda_june2017
http://www.nxtbook.com/ygsreprints/ARDA/G74802_arda_aprmay2017
http://www.nxtbook.com/ygsreprints/ARDA/G73958_arda_mar2017
http://www.nxtbook.com/ygsreprints/ARDA/minidigest2017_interval
http://www.nxtbook.com/ygsreprints/ARDA/minidigest2017_rci
http://www.nxtbook.com/ygsreprints/ARDA/G72702_arda_feb2017
http://www.nxtbook.com/ygsreprints/ARDA/G70973_arda_jan2017
http://www.nxtbook.com/ygsreprints/ARDA/arda_NovDec2016
http://www.nxtbook.com/ygsreprints/ARDA/G66901_October2016
http://www.nxtbook.com/ygsreprints/ARDA/G66137_September2016
http://www.nxtbook.com/ygsreprints/ARDA/g64853_august2016
http://www.nxtbook.com/ygsreprints/ARDA/g63556_arda_july16
http://www.nxtbook.com/ygsreprints/ARDA/arda_may16
http://www.nxtbook.com/ygsreprints/ARDA/arda_april16
http://www.nxtbook.com/ygsreprints/ARDA/arda_march16
http://www.nxtbook.com/ygsreprints/ARDA/minidigest2016_interval
http://www.nxtbook.com/ygsreprints/ARDA/minidigest2016_rci
http://www.nxtbook.com/ygsreprints/ARDA/arda_feb16
http://www.nxtbook.com/ygsreprints/ARDA/g56444_arda_0116
http://www.nxtbook.com/ygsreprints/ARDA/g55471_arda_1115
http://www.nxtbook.com/ygsreprints/ARDA/g54352_arda_1015
http://www.nxtbook.com/ygsreprints/ARDA/g53078_arda_0915
http://www.nxtbook.com/ygsreprints/ARDA/g52346_arda_aug15
http://www.nxtbook.com/ygsreprints/ARDA/g51820_arda_july2015
http://www.nxtbook.com/ygsreprints/ARDA/g50568_arda_june2015
http://www.nxtbook.com/ygsreprints/ARDA/g48582_arda_aprmay2015
http://www.nxtbook.com/ygsreprints/ARDA/g48198_arda_mar2015
http://www.nxtbook.com/ygsreprints/ARDA/ARDA/arda_minidigest15
http://www.nxtbook.com/ygsreprints/ARDA/ARDA/arda_minidigest15_rci
http://www.nxtbook.com/ygsreprints/ARDA/arda_minidigest15_interval
http://www.nxtbook.com/ygsreprints/ARDA/g47739_arda_feb2015
http://www.nxtbook.com/ygsreprints/ARDA/g47155_arda_jan2015
http://www.nxtbook.com/ygsreprints/ARDA/g45549_arda_nov14
http://www.nxtbook.com/ygsreprints/ARDA/g44747_arda_oct2014
http://www.nxtbook.com/ygsreprints/ARDA/g44047_arda_sept2014
http://www.nxtbook.com/ygsreprints/ARDA/g43314arda_aug2014
http://www.nxtbook.com/ygsreprints/ARDA/g42697_arda_july2014
http://www.nxtbook.com/ygsreprints/ARDA/g42010_arda_jun2014
http://www.nxtbook.com/ygsreprints/ARDA/g40308_arda_aprmay2014
http://www.nxtbook.com/ygsreprints/ARDA/g39858_arda_mar2014
http://www.nxtbook.com/ygsreprints/ARDA/arda_minidigest_interval14
http://www.nxtbook.com/ygsreprints/ARDA/arda_minidigest_rci14
http://www.nxtbook.com/ygsreprints/ARDA/g39339_arda_feb2014
http://www.nxtbook.com/ygsreprints/ARDA/g38847_arda_jan2014
http://www.nxtbook.com/ygsreprints/ARDA/g37182_arda_novdec2013
http://www.nxtbook.com/ygsreprints/ARDA/g36850_arda_oct2013
http://www.nxtbook.com/ygsreprints/ARDA/g36032_arda_sep2013
http://www.nxtbook.com/ygsreprints/ARDA/g35644_arda_aug2013
http://www.nxtbook.com/ygsreprints/ARDA/g34942_arda_jul2013
http://www.nxtbook.com/ygsreprints/ARDA/g34203_arda_jun2013
http://www.nxtbook.com/ygsreprints/ARDA/g32965_arda_developments-aprmay2013
http://www.nxtbook.com/ygsreprints/ARDA/g32413_arda_mar2013
http://www.nxtbook.com/ygsreprints/ygs/arda_minidigest
http://www.nxtbook.com/ygsreprints/ygs/arda_minidigest_rci
http://www.nxtbook.com/ygsreprints/ygs/arda_minidigest_interval
http://www.nxtbook.com/ygsreprints/ygs/g31739_arda_feb13
http://www.nxtbook.com/ygsreprints/ygs/g31264_arda_developments_jan2013
http://www.nxtbook.com/ygsreprints/ygs/g29933_arda_developments_novdec2012
http://www.nxtbook.com/ygsreprints/ygs/g29207_arda_developments-oct2012
http://www.nxtbook.com/ygsreprints/ygs/g28427_arda_developments_sept2012
http://www.nxtbook.com/ygsreprints/ygs/g27671_arda_developments_aug2012
http://www.nxtbook.com/ygsreprints/ygs/7091_arda_developmentsjuly2012
http://www.nxtbook.com/ygsreprints/ygs/g26491_arda_june12
http://www.nxtbook.com/ygsreprints/ygs/g24897_arda_dev_aprilmay12
http://www.nxtbook.com/ygsreprints/ygs/g24629arda_dev_march2012
http://www.nxtbook.com/ygsreprints/ygs/g24005arda_dev_feb12
http://www.nxtbook.com/ygsreprints/ygs/g23471_dev_jan12
http://www.nxtbook.com/ygsreprints/ygs/g22146_arda_novdec11
http://www.nxtbook.com/ygsreprints/ygs/g21696ardaoct11
http://www.nxtbook.com/ygsreprints/ygs/arda_sept11_nxtbk
http://www.nxtbook.com/ygsreprints/ygs/g20778_arda_august2011
http://www.nxtbook.com/ygsreprints/ygs/g20046arda_nxtbook
http://www.nxtbook.com/ygsreprints/ygs/g20045arda_nxtbk
http://www.nxtbook.com/ygsreprints/ygs/G18220_ARDA_aprmay11
http://www.nxtbook.com/ygsreprints/ygs/g18768_arda_march2011
http://www.nxtbook.com/ygsreprints/ygs/g18289arda_feb11
http://www.nxtbook.com/ygsreprints/ygs/g17975_arda_jan11
http://www.nxtbook.com/ygsreprints/ygs/g16746arda_novdec10
http://www.nxtbook.com/ygsreprints/ygs/ARDA/arda_flashadcompilation
http://www.nxtbook.com/ygsreprints/ygs/p16572_arda_2011mediakit
http://www.nxtbook.com/ygsreprints/ygs/g16282arda_oct10
http://www.nxtbook.com/ygsreprints/ygs/g15671_arda_sep10
http://www.nxtbook.com/ygsreprints/ygs/g15375_arda_aug2010a
http://www.nxtbook.com/ygsreprints/ygs/g14892_ardajuly10_final
http://www.nxtbook.com/ygsreprints/ygs/g14484_arda_june
http://www.nxtbook.com/ygsreprints/ygs/g13575_arda_may10_cvt
http://www.nxtbook.com/ygsreprints/ygs/p14395_ARDA_MemberKit
http://www.nxtbook.com/ygsreprints/ygs/g13153_ARDA_marchaprl10
http://www.nxtbook.com/ygsreprints/ygs//g12797_arda_feb10
http://www.nxtbook.com/ygsreprints/ygs/g12360_jan10nxtbook
http://www.nxtbook.com/ygsreprints/ygs/G11457ARDA2
http://www.nxtbook.com/ygsreprints/ygs/G10696_arda_oct
http://www.nxtbook.com/ygsreprints/ygs/2010sponbroc_nxtbook1
http://www.nxtbook.com/ygsreprints/ygs/developements_sept09
http://www.nxtbook.com/ygsreprints/ygs/Developments2010_MK1
http://www.nxtbookMEDIA.com