Secure computer systems

With the growing incidents of PII data theft and negligence in securing PII data. Stringent measures must be taken by the federal government and concerned government agencies. There should be frequent checks on the PII data security, in banks and hospitals apart from government agencies who store PII data in huge volumes . Partnerships with , major software companies like IBM (windows) and data security firms like RSA will help in reducing potential PII theft as security measures will be introduced during the software development stage.
Quote .* ” Improving data protection reduces risks associated with breaches and will enhance confidence in the government’s ability to protect citizens’ privacy and personal information, while simultaneously enabling greater efficiency in the delivery of e government services. Through a depth of experience and breadth of technologies spanning from servers to desktops and laptop PCs to mobile devices, Microsoft offers the most comprehensive technological solution to address this ongoing need”. By Kimberly Nelson, Microsoft executive director for e-government, and William Billings, chief security advisor for the Microsoft U. S. Public Sector division. ‘Protecting personally identifiable information (PII) (http://www. microsoft. com/industry/government/federal/protectinginformation. mspx)
Crippling penalties and fines on errant institutions that have had a lax approach to PII data security will make other private and public institutions vary of storing un-necessary PII data and putting up air-tight security procedures for their existing PII data banks.
Frequent changes in PII data security laws will keep private and public institutions on their toes and they will take measures in advance, in order to reduce the cost of updating their security measures.
I would like to cite -** A Nevada law that took effect this month which requires all businesses there to encrypt personally-identifiable customer data, including names and credit-card numbers, that are transmitted electronically. ” A spokeswoman said -” The laws establish a liability that could be used in civil suits against businesses following a data breach”, privacy lawyers said. ” In Nevada, companies that suffer a security breach but comply with the new law would cap their damages at $1, 000 per customer for each occurrence. Those that don’t comply would be subject to unlimited civil penalties under the proposed enforcement plan”, said James Earl, executive director of the state’s task force for technological crimes”. Worthen, B.(2007) page B1 of the Wall street journal ‘New data privacy laws set for firms’. (http://online. wsj. com/article/SB122411532152538495-email. html)
The federal government’s policy of a carrot and stick approach towards private institutions and government agencies who store PII data might speed up changes in the prevention of PII security breach.
Along with fines and penalties imposed on private and public institutions, individuals accountable must also be penalized with fines and imprisonment. Quote ” Users and supervisors are subject to disciplinary actions (reprimand, suspension, removal, or other actions in accordance with applicable law and agency policy) for failure to take appropriate action upon discovering a breach or failure to take the required steps to prevent the breach from occurring” .(Johnson, 2007, p. 21).

References
*Nelson K , Microsoft executive director for e-government, and William Billings, chief security advisor for the Microsoft U. S. Public Sector division. ‘Protecting personally identifiable information (PII) (http://www. microsoft. com/industry/government/federal/protectinginformation. mspx)
** Worthen, B. (2007) page B1 of the Wall street journal ‘New data privacy laws set for firms’. (http://online. wsj. com/article/SB122411532152538495-email. html)