OMB Mandates

Note: The solutions discussed below only represent a small subset of the entire Ivanti product portfolio. Visit http://www.ivanti.com/solutions to learn more.

Securing Personally Identifiable Sensitive Information (PII)

Through several Office of Management and Budget (OMB) mandates, government agencies shall establish robust methods of securing sensitive information. Specific examples of “sensitive information” of concern information classified as “agency confidential” and Personally Identifiable Information or PII.

Tracked PII — such as a name or social security number correlated with an address, birth date, birth place, or other specific details — can expose a person's identity to theft and fraudulent use by criminals. PII is some of the most heavily traded content on the so-called “dark web,” and one of the most popular targets for theft by hackers and network intruders.

OMB Mandates for PII Data Security

The OMB has issued a number of mandates for securing sensitive information and how to handle data breaches, including: OMB M-07-16, OMB M-06-19, OMB M-06-16, and OMB M-06-15. These mandates cover a number of information security procedures, including:

  • Securing Personally Identifiable Information (PII) and other sensitive information.
  • Developing and following a breach response plan to mitigate the potential consequences of breach, such as identity theft.
  • Reporting all data breaches to US-CERT within one hour of discovering the incident.
  • Encrypting all sensitive information on desktops, laptops, and removable media like USB sticks and CDs / DVDs.

Getting to OMB Compliance

A few simple and cost-effective steps which help agencies protect against accidental or intentional disclosure of sensitive information outlined by the OMB include:

  • Reducing the volume of collected and retained information to the minimum necessary.
  • Limiting access to only those individuals who must have such access.
  • Using encryption, strong authentication procedures, and other security controls to make information unusable by unauthorized individuals.

Ivanti: Solutions for PII Data Security and OMB Compliance

Endpoint security software from Ivanti can strengthen your agency’s ability to protect PII data and other sensitive information. Ivanti solutions provide policy-driven, people-focused, granular control of users’ applications, devices, and access privileges. Ivanti software also delivers full-disk encryption, comprehensive malware protection, and real-time reporting.

Learn more about Ivanti Endpoint Security Software.