Fasoo Data Security and Intelligent Document Platform on Display at RSA Conference 2017

Fasoo Data Security and Intelligence Document Platform on Display at RSA Conference 2017Fasoo has a big presence at the RSA Conference 2017 in San Francisco where we will showcase our newly expanded data security and management framework which helps companies track, manage and secure their data.

Focusing on the business themes of Security, Governance and Productivity, Fasoo is helping executives and boards of directors comply with enhanced cybersecurity regulations while ensuring they can meet the needs of constantly changing business models that demand secure collaboration to get things done.

Today’s business world demands a new look at how we define and protect the borders of our organizations because our data is created, stored and consumed in systems that may be outside the traditional information security and document management models.  Visitors to Fasoo’s booth #S1239 will see demonstrations of the Fasoo Data Security Framework and Wrapsody that together helps organizations consistently control, secure, track and manage documents no matter where they travel.  This new, integrated data-centric approach overcomes legacy solution limitations that comprehensively satisfies organizational demands placed on data security, governance and productivity.

Read More

Say NO to Stealing Sensitive Information by Phishing

Say NO to Stealing Sensitive Information by PhishingJust a few days after the IRS released it’s warning about W-2 phishing, it appears the College of Southern Idaho (CSI) reported that 3,000 employees’ personal information may have been compromised by a phishing scam.

The attackers are now expanding their sights into higher education according to a recent article by Paul Greene, an attorney at Harter Secrest & Emery.  Given the large number of employees, including seasonal employees, community education instructors and people who work for auxiliary agencies, these institutions are great sources of sensitive information and money.  In this case, someone impersonating a CSI administrator sent an email to an employee requesting W-2 information for all school employees over the past two years.

Read More

How to Fight the Latest Phishing Scams

How to Fight the Latest Phishing ScamsThe more things change, the more they stay the same, unfortunately.  Paul Greene, an attorney at Harter Secrest & Emery, in a recent blog post mentioned a new IRS warning about the reappearance of phishing scams targeting W-2 information.  Companies have lost thousands of dollars in email compromise attacks that first steal W-2s and then attempt wire transfer frauds.

This is nothing new, of course, with the IRS having issued the same form of warning around this time last year.  But it is tax season and the scammers, fraudsters and hackers decided to get a jump on things this year.

In recent years, the criminals targeted corporations, but this year they are casting a wider net, potentially affecting schools, non-profits, restaurants, healthcare providers, and tribal organizations.  This is a classic case of targeting organizations that may not have the best security, since they have not been victims in the past.  Those organizations affected in recent years have hardened their defenses, but now the scammers are going after the next tier.  They also may be going after the supply chain of some of the companies targeted in the past.  After all it’s easier to attack a small service provider than to attack a large bank or manufacturing company.

Read More

Choose Security Over Convenience

Choose Security Over ConvenienceOne of the problems of implementing security is that people perceive it as an inconvenience.  People always take the path of convenience because it’s easy.  Many years ago no one locked their doors because we weren’t worried that someone would come into our house and steal anything.  Over time that thinking changed and we all lock our homes and businesses before going out.

Many organizations think about data security and cybersecurity the same way.  While no one questions locking the doors to the office or manufacturing plant, some don’t think about locking all the doors to their sensitive information.  A common approach is to merely check the boxes to be compliant with a regulation or standard, but don’t think about the unique situation of your company.

Read More

Is Your Board Prepared For A Cyber Attack?

Is your board of directors prepared for a cyber attack?Another day, another cyber attack.  Just in the last few weeks we have seen headlines about a major data breach at Yahoo announced, accusations that the Russian government interfered with the US presidential election and the E-Sports Entertainment Association suffered a breach of over a million records.

Despite the potential harm from such attacks, there is a general consensus that boards of directors are not taking the necessary actions to defend and protect their companies from these attacks.  The problem is that many people in leadership positions do not understand the real problems and consequences of a cyber attack and do not have enough understanding of cybersecurity risks and how to mitigate them.

Read More

Fasoo Launches SPARROW on Cloud

Fasoo Launches Sparrow on Cloud, SaaS version of SASTSPARROW, a static code analysis application, is now available as a Software as a Service (SaaS) offering to help organizations quickly detect critical software vulnerabilities at the early stages of software development.  “SPARROW on Cloud“, SPARROW’s cloud solution is an agile, flexible, reliable and cost effective solution that allows organizations to easily manage application security challenges.

“IoT has brought an upsurge in new software that connects and operates everything from cars to medical devices and with that, enormous risk at the development level,” said Fasoo’s CEO Dr. Kyugon Cho. “Providing software developers with a cloud based application security testing solution was the logical next step for Fasoo as it is so essential for software to be secure at the code level.”

Read More

Cyber Security Legislation Will Change the Face of Business

Cyber Security Legislation Will Change the Face of BusinessAs 2017 gets underway, cyber security legislation will strengthen and force businesses to change the way they approach information security.  At the federal level in the United States, the US Congress and President have proposed numerous updates to existing regulations and new regulations to cover all facets of cybersecurity.  These include the Cyber Preparedness Act of 2016, Cybersecurity Systems and Risk Reporting Act and others.

At the state level, legislation was introduced or considered in at least 28 states in 2016. Fifteen of those states enacted legislation, many addressing issues related to security practices and protection of information, and cyber crimes in general, including dealing with rasomware.

Read More

Top Four Security Predictions For 2017

Top Four Cyber Security Predictions For 20172016 has been an epic year for cyber security and data breaches.  From recent hacks at Yahoo and LinkedIn to problems at the FDIC and stolen intellectual property from Glaxo-Smith Kline, this year has been a boon for data breaches large and small.

The past year has shown us that malicious attacks and inadvertent mistakes continue at an alarming rate and the consequences are legal, financial and brand reputation woes.

So how will 2017 fare?  Will we see more of the same or a change in the cyber security landscape?

Here are four security predictions for 2017.

1. Cyber Security Legislation will Change the Face of Business

Read More

You May Need a “Remote Kill Switch” for Your Documents

document kill switchBetween the alleged hacks from the Russian government in the news and the constant barrage of data breach headlines, it is obvious that the loss or theft of confidential data is a top priority for most organizations.  With the proliferation of mobile devices this is becoming even worse.

While reports from numerous analysts predict a slow down in growth of mobile devices, the number of business users that use phones and tablets to share information is at an all-time high.  Considering that thousands of mobile devices are lost or stolen each month, companies need to understand the issue of exposing confidential information.  Phone manufacturers have long employed the ability to remotely kill a lost cell phone or application that may cause issues on the device.  Numerous MDM (mobile device management) applications can also do a remote wipe and help to protect devices.  So you think that you have all the bases covered – think again!

Read More