Blog

Manufacturing: 5 Top Factors to Consider When You Select Enterprise DRM
Data breach Insider threat Sensitive Unstructured Data

Protect CAD drawingsThe rising wave of industrial espionage and intellectual property theft has manufacturers on edge. Are you tasked with finding the right Enterprise Digital Rights Management (EDRM) solution for your company?

Check out these five tips from IP protection experts in manufacturing. 

*

Are you looking into EDRM solutions to ramp up your organization’s IP protection?  Congratulations, buckle up and hold on for the ride. 

Because this is mission-critical to your company’s future, it’s only natural that you feel the pressure to dot all the I’s and cross all the T’s. The tips below will help you zoom in on the essentials quickly.

Go Beyond Compliance to Reduce Cyber Risk and Insider Threat
Data breach Data security Insider threat Sensitive Unstructured Data

Go Beyond Compliance to Protect Sensitive DataData breaches make headlines every day and companies across the globe struggle to meet changing privacy regulations, such as the California Consumer Privacy Act (CCPA), the upcoming California Privacy Rights Act (CPRA) and of course, the General Data Protection Regulation (GDPR).

Data security is very high on the list of corporate priorities with most concentrating on protecting databases containing personally identifiable information (PII). Sensitive information subject to privacy or industry regulations is not found or stored solely in structured databases, but in unstructured files like Microsoft Office documents, PDFs, images, and computer-aided design (CAD) drawings.

Latest Post
Sensitive Unstructured Data

Streamline and Operationalize Security and Privacy InitiativesStreamline and Operationalize Security and Privacy Initiatives

Leading organizations are discovering how a protect first, file-centric approach fortifies data security and enhances data visibility to comply with privacy…

Read More

 

Data Visibility for Privacy and SecurityData Visibility for Privacy and Security

The best approach is a self-reporting file method, one that automatically traces, gathers and records all document interactions without reliance on disparate network, application, and device logs…

Read More

 

Protect-First Approach To Data-Centric SecurityProtect-First Approach To Data-Centric Security

There are three predominant methods in the market today to prevent loss and unauthorized access to sensitive unstructured data. Each is different and the best way to compare and contrast…

Read More

 

Fix these six vulnerabilities in your data security architectureSix Vulnerable Points in Your Data Security Architecture and How You Can Protect Them

It’s time to do a quick check of key vulnerabilities impacting sensitive unstructured data that may arise…

Read More

 

What Unstructured Data is Sensitive?What Unstructured Data is Sensitive?

Your organization’s sensitive unstructured data is a rapidly growing threat surface increasingly targeted by threat actors.

It poses unique security challenges, many that are not addressed by the majority…

Read More

Trade Secrets and Insider Threats – Levandowski’s Are Everywhere
Data security Insider threat Sensitive Unstructured Data

Protect Trade Secrets against Insider ThreatsInsider threat has been an issue for many years, but the consequences of these events have a strong and long-term impact on your business.

If competitive advantage isn’t enough reason to protect sensitive data, how about the legal costs?

The risk posed by insiders is again, in the spotlight as Anthony Levandowski, a founding engineer at Google’s autonomous vehicle project, now known as Waymo after it was spun off in 2016, is convicted and sentenced to 18 months in prison. After 3 long years of legal proceedings where Levandowski was charged with stealing trade secrets by downloading 9.7 GB of confidential files, he was sentenced to 18 months in prison and ordered to pay over $178 million in fines to Google.

How Can Your Remote Workforce Collaborate Securely?
Data breach Data security Insider threat Print security Secure collaboration

Never has there been a better litmus test for seeing how agile your business is than responding to a pandemic. A recent survey by leading research firm Gartner confirmed that most businesses will shift some employees to remote work permanently as a result of COVID-19. Even from home, employees need to collaborate securely with colleagues, partners and customers to stay productive and meet deadlines and goals. While video chat and instant messaging lets you communicate, a lot of collaboration is through documents. Ideally you want to easily share documents, make sure everyone is working on the most recent version, and be able to securely manage all your projects. With the major shift to working at home, the time to double down on data security is now.

Collecting Laptops From Terminated Employees? Protect Unstructured Data
Cybersecurity Data breach Data security Insider threat Privacy Secure collaboration

Protect data on laptops from terminated employees I read a Tweet recently from “Accidental CISO” about collecting laptops from terminated employees during the pandemic that I deemed retweetable (if that is a word).  Some comments focused more on the hardware – how to get it back – but this got me thinking more about what is actually on the hardware. What sensitive information, like intellectual property, might reside on them?  It also made me think, in a situation like this, how the potential for insider theft is far greater.

Files containing IP can be either printed on home printers, sent over email to personal accounts, saved on a USB stick, screen captured and so on.  These are not necessarily actions of malice, but obvious desperation to assist with the basic need for employment.

Pandemic Sent Your Workers Home? Reminders for Best Data Security Practices
Cybersecurity Data breach Data security Insider threat Print security Privacy Secure collaboration

Overnight, companies across the globe were forced into a fully remote workforce.  If you are prepared, under the best of circumstances, it can still be a challenge, but if you are not, the challenges are even greater and some things can potentially fall through the cracks.  People working from home can lead to a few unintended bad habits. With business continuity being the priority, data is even more at risk as hackers and thieves see opportunity when your guard is down.

For companies that don’t have tools in place, and for that matter, those that don’t have the right tools in place, here are some things you can do while ensuring the health of your employees, and your business stays on track.

Please Steal My Password
Data security Insider threat

steal this passwordHow many times have you seen passwords attached to monitors on sticky notes?  How about people who use the password “password” or “123456”?  With a lot of us having to work from home because of COVID-19, data security and privacy has become more important than ever, since we are not in the protective confines of an office and many of us may have to use our home computers.

In 2020 we have a lot of great technology to access our computers, tablets and phones.  You can access my phone with my face and your laptop with your thumb, but they are all still based on an initial password.  We’ve all read stories about using strong passwords and how easy it is to guess people’s passwords.  The fatal flaw in the system is that we need something that isn’t obvious, but something that we can remember.  Some of the simplest methods of creating a more complex password is to use upper and lower case alphanumerics plus a symbol.

Complying with CCPA – What are some of the landmines?
Data breach Data security Privacy

Complying with CCPA - What are some of the landminesThe potential landmines for compliance with CCPA is pretty high.

One of the first things is that a lot of companies don’t know how to interpret the law. We saw that with GDPR for the year prior to it going into effect. CCPA is a lot like it, but there are likely still questions.

Secondly, is the DSRs (Data Subject Requests) or the right to be forgotten. People are very in tune with their privacy these days and will want to act on it, not only for the reduction of spam, but for the identity theft potential. The requests will likely come too fast and companies with a lot of data containing personally identifiable information (PII) – the very thing those DSs will be after them for – will find themselves in a position where they don’t know where to start.

Tariffs Hitting the Automotive Manufacturing Industry Is Bad Enough, But Intellectual Property Protection is of Huge Concern!
Cybersecurity Data breach Data security Insider threat Privacy Secure collaboration

Protect intellectual property in the automotive industryIntellectual property is a valuable asset in a variety of verticals.  Let’s take manufacturing, for example.  More specifically the automotive industry.  It is particularly vulnerable to theft.  In fact, in our Webinar “Close the Gap on Insider Threat: Granular Access Controls & Behavior Analytics , we cited a Deloitte survey where the respondents put the automotive industry at the highest risk of insider cyber threat. This means they need to put serious consideration into protecting their intellectual property in unstructured files, especially when it is handled by multiple parties.

The auto industry is suffering because of the tariff war between the U.S. and China – they’ve got enough to think about in this respect.  But, this does not mean they can let their guard down with protecting CAD/CAE designs, that are very critical to their success.  It is a very competitive market from both a talent and design perspective. In fact, one of our customers considered themselves the “University of Auto Manufacturing”.  This was because they would put time, effort and money into training individuals on their designs, giving them access to their precious CAD/CAE files only to see it walk off on a USB stick perhaps getting into the hands of a competitor.  They got tired of that, and took control through discovery and classification, and by using granular access rights.