Blog

Financial Services: How to Boost Your Remote Work Surveillance
Cybersecurity Insider threat Print security Privacy

Image shows wall-mounted home office surveillance camerasRemote work is putting sensitive data at risk. That we can all agree on. Traditional endpoint protection frequently fails. So what about stronger surveillance of remote employees at home? 

*

Let’s monitor the heck out of them, shall we?

Remote Work Security and Document Protection in Banking: What’s Next?
Cybersecurity Data security Insider threat Print security Sensitive Unstructured Data

Which industries have the highest potential for remote work? Finance and insurance, says McKinsey & Company. There’s a catch, however. How can organizations realize this potential without compromising data security and privacy? 

*

The consultancy found that three-quarters of activities in these sectors can be done remotely without a loss of productivity. Information security wasn’t part of the study. So what are the implications from a data protection perspective?

Enterprise DRM Glossary
Cybersecurity Data security Insider threat IP Theft Print security Privacy Sensitive Unstructured Data

IT, compliance, and risk management leaders need a reference of terms, acronyms, and key people in the enterprise digital rights management (EDRM) domain. This Enterprise DRM Glossary will be updated regularly. The EDRM glossary draws on various sources, including books, periodicals, websites, subject matter experts, and Enterprise DRM users. We welcome your feedback and suggestions of terms to include. Contact us at info@fasoo.com.

That’s a Nice Data Policy You Have There
Cybersecurity Data breach Data security IP Theft

Movie Sign: Policy Exception Handling

Wouldn’t it be a shame if it slowed down your business and turned out to be useless for protecting your data? Here’s what I’m getting at:

74 percent of U.S. companies say they will keep some remote work arrangements in place post-pandemic. In other news, roughly 359,000 cybersecurity positions in the U.S. went unfilled at last count.

Taken together, these data points spell trouble. This is where the policy part comes in. Data breaches involving sensitive information have been skyrocketing recently. What about the document access and use policies at the affected organizations? Why didn’t they matter?

3 Top Document Protection Takeaways from the May 2021 Executive Order on Cybersecurity
Cybersecurity

 

Cover of Biden Administration Executive Order Cybersecurity 05-2021 (NIST)

In its Executive Order on Improving the Nation’s Cybersecurity on May 12th, the Biden administration mandated major improvements to how federal agencies protect their networks and data. How does this affect companies that do business with the federal government (or plan to) and their suppliers and contractors? 

*

IP Protection Over Workflows? “People don’t want their productivity to dip”
Cybersecurity Insider threat IP Theft Secure collaboration Sensitive Unstructured Data

Image shows a screenshot (top left), Hillary Fehr (GE), and Chris Babie (GE) of the IP Protection Fireside Chat: Fasoo's Ron ArdenHow to stop intellectual property leakage and theft in manufacturing?

That was the topic of a discussion hosted by Fasoo at the 2021 Apex Assembly Tech Leaders Northeast Summit. CTO Ron Arden spoke with Hillary Fehr, Senior Cyber Security Researcher with GE Gas Power, and Chris Babie, Staff Cyber Security Researcher with GE Gas Power, about the challenges of IP protection in the manufacturing enterprise. 

In Part 1 of this conversation, IP Protection: “We need a tool with a wider scope”, we focused on how to protect sensitive CAD files, 3D-PDFs and other PDF file formats, in addition to the wide variety of Microsoft Office and other documents typically found in innovation-driven manufacturing companies.

In this post, Ron, Hillary and Chris zoom in on additional insider threats and risks introduced through the rise of the cloud and the rapid shift to work-from-home due to COVID-19.

What advice do the GE security researchers have for IT leaders in manufacturing companies looking to update their document protection program? Find out in Part 2 of the conversation:

*

Collecting Laptops From Terminated Employees? Protect Unstructured Data
Cybersecurity Data breach Data security Insider threat Privacy Secure collaboration

Protect data on laptops from terminated employees I read a Tweet recently from “Accidental CISO” about collecting laptops from terminated employees during the pandemic that I deemed retweetable (if that is a word).  Some comments focused more on the hardware – how to get it back – but this got me thinking more about what is actually on the hardware. What sensitive information, like intellectual property, might reside on them?  It also made me think, in a situation like this, how the potential for insider theft is far greater.

Files containing IP can be either printed on home printers, sent over email to personal accounts, saved on a USB stick, screen captured and so on.  These are not necessarily actions of malice, but obvious desperation to assist with the basic need for employment.

Pandemic Sent Your Workers Home? Reminders for Best Data Security Practices
Cybersecurity Data breach Data security Insider threat Print security Privacy Secure collaboration

Overnight, companies across the globe were forced into a fully remote workforce.  If you are prepared, under the best of circumstances, it can still be a challenge, but if you are not, the challenges are even greater and some things can potentially fall through the cracks.  People working from home can lead to a few unintended bad habits. With business continuity being the priority, data is even more at risk as hackers and thieves see opportunity when your guard is down.

For companies that don’t have tools in place, and for that matter, those that don’t have the right tools in place, here are some things you can do while ensuring the health of your employees, and your business stays on track.

Tariffs Hitting the Automotive Manufacturing Industry Is Bad Enough, But Intellectual Property Protection is of Huge Concern!
Cybersecurity Data breach Data security Insider threat Privacy Secure collaboration

Protect intellectual property in the automotive industryIntellectual property is a valuable asset in manufacturing, and more specifically the automotive industry.  It is particularly vulnerable to theft.  In our Webinar “Close the Gap on Insider Threat: Granular Access Controls & Behavior Analytics , we cited a Deloitte survey where the respondents put the automotive industry at the highest risk of insider cyber threat.  Executives, IT and security groups need to put serious consideration into protecting their intellectual property in files, especially when handled by multiple parties.

It Takes a Village to Raise a Child, Right? It Takes a Team to Develop a Data Governance Strategy!
Cybersecurity Data breach Data security Insider threat Print security Privacy

Define a Practical Data Governance Plan for Unstructured DataThe phrase “It takes a Village to raise a child” is true.  But it is also true that it takes a team to develop a data governance and policy management strategy!

Teamwork is important when developing a data security strategy. As part of that process, data governance and policy management needs to be part of the equation. It’s becoming more and more clear that organizations struggle with policy management – particularly with unstructured data. The very nature of unstructured data leaves it vulnerable to exposure and loss. Insider threat is of particular concern because while hackers typically attack structured databases, your employees and other valued insiders are accessing those databases on a regular basis. The insiders can download sensitive information into spreadsheets and reports. They are accessing your intellectual property, such as product designs and roadmaps. It’s the insiders that will walk off with those designs and sell them to your competition or bring it to a competitor to jumpstart the next phase of their career. The loss of this information will not only cost you revenue, but can also result in a regulatory fine. Who can afford that?