Blog

Securing Information While Sharing
Cybersecurity Data breach Insider threat Privacy Secure collaboration

Securing Information While SharingIn a recent article entitled “Securing Information for a Shared Services Infrastructure”, Richard Freeman from Ricoh Canada talked about the need to secure information as companies share it internally and externally.  The focus of the article is how an organization must look at balancing the need to efficiently share information without compromising privacy, protection of intellectual property and other sensitive data, or financial and legal risk.

As is evident from all the news about data breaches and cyber threats, the challenge today is to thwart the bad guys from stealing your sensitive data.  While many organizations still focus on protecting servers, networks and end-point devices, you have to secure and control the information itself.  Since most of the data created today is unstructured content stored in documents, protecting the documents from inadvertent or malicious access should be the primary goal to ensure that authorized users can collaborate efficiently and securely.

How to Protect IP Mappings from Falling into the Wrong Hands
Cybersecurity Data breach Insider threat

Fasoo protects IP mappings from being stolen and leaking your sensitive dataIn my recent article for IP Watchdog, Taking a Data-Centric Approach to Today’s Security Landscape, I highlighted the importance of organizations taking a data-centric approach to security to safeguard against today’s sophisticated, and even amateur, cybercriminals.  IP Watchdog particularly focuses on the security of all things IP (intellectual property) which brings us to another sector of high valued information—IP mappings.

IP mappings can be critical to the security of an organization’s database because of its link to client accounts and the location of those accounts within the database.  Malicious attacks scanning the system for information on client accounts, such as financial data or trade secrets, would need to spend time and effort to locate the data.  If hackers were able to expose the organization’s IP mappings, it would enable them to easily navigate the system and access the information before the organization knew it was under attack.

Think of a Layered Data Security Framework
Data breach Data security Secure collaboration

Discover, Protect and Monitor access to your sensitive dataThe barrage of data breach news on the front page should come as little surprise to any of us. The more data stored and sent digitally, the more we expose ourselves and more breaches occur.  With all the resources and money spent on preventing a breach, we might think it is reasonable to expect that the number of reported incidents decline. But yet, on the contrary, this is not what we see.

According to the Identity Theft Resource Center (ITRC), just this year to date, there have been 725 reported breaches. The traditional security model to guard the perimeter is not adequate. Today’s challenges require a layered Data Security Framework.  So, what should this framework contain to take the right preventative or restorative actions?

STOP, Collaborate and Listen: Where Employee Vulnerabilities Put Data at Risk
Cybersecurity Data breach Insider threat

Stop, Collaborate and Listen: Where Employee Vulnerabilities Put Data at RiskRon Arden, Executive Vice President and COO of Fasoo, Inc., recently drafted a byline for InfoSec Island that highlights the risks employees pose in their most natural environment – the office – through collaboration with their co-workers.  Email, instant messages, file transfers, and digital downloads can all expose vulnerabilities to an organization’s high-value data yet in an office environment these tasks are constantly happening.  These behaviors can put sensitive data at risk.

Some organizations may become distracted, always trying to defend themselves against the “bad guys,” and forget to keep an eye on their own flock. Executive leadership should ask themselves: do our employees access files containing high-value information? If so, how often and what are they doing with these files? Should they even be allowed to access the files in the first place?

Keep Your High-Value Information Close, and Your Employees Closer
Cybersecurity Data breach Insider threat

Ron Arden article in Corporate Compliance Insights on protecting high-value corporate dataI recently wrote an article for Corporate Compliance Insights that focused on the importance of organizations taking proactive steps to safeguard high-value corporate data from internal and external vulnerabilities. High value information such as trade secrets, product designs, financial data and customer data can change hands often within an organization, including among people who may not need access to this confidential material. It is the sole responsibility of that organization to protect the data from employee error in the greater effort to protect the data from external malicious actors.

As our Ponemon study, “Risky Business: How Company Insiders Put High Value Information at Risk,” taught us, employees, particularly those in the sales department, C-level executives, and finance and human resources, pose the biggest security risk to their companies.  The IT security practitioners at these companies admittedly do not have the resources to prevent data leaking by employees. Not a calming thought for those who trust their information to be safe.

Stop The Leading Cause of Healthcare Data Breaches
Cybersecurity Data breach Data security

Stop the leading cause of healthcare data breachesThe Pain Treatment Centers of America (PTCOA) recently released a HIPAA Security Notification that a 2015 data breach may have exposed the personal information of as many as 19,000 patients. This healthcare data breach involved hackers accessing EHR system files through data servers owned and operated by a third-party.

The breached files included patient medical records, along with health visit information, name, address, health insurance information, driver’s license number or other ID and, in some cases, a Social Security number. As is standard in data breach situations, PTCOA offered affected patients credit alert protection for one year.

Big Data and Data Analytics Need Data-Centric Security
Data breach Data security Privacy

Big Data and Data Analytics Need Data-Centric SecurityBig Data and Data Analytics are changing the way the world uses business information. The amount of data that’s created and stored daily on a global level is almost inconceivable as with each passing hour, the data grows at an amazing pace. Everything from the most trivial details of our personal lives to highly sensitive information at work is now stored and catalogued. While businesses look for ways to leverage, manage and derive insight from this vast amount of information, they also need to think hard about satisfying privacy, security and compliance all at once. This is not a trivial job, and many businesses struggle when attempting to roll Big Data and Data Analytics into a production enterprise scenario.

A Data-Centric Security Framework for a Perimeter-less World
Cybersecurity Data breach Data security

Fasoo Data Security FrameworkThe internet, its commercialization and all its technological advances have changed the way of the modern world. Unlimited information is available at the touch of a button; tasks that used to take time and effort are now much simpler.  All this technology created the opportunity for companies to find new and creative ways to grow revenues and data collection has become an essential component of many business operations.

As data is moving and multiplying at a rapid pace across boundaries, platforms and applications, users have the ability to access data in a variety of ways and data very rarely stays within the secure perimeter of an enterprise anymore.

With more and more sensitive data residing outside of the corporate perimeter, locating, securing and controlling this data presents a significant challenge.  The traditional security strategies that businesses have been relying on are no longer the viable option they once were.