Blog

Is There a Sure Fire Way to Restrict Access to Employee PII?
Data security Insider threat

Data protection in Human ResourcesI recently wrote an article about protecting confidential data that flows through the HR department.  This is an area that many people forget when thinking about the most sensitive information in an organization.

Everyone thinks about the obvious, like maintaining information about current employees.  But there are many other pieces of sensitive data flowing through HR.

Resumes and personal information about potential employees come into the HR department as managers post job requisitions.  In today’s world, candidates require criminal background checks and drug tests that need to be kept confidential.  As a company hires people, references, existing health information, 401K data and salary details are maintained by Human Resources personnel and inside information systems they access.

Fasoo Was Busy In October Showing Data Security Solutions
Cybersecurity Data breach Data security Insider threat

Fasoo Had a Busy Month in October Showing Data Security SolutionsThe month of October was very busy for Fasoo as we were all over the US talking to people about data-centric security and how it is the best solution to protect your sensitive information from insider threats and external hackers (APTs).

We started the month by attending the Rochester Security Summit in Rochester, NY.  This two-day event brought together executives and technical staff from numerous organizations in the Rochester area to share intelligence on how to protect their businesses from cyber attacks.  Fasoo was part of a vendor pavilion with our partner Brite Computers showing attendees how to protect data localized from databases, files downloaded from content management systems and those shared through the cloud and on mobile devices.  Ron Arden, Vice President – North America, presented to a packed room on “Closing the Threat Gap: A 21st Century Approach to Minimizing Risk” as part of the Threat Landscape track at the event.

Breaking the 2015 Data Breach Trends
Data breach

Breaking the 2015 Data Breach Trends

In a recent article regarding the top six data breach trends of 2015, we should expect more breaches in the healthcare industry, legal and regulatory pressure will increase on CEOs and boards, despite headlines involving breaches by hackers and foreign countries disgruntled or negligent employees will be companies’ biggest security threats, hackers increasingly will target data stored in the cloud, credit card breaches will rise over the next few months and the Internet of Things will provide an easy entry point to all your devices and data.

How worried should we be about these trends? Well, let us be honest, this is not so much of a surprise judging by the events of this year. Already we are reaching a record pace for data breaches and what was once only limited to healthcare, retail and finance has strongly made a mark in the government sector as well.

Is Your Favorite Sports Team’s Data Secure?
Data breach

Is Your Favorite Sports Team’s Data Secure?

It is no doubt that 2015 is on record pace for the number of data breaches compared to previous years. However, typically we would assume that these data breaches would happen in such industries as healthcare, finance, retail or the government. We would have never thought that this would enter the area of professional sports teams.

Now we know it is happening inside America’s favorite pastime, baseball, and it’s reaching national and worldwide headlines. Here is the story: the St. Louis Cardinals are being accused of hacking the Houston Astros to gain access to intellectual property – trade, proprietary statistics and player strategy information. Federal investigators are recommending charges against at least one St. Louis Cardinals employee for allegedly intruding on a rival baseball team’s database.

Fasoo Shows How to Protect Data in the HR Department
Data security Insider threat

IT Business Edge shows how Fasoo protects HR dataHR departments have a unique set of security challenges to maintain the confidentiality and integrity of internal staff and external clients.  While maintaining the confidentiality of personally identifiable information (PII), they also develop and share information that needs wide distribution.

Managing these somewhat contradictory requirements requires an approach that is flexible enough to protect against insider threats, while enabling secure sharing.

IT Business Edge has published the slideshow, “Data Protection: Five Challenges Facing the Enterprise HR Department”, that highlights five functions of an enterprise HR department and how Fasoo can help meet the specific access and permission requirements for different tiers of information.

Mandating Encryption for Organizations
Data security

Mandating Encryption for Organizations

Connecticut is taking the next step in guaranteeing that customer data is secure. Therefore, if companies want to do business in this state, they will have to make sure that all personal data that is stored and transmitted is encrypted. In addition this soon to be law would require business to enable stronger password protections and control how much personal identifying information can be downloaded at one time, to help mitigate damage in the event any data is stolen.

For Connecticut residents, nearly one-third of them, were affected by the Anthem breach. It is no wonder that states like Connecticut, Maryland and New Jersey have made headlines pushing for all organizations to encrypt any sensitive data they have that pertains especially to customers. Connecticut Senate Majority Leader Bob Duff, D-Norwalk explains that, “In the long run, I think that companies will find it cheaper to implement these protocols than to have to clean up the mess of a data breach.”

Bigger Problem than Compliance?
Data security

Bigger Problem than Compliance? The answer? Data Protection! Although compliance has always topped data breach protection, this year, preventing data breaches and protecting intellectual property are all considered more important in driving data protection. However, it is both of these together that makes a data breach protection solution so robust.

Meeting and demonstrating compliance is the start to a more secure organization. Last year in particular with the spike in data breaches caused by the theft or loss of sensitive information pushed the government to push for numerous legislative requirements and standards-based protocols from NIST (National Institute of Standards and Technology).

Federal government agencies are required to follow endpoint security obligations and protocols and even more so with national security agencies who communicate classified information.