Blog

Tag: Fasoo

Graphic: Top 5 Document Protection Blog Posts of 2021Which blog posts about document security and protection attracted the most visitors to the Fasoo website in 2021?

Let’s face it: the ins and outs of Digital Rights Management (DRM) in the enterprise don’t exactly make for blog topics that get most people’s juices flowing.

The good news is that content that draws on the insights shared by Fasoo’s longtime, recent, and not-yet customers can overcome this hurdle. Readers interested in Enterprise DRM clearly prefer blog posts that answer relevant questions and provide hands-on advice for IT decision-makers and their teams.

Which Fasoo blog posts hit a nerve in 2021? These were the Top 5:

*

# 5: Your questions about Fasoo Enterprise DRM vs. Microsoft AIP, answered

“How does Fasoo Enterprise DRM (Fasoo EDRM) compare to Microsoft Azure Information Protection (AIP)?” In one version or another, this was one of the most frequently asked questions the Fasoo team had to answer in 2021. 

It’s a tricky one. After all, Microsoft AIP was developed primarily with the document ecosystem of Microsoft Office plus a few third-party file formats in mind. Fasoo DRM, on the other hand, provides document protection at scale and for more than 200 file formats in large organizations and along their supply chain.

Image shows a Minivan vs. Ford Super Duty Pickup Truck Tableau

Photo sources: Dreamstime / Ford

So can you compare the two at all? We tried. Let’s just say minivans keep us moving, but for serious business, you may want to consider a  super-duty truck.

It seems like many readers have been looking for answers to EDRM-vs.-AIP-related questions. Did you miss the post?

Check it out here:

FAQ: 5 Top Questions About Fasoo Enterprise DRM vs. Microsoft AIP

# 4: IP theft prevention: a step-by-step guide for the automotive industry

In vehicle and component manufacturing companies, most sensitive information is stored and managed digitally. Examples are:

How can you protect digital assets against intellectual property (IP) theft? Without adequate – data-centric – protection, trade secrets can end up with a competitor or a foreign government in a matter of minutes, even seconds: on a USB device, say, or uploaded to a personal cloud storage account from an unmanaged remote work laptop.

And they do. 2021 was marked by the “Great Reset” in the automotive industry. Employees working from home or leaving for a competitor (or both) posed the biggest threat to their company’s proprietary information. How to prevent intellectual property theft in the automotive sector? Many blog visitors turned to our 10-step guide here:

IP Theft in the Automotive Industry: 10 Tips to Counter the Insider Threat

# 3: Important enterprise DRM terms, explained

Enterprise-level DRM can be confusing. The – often niche-specific – solutions of the past were expensive, complex to deploy, and difficult to scale. As a result, IT teams weren’t exactly gung-ho about exploring today’s DRM-based information protection.

This has changed. Enterprise DRM solutions have come a long way, which has caused a resurgence of the category and considerable change in perceptions. In 2021, this trend had more IT professionals asking about specifics. 

So we dedicated 2021 to cutting through the fog of related terms and acronyms for this growing audience. A timely decision, judging by our blog traffic numbers. The Enterprise DRM Glossary became the 3rd-most frequented post of 2021:

Enterprise DRM Glossary

# 2: PDF security – an oxymoron?

You would think that 28 years after Adobe first introduced its platform-independent “secure” PDF file format, all related document protection questions should be settled. Far from it, as you may know.

Yet PDF files are making up a large share of unstructured business data. Do you know how well all your sensitive PDFs are protected? If the answer is no, consider yourself in good company.

According to a 2021 report, researchers who analyzed publicly accessible PDF files of 75 government security agencies identified only seven that had removed sensitive information before publishing. Ouch.

This data point doesn’t make you feel better? In that case, the # 2 on our Top-5 list of document protection blog posts provides relief. It gives a hands-on introduction to various approaches to securing PDF documents against unauthorized access, including editing, printing, copying, or screenshots:

Document Protection: How to Secure a PDF

# 1: DRM vs. DLP – a false dichotomy?

And the winner is… Boasting not one, but two industry acronyms in the headline, the chart-topper on this Top 5 list defied headline writing best practices and search engine odds in 2021.

DRM and DLP – Data Loss Protection – both aim to protect sensitive documents against leakage and exfiltration. They are frequently weighed against each other, but that doesn’t explain why this blog post piqued that much curiosity.

Maybe it’s because it fundamentally questioned the traditional “either/or” perspective? If you haven’t read it yet, you can find it here:

Enterprise DRM and DLP: Comparison Made Simple

Fasoo Moderates Panel on Cybersecurity and Your CompanyBill Blake, Senior Vice President and CCO (Chief Customer Officer) of Fasoo, moderated a panel discussion on Cybersecurity on September 13, 2017 at Harter Secrest & Emery LLP in Rochester, NY.  The event entitled Cyber Security & Your Company – What You Need to Know Now featured industry leaders and experts from The Bonadio Group, Fasoo, Lawley, and Harter Secrest & Emery LLP discuss how, when, and why to plan for a cyber attack.

The event was part of a continuing dialog with organizations on the needs for stricter cybersecurity controls in the wake of the ever growing threat of data breaches and threats to business operations.  Recent data breaches at Equifax, Verizon and others show that any organization is vulnerable to external attacks or insider threats.  Regulations and legislation, such as the New York NYDFS 23 NYCRR 500 cybersecurity regulations and GDPR in Europe, are causing businesses to improve their security posture to protect business and customer information.

Paul Greene, an attorney with Harter Secrest & Emery LLP, started the event with some opening remarks and Bill Blake got right into the discussion questions which hit on a number of cybersecurity topics, including how to prepare for a cyber attack, the role of insurance in your incident response plan and how the newest cybersecurity regulations and laws affect your business.

High on the list was a discussion of the recent Equifax data breach and how it affects businesses and consumers.  This lead to a discussion and questions about risk assessments and how they are critical to improving your cyber security posture.

Carl Cadregari, an Executive Vice President at The Bonadio Group, talked about the frequency of doing a risk assessment.  This is not something you can do once.  The threat landscape is constantly changing and the needs of your business are evolving, so you need to continually assess your risk and the best ways to mitigate it.  Carl said that finding your most sensitive data and encrypting it is one of the best ways to ensure you are protected.  If a hacker gets encrypted files, they won’t be able to use them.  In many cases this may not be considered a data breach, so you don’t need to report it.

While most of us think about technical solutions, legal ones are as important as well, since a cybersecurity event is not a breach until your attorney says it is.  Paul Greene mentioned “It’s important to involve counsel in your Risk Assessment process because it allows you to have a full and frank discussion about any shortcomings you may find, without worrying that those discussions can be used against you.  That’s the protection of the attorney-client privilege, it allows for that “oh [expletive]” moment when you discover something that may be really bad, without the worry that those communications will be used against you.”

Reggie Dejean, a Specialty Insurance Director from Lawley Insurance, talked about the crucial role of insurance in any cyber compliance program.  He said, “Cybersecurity insurance can help mitigate the financial loss that occurs when, not if, a data breach happens to a company. These policies can help cover some of the costs which include forensics, credit monitoring, notifying those affected, public relations and more. In today’s world, any size company is susceptible to a cyber breach, so cyber intrusion insurance can help reduce your risk and costs.”

Bill Blake brought up printing as a risk that many organizations don’t think about.  There tends to be a focus on digital assets, but if someone prints sensitive information, there is still the same liability when it comes to regulation and the law.  Numerous audience members asked if protection of sensitive data extends to paper files and the general consensus is that it does.  Preventing printing to minimize risk is clearly a good strategy when applicable, but masking sensitive data and applying visible watermarks are also good strategies to help eliminate sensitive data on paper and allow you to trace the information back to the person that printed it.

Another big discussion was around risk in the supply chain.  An audience member from a bank said they share a lot of information with Equifax and was wondering if the bank is liable because of the Equifax data breach.  Under the NYDFS 23 NYCRR 500 cybersecurity regulations an organization is responsible for the security of data it shares with its supply chain.  Whether the bank needs to inform authorities of a breach in its supply chain is unclear, but it is ultimately responsible for its data.  Third and fourth party protection will come from both technical and legal remedies.  You need air tight legal agreements to mitigate your risk, but encrypting and controlling your shared information is the best solution to supply chain risk.

The event finished with questions from attendees on the most challenging areas in their companies for compliance.  One bit of advice from the panel was to remember that companies should focus on protecting their sensitive information.  While many can get caught up in the minutiae of plans and reporting, it is imperative to focus on protecting the data which drives the business.

Rochester NYDFS Pathways to Compliance Event a Big SuccessThe first of the NYDFS 23 NYCRR 500 roadshow events in Rochester, NY on May 16, 2017 was a great success as numerous people from local financial services companies participated in a great forum to help organizations understand how to meet the new cybersecurity regulations that went into effect on March 1, 2017.

The event was held at Harter Secrest & Emery LLP in Rochester and started what will be a continuing series of forums to assist entities regulated by the New York Division of Financial Services (NYDFS) comply with a strict and wide-ranging group of regulations.

The event started with an “Overview of 23 N.Y.C.R.R. Part 500 and Key Legal Challenges” by F. Paul Greene of Harter Secrest & Emery LLP.  Paul focused on many of the legal issues around compliance, including what is a covered entity.  Any organization regulated under the Banking, Insurance or Financial Services law is subject to this regulation.  This includes foreign and out of state businesses that operate in New York and most likely applies to the whole organization, unless the organization has a segregated IT infrastructure.

Dr. Larry Ponemon of the Ponemon Institute followed with a review of his latest survey, “Countdown to Compliance: Is the Financial Services Industry Ready for New York State’s Cybersecurity Regulations?”.  Sponsored by Fasoo, this survey helped understand the current posture of readiness to comply with the new regulations.  Some of the more interesting results are that most organizations do not believe they can meet the timelines for compliance, over 70 percent think a lack of knowledgeable personnel will hamper their efforts and most are very concerned about how to implement effective security policies for third party service providers.

Dr. Ponemon’s keynote was followed by a Panel Discussion – Pathway to Compliance – that was moderated by Kevin Cox from Brite Computers.  Panel members included Dr. Ponemon, Paul Greene, Reg Harnish from GreyCastle Security, Reggie Dejean from Lawley Insurance, and Ron Arden from Fasoo.  There was a lot of discussion around doing a risk assessment and understanding what nonpublic information assets you have and where they are.  This lead to insurance questions and how best to mitigate risk related to business continuity following a data breach.  While insurance is critical to recovery from loss, it is not a substitute for a good cybersecurity program.

The event finished with questions from attendees on the most challenging areas in their companies for compliance.  One bit of advice from the panel was to remember that the regulation is intended to protect companies and their customers by protecting sensitive information.  While many can get caught up in the minutiae of plans and reporting, it is imperative to focus on protecting the data which drives the business.  That is the focus needed to improve the cybersecurity posture at each covered entity.

Fasoo wants to thank all the Rochester NYDFS 23 NYCRR 500 roadshow sponsors for all their support in making it an outstanding event.

Ponemon Institute
Harter Secrest & Emery, LLP
Brite Computers
GreyCastle Security
Lawley Insurance

Fasoo Had a Busy Month in October Showing Data Security SolutionsThe month of October was very busy for Fasoo as we were all over the US talking to people about data-centric security and how it is the best solution to protect your sensitive information from insider threats and external hackers (APTs).

We started the month by attending the Rochester Security Summit in Rochester, NY.  This two-day event brought together executives and technical staff from numerous organizations in the Rochester area to share intelligence on how to protect their businesses from cyber attacks.  Fasoo was part of a vendor pavilion with our partner Brite Computers showing attendees how to protect data localized from databases, files downloaded from content management systems and those shared through the cloud and on mobile devices.  Ron Arden, Vice President – North America, presented to a packed room on “Closing the Threat Gap: A 21st Century Approach to Minimizing Risk” as part of the Threat Landscape track at the event.

The following week saw Fasoo sponsoring an executive luncheon on The Internet of Things (IoT) at the Nasdaq Ron Arden and Bill Blake at the National Cyber Security Awareness month eventMarketsite in New York City.  The event was put on by the National Cyber Security Alliance (NCSA) as part of National Cyber Security Awareness Month (NCSAM).  Bill Blake, President – North America, and Ron Arden got to participate in the luncheon and spoke to the numerous executives and government officials.  We were even part of the closing bell ceremony; look for us around 1:00 into the video.  With all the interest in IoT devices and the tremendous data that each will generate, Fasoo was educating people on how to protect the information collected and ensure that PII, PHI and other personal data is protected.

We finished the month in Las Vegas at the IBM Insight 2015 conference.  Fasoo was a Silver Plus Sponsor, so we had a booth right in the middle of all the action.  Security and analytics were big focuses of the conference this Dayhuff and Fasoo show charging station at IBM Insight 2015year as many organizations are trying to understand where they have sensitive information (the crown jewels) and how best to protect it from internal and external threats.

Bill Blake, Ron Arden and National Account Manager Alper Kizar were all in Vegas talking to customers, IBM staff and generally enjoying the warm weather.  Bill presented “Closing the Threat Gap: A 21st Century Approach to Minimizing Risk” to an enthusiastic audience at the Expo Theater.  Our partners Dayhuff and Neocol joined us in the booth and throughout the conference as many attendees were talking about securing the mountains of unstructured data in their companies.  Of course Vegas would not be complete without some fun, so Dayhuff held its annual get together at the Ri Ra Irish Pub.  The Irish definitely make some great beer and it was great to unwind with everyone after a long day at the conference.

During the different events, I heard a lot of recurring themes from attendees, vendors, speakers and security professionals.  I think they show the challenges CISOs, CIOs and other executives face as they try to move their businesses forward in an ever changing security landscape.  Here are a few of them.

clip_image001 Corporations do not have perimeters anymore

clip_image001 Security is everybody’s job

clip_image001 Monitoring data is hard, it’s like dust, it’s everywhere

clip_image001 Users are very naive about security and need to be educated

clip_image001 More than half of all data breaches are caused by human error

clip_image001 When you increase where the data is, it increases the risk

clip_image001 Being compliant doesn’t mean you are secure

Fasoo has the best approach to address each of these points through strong file encryption and persistent security policies that travel with the data.  Access to sensitive data is controlled through good identity management that ensures your sensitive data is protected and controlled regardless of location or device.  Working with existing applications and workflows makes it very easy for users to apply security to files, since they don’t have to think about it.  Automatic security policies apply the right level of access control as soon as someone creates a file.  This makes it easy to control unstructured data, whether it’s created locally or downloaded from an existing information system.

Check out some of the pictures from our busy October as the weather turns colder and the end of the year is in sight.  Hopefully we can help you create a secure work environment by protecting your most sensitive information from getting into the wrong hands.

New Trend: Healthcare

I don’t know how much more we can continue talking about healthcare data breaches. This is again a multi week of data breaches in the healthcare industry, and again over and over. With Anthem Inc. and then again with Premera Blue Cross, and Advantage Dental, all announced they had data breaches, however nothing about if there data was encrypted.

How can 80 million and then 11 million then finally 150,000 patient records all in a month or so get exposed? Have we become so sure that we will not be a target to hackers and insider threats? The question now is not if, but when will a data breach happen. This is even more common in the healthcare industry.

 

Just by looking through the list of blogs that we have written alone, covers a lot about how we can help the healthcare industry protect PHI against being exposed. This is not only against outside attacks, but also to malicious and accidental insider threats. What is the reason behind this? The reason is that we protect the data itself, no matter where it is.

In addition, many states are very close to imposing regulations and laws to protect patient health information. They will also penalize organization that deal with this information and do not have the proper protection against such attacks.

It’s time to also not focus on the perimeter as for the past couple years, that perimeter can no longer be defined as it has become so wide. Meeting the proper steps to protect sensitive information of this nature must currently be paramount to all healthcare organizations.

Making sure that data is DRM protected, as this can prevent hackers from accessing the data even after the data has been stolen.

Remember the new threat even now is that your data is under attack. Even at this very moment it could be with all the recent APT (Advanced Persistent Threat) attacks. Don’t ignore the threat as it has become very real at a big scale.

 

Picture Credit: Adrian Clark

 

When Will Your Data Breach Happen?

IT security is a growing threat for businesses of every industry and no organization can be seen as safe. Hackers are learning new methods to attack web sites and networks. Most of the time employees have easy access to company information and are often unaware of how to detect and prevent these breaches because of a lack of training or lack of security for this information. The question is not if, but when will a data breach happen?

It is very clear that data breaches can no longer be protected by perimeter security. The perimeter continues to fade as a result of increasing connectivity between 3rd party partners and vendors, along with

customers themselves.  Mobile devices and cloud computing makes this perimeter almost impossible to determine. A majority of the cost of security is spent on firewalls, intrusion detection systems and antivirus software, however, it is only effective to a minute scale. Ultimately, it is the data itself which needs to be protected and encrypted persistently, no matter where it is.

Data classification is also a key in making sure that data breaches can be prevented. Categorizing data so employees know how to handle various types of information can determine the most sensitive data rather than data that doesn’t necessarily need to be protected.

Without a doubt though, any security professional will tell you and with no disrespect, that employees are the weakest link in the security chain. Therefore, you must make sure that the data itself is secured, rather than relying on policies, or training.

DRM protected documents have the type of security that doesn’t rely on the perimeter to secure sensitive company information. With even more laws and regulations coming into play recently, encrypting your information with Fasoo’s Enterprise DRM (Digital Rights Management) can help you keep your data secure even when a data breach happens.

So when the data breach happens, will you be prepared? With the right data-centric security solution, you can certainly count on it.

Photo Credit: Jbosarl

Mandating Encryption for Organizations

Connecticut is taking the next step in guaranteeing that customer data is secure. Therefore, if companies want to do business in this state, they will have to make sure that all personal data that is stored and transmitted is encrypted. In addition this soon to be law would require business to enable stronger password protections and control how much personal identifying information can be downloaded at one time, to help mitigate damage in the event any data is stolen.

For Connecticut residents, nearly one-third of them, were affected by the Anthem breach. It is no wonder that states like Connecticut, Maryland and New Jersey have made headlines pushing for all organizations to encrypt any sensitive data they have that pertains especially to customers. Connecticut Senate Majority Leader Bob Duff, D-Norwalk explains that, “In the long run, I think that companies will find it cheaper to implement these protocols than to have to clean up the mess of a data breach.”

How should we feel about these new laws? Well for one thing as a customer, we are glad that steps are being taken to protect our data. As an organization, not only does this help them build confidence in the customers, but also among other things is protecting an organization own sensitive data as well.

With the lack of encryption, there is no way that companies can protect their data against the hackers even if it is stolen from their organization. To trust security policies, programs, training, strategies, etc. is useless against insider threats.

However, there is a solution and all organizations who have not known about it before sure have heard about it now. Fasoo Enterprise DRM (Digital Rights Management) to protect organizations and also build confidence for customers about having their data secured. If data is DRM protected then, this is one less concern organizations now in Connecticut, Maryland, New Jersey, Massachusetts, and more states have to have.

 

Photo Credit: Dug Song

The Debate of Encrypting to Prevent Data Breaches

All the data breaches in the news these days have caused many to think about encrypting their data to prevent the losses a breach will bring.  With one of the biggest private health care providers in the US falling victim to a massive data breach, we can learn from its experience.

Even though credit card information wasn’t exposed, other sensitive data was, including names, birthdays, medical IDs/social security numbers, street addresses, email addresses and employment information, including income data.

So the question here is why no encryption?  According to SC Magazine, the institution felt it had other security strategies.  Unfortunately this is not the only incident of a data breach in the healthcare industry.  From stolen laptops containing sensitive patient information to back doors planted in systems, information detailing abnormalities in usage behavior should be enough for IT administrators to notice and act upon.

The topic that needs to be discussed and agreed upon is a clear understandable encryption standard for the US and globally.  Other countries are pushing these standards and requiring further encryption details for companies to abide by.

Encryption can be tuned to limit the amount of data that even authorized users can view at one time. That makes it harder for an outsider to copy a whole stockpile of records.  All data nowadays, especially health care providers, should expect their data to be encrypted from end to end.

Fasoo Enterprise DRM (Digital Rights Management) could have prevented the exposure in this situation, even though credentials were stolen and used to access the data.  If Fasoo monitored this situation, it would have noticed the excessive activity and the access to this data would have been revoked.  Even if the information had been stolen, it would be inaccessible to unauthorized users.

 

Photo Credit: Yuri Samollov

When Data Breaches Come from Within

Insider threats still remain to be a higher concern for business not only in the United States, but around the world. Businesses are more than ever expected to maintain or increase their data security and data protection budgets to mitigate the risk of insider threats. When we look at business today, more than 93% of U.S. respondents to a survey say the feel vulnerable to insider attacks. There is no doubt that those that come from within in a business pose the most threats.

Nowadays, preventing data breaches have become the one of the highest priority for IT security spending and based on recent headlines, the cloud and databases are the most at risk. Unfortunately, it is only until after an organization experiences a data breach or fails a compliance audit, do organizations “play catch-up” to secure the their sensitive data. Privileged users still remain the greatest threat, but contractors and service provide, along with business partners still pose a threat within the inside. Whether it is malicious or unintentional, the fact that sensitive information remains unprotected even with all these headlines is beyond any consumer’s guess.

Some of you may think, our perimeter defenses is strong, we don’t have to worry about data breaches. In this case, they won’t stop an insider attack from happening. Insiders have two major things that make them more dangerous than an outsider. Insiders already have network access, sometimes at a high level. They also know much of what is on the network as well as where.

To truly combat the insider threat, a much more persistent and complete approach to security is needed. As always mentioned, it is not so much about the user or the perimeter as it is about the data itself. Any data that is protected by Fasoo Enterprise DRM (Digital Rights Management) can provide that security both against insider threats and external hackers. The reason here, is as mentioned, Fasoo protects the data itself no matter where it goes. Whether it is malicious or accidental, insider threats continue to make the headlines each month, and we cannot sit back and let these incidents continue to happen.

With you data DRM protected, and secure with the right security against data breaches, organizations can take a stand and say enough is enough. Keep your data secure with Fasoo Enterprise DRM.

Photo Credit: Perspecsys Photos

New Data Breach Security Laws Soon to be in Place?

This week, Obama addressed the nation with a new data breach notification bill. Although data notification is a major part of this bill, the president also mentioned about file encryption as well. The White House bill provides businesses with safe harbor by exempting them from the individual notice requirements if a risk assessment concludes that “there is no reasonable risk that a security risk has resulted in, or will result in, harm to the individuals whose sensitive personally identifiable information was subject to the security breach.”  If the data is unusable, unreadable, or indecipherable data, there is a presumption that there is not a reasonable risk.  If a business makes this determination, it must notify the Commission of the results and its decision, in writing, within 30 days.

In addition to this bill, the New York Attorney General intends to propose a bill that would expand his state’s definition of personal information to include email and passwords. The proposed expanded definition of private information would also include data about a consumer or employee’s medical history, health insurance information or biometric data.

The expanded definition would go beyond a standard adopted in California in 2013 that also requires companies to notify consumers if their email addresses and passwords are stolen or hacked. Last summer, Florida stiffened its breach notification requirements as well.

Here is the part though where all organization in New York should pay attention to:

“The New York bill would reward businesses for taking steps to protect personal information and cooperating quickly with New York authorities in the event of a breach. It would provide them some protection from liability in civil lawsuits if they can demonstrate having taken adequate steps to protect private information from being hacked or inadvertently released.”

From President Obama’s notification bill to the New York Attorney General’s push for stronger protection for personal information, organization must be ready to face the much more severe consequences now that this is coming from both federal and state levels.

To ensure that personal information is secure this data must be secure no matter where it goes. Fasoo Enterprise DRM (Digital Rights Management) prevents the exposure of sensitive and confidential data through encryption. It protects, controls and traces this information no matter where it is. Isn’t important for consumers and organization to know that they will be on line with the up and coming bills and laws?

Don’t slack on this part of your spending, and ensure that this kind of information is secure for your own good. Let your CEO get a better night’s sleep.

 

Photo Credit: dannymac15_1999

Share Your Files Securely with Partners and Customers

Recent headlines involving unencrypted portable media such as CDs and USBs have hit the news. Most recently in Arizona, two unencrypted computer discs containing names and Social Security numbers were sent to another partner and after a month, the partner still said it had not received the discs. This situation along with many other healthcare industry data breaches proves that in no way is any organization immune to this threat.

As stated in this article and many people would agree, that these incidents underline the increased importance of health data encryption as a top priority for the healthcare industry. However, as it is impossible not to continue to have these relationship with partners, and regardless these sensitive files will need to continue to make their way outside of the organization through email, cloud-based file-sharing services, FTP and portable media such as USB and CD, the need for security measures for files shared with outside parties has become critical to an organization’s security agenda.

When a file is shared externally, Fasoo, the leader in data and software security, ensures a secure exchange of information and guarantees that files are shared only with the intended recipients through file encryption. The sender can decide who can access sensitive files and what permissions they have on the document such as View, Edit or Print. Persistent security remains in place and provides the sender with assurance that the files are secure even after they are sent.

Even when files are inadvertently or intentionally sent to other parties, a sender can revoke future access to them. All actions are logged for future analysis and provide you with peace of mind.

Fasoo allows employees to securely share sensitive intellectual property so that they can safely collaborate with partners and customers without the fear of data breaches no matter where their files are. The security policy applied to these files defines who can View, Edit, Print and Screen Capture them.

Could this solution, Fasoo Secure Exchange (FSE) from Fasoo have prevented this data breach along with others, from happening? If not the theft part of it, then certainly the accessing part of this theft could have been prevented. With new legislation that requires health insurers to encrypt all health information on computers, and potential fines starting at the $10,000 range to most recently over millions of dollars in other organizations, it’s time for all organizations especially healthcare organizations to make the move to find the best solution to encrypt sensitive information, and maintain most importantly the trust of your customers.

Photo Credit: ausslegall

Categories
fasoo_logo
Contact Us
Your data security journey starts from here!
See how Fasoo can help your data privacy and security.