Getting Granular: Why You Need Granular Access Controls

Deborah Kish Cybersecurity, Data breach, Data security, Insider threat, Print security, Privacy, Secure collaboration

In my last post, I said “Without granular access controls, you can’t prevent a user from copying data from a file and pasting it into an email, for example. If you only encrypt a file and do not prevent copy and paste or printing, a user can easily compromise security.” And I meant it. Now,  you might be asking yourself …

Your Sensitive Data is at Risk: How Do You Manage Insider Threats?

Deborah Kish Cybersecurity, Data breach, Data security, Insider threat, Print security, Privacy

Picture it.  Your employees access sensitive and confidential customer information every day so they can do their jobs. Once the data leaves the protected confines of an information repository, file share or cloud-based service, your authorized users can share it with anyone, do anything with it and compromise your customer’s confidential information or your intellectual property.  As a result, you …

Live Webinar: Overcoming Unstructured Data Security and Privacy Choke Points

David Kwag

Why do so many data loss prevention projects either stall or de-scope? Why with significant industry expenditures in the space do we continue to experience record-breaking instances of data breaches and exfiltration? What are the latest methodologies and technologies security and privacy executives should consider to protect their sensitive data and comply with ever-increasing and pervasive privacy regulations such as …

Can You Stop Former Employees Taking Your Data?

Ron Arden Cybersecurity, Data breach, Insider threat Leave a Comment

It’s a good question and one that many organizations don’t think about thoroughly.  You take a lot of time onboarding an employee by doing background checks, checking references, and determining what information systems and data access the person needs to do her or his job.  You may have a comprehensive provisioning system that grants access to all applications and data. …

Fasoo Hits Nerve with Message of Security, Governance and Productivity at RSA 2017

Ron Arden Cybersecurity, Data breach, Data security, News Leave a Comment

After two days at the 2017 RSA Conference in San Francisco, it looks like Fasoo’s message of Security, Governance and Productivity is hitting a nerve with security professionals, analysts, executives and other attendees.  As the regulatory and business climate change to overcome constant threats to businesses and the data they use to drive profitability, companies are looking for a more …

Sometimes Employees Are Just As Much of a Risk as Malicious Attackers

Ron Arden Cybersecurity, Data breach, Insider threat Leave a Comment

Data from our Ponemon study, “Risky Business: How Company Insiders Put High Value Information at Risk,” was recently cited in Tara Seal’s Infosecurity Magazine article, “US House Recommends ‘Zero-Trust’ Model for Insider Data Access.” The article referenced the statistic that 72 percent of surveyed organizations are not confident in their ability to manage or control employee access to confidential documents …

Fasoo and Ponemon Study Reveals Employees Highest Security Risk to Organizations

Ron Arden Cybersecurity, Data breach, Data security, Insider threat 2 Comments

Fasoo just released the results of the security industry’s first look at how confident organizations are about protecting intellectual property and other high value information.  In the latest Ponemon Institute survey titled, “Risky Business: How Company Insiders Put High Value Information at Risk”, 72 percent of organizations are not confident they can manage and control employee access to confidential documents …

SEC Stresses Data Security After Settlement with Morgan Stanley

Ron Arden Cybersecurity, Data breach, Insider threat Leave a Comment

The Securities and Exchange Commission (SEC) told financial firms they must take data security more seriously in the wake of a settlement with Morgan Stanley over the theft of customer data by a former employee.  In 2015, the employee transferred information from approximately 730,000 client accounts to his personal server.  He copied names, addresses, account numbers, investment information and other …

Data-Centric Security and Pulaski County Special School District Data Breach

Ron Arden Data breach, Data security, Insider threat, Privacy Leave a Comment

This week news broke about a data breach within the Pulaski County Special School District. The breach resulted in more than 3,000 employee’s personal information being compromised. It is reported that a PCSSD employee was responsible for the compromise of thousands of current and former employees’ personal information and she has resigned from her position as of February 2016. Notices …

RSA 2016 Attendees Excited About Fasoo Data Security Framework

Ron Arden Data breach, Data security, News Leave a Comment

This year’s RSA Conference in San Francisco gave security professionals, executives and other attendees a lot to choose from as they tried to help their organizations prevent cyberattacks and mitigate the risk of insider threats.  Apple’s current flap with the FBI on encryption was a big point of discussion throughout the event, including during keynotes.  Amit Yoran, the President of …