Blog

Can You Stop Former Employees Taking Your Data?
Ron Arden August 3, 2017
Cybersecurity Data breach Insider threat

Can You Stop Former Employees Taking Your Data?It’s a good question and one that many organizations don’t think about thoroughly.  You take a lot of time onboarding an employee by doing background checks, checking references, and determining what information systems and data access the person needs to do her or his job.  You may have a comprehensive provisioning system that grants access to all applications and data.

But how about when someone leaves?  It’s great that you de-provision access the INSTANT someone becomes a former employee, but how do you protect the confidential data she or he may have been taking out each night for the last few weeks?  Organizations spend a lot of money guarding against cyberattacks from hackers and other external people, but many don’t do enough to protect their data from threats of former employees.

Cyber Security Legislation Will Change the Face of Business
Ron Arden January 9, 2017
Cybersecurity Data breach Privacy

Cyber Security Legislation Will Change the Face of BusinessAs 2017 gets underway, cyber security legislation will strengthen and force businesses to change the way they approach information security.  At the federal level in the United States, the US Congress and President have proposed numerous updates to existing regulations and new regulations to cover all facets of cybersecurity.  These include the Cyber Preparedness Act of 2016, Cybersecurity Systems and Risk Reporting Act and others.

At the state level, legislation was introduced or considered in at least 28 states in 2016. Fifteen of those states enacted legislation, many addressing issues related to security practices and protection of information, and cyber crimes in general, including dealing with rasomware.

Data Loss Prevention, Data Classification and Persistent Data-Centric Security
bcarambio September 14, 2016
Data security

Data Loss Prevention, Classification and Persistent Data SecurityTechnology advancements and rapid digitization of corporate information has made it easier for modern companies to conduct everyday business transactions. Today, business data is easier to access and share, giving companies the opportunity to reach more customers and conduct business quicker. At the same time, the unprecedented volumes of data created, accessed, shared, stored and the variety of sources is forcing companies to re-evaluate their cyber-security approach.  The collaborative nature of how business is done has extended the corporate perimeter. As a result, companies are seeing an ever increasing need for higher visibility into data, how their users access and use it and the secure it using encryption.

Keep Employee Information Safe Through Persistent Security
Ron Arden March 22, 2016
Data breach Data security

Keep employee information safe through persistent securityHardly a week goes by without a new data breach making the headlines.  Companies in different industries are constantly re-evaluating their security postures to determine how best to deal with the protection of sensitive and confidential data.

A lot of effort is focused on financial and customer data, but most companies overlook all of the sensitive employee information they possess and the risks associated with storing and accessing it.  This is a major area that seems to be neglected when it comes to protecting company information.

According to a recent survey titled “The State of Encryption Today”, employees’ data are not protected at the same level as business related or customer information.

Fix a Broken Chain of Custody with Confidential Data
Ron Arden March 17, 2016
Cybersecurity Data breach Data security

Fix a broken chain of custody of your confidential dataCompanies share a lot of confidential data with third parties.  Who is responsible for keeping that data secure?  Is it the originating company or the third party?  Or both?

This week American Express sent letters to card holders about a possible data breach.  According to reports “an unauthorized person or group accessed the system of a third-party service provider prompting American Express to warn customers that card member information may have been compromised.” The company said, “It is important to note that American Express owned or controlled systems were not compromised by this incident, and we are providing this notice to you as a precautionary measure.”  So is American Express to blame for this incident or is the service provider to blame?

You Can Stop Healthcare Data Breaches
Ron Arden February 12, 2016
Data breach Insider threat Print security

Encrypt PHI and apply persistent security policies to stop healthcare data breachesToday, nobody argues that the healthcare industry is a gold mine for the bad guys and theft of protected health information is becoming a regular event. The “Verizon 2015 Protected Health Information Data Breach Report,” indicated that 90 percent of industries in the medical and health care arena have experienced a PHI breach and with all the reports in the media, it is clear to everyone that the situation has reached a critical point.

In 2015, we witnessed numerous health insurers and hospital systems fall victim to data breaches. While Anthem and Premera were just some of the bigger names making regular headlines last year, attacks were seen to reach even physicians’ offices.  Just recently Centene Corporation and IU Health Arnett lost hard drives that compromised almost 1,000,000 people.

Protect Against R&D Data Theft
Ron Arden January 22, 2016
Data breach Data security Insider threat Mobile security Print security

Protect Against R&D Data TheftRecently I was in a meeting with a global pharmaceutical client in New Jersey who told me of the importance they place on their highly secure, centrally managed and monitored persistent security platform to protect against data theft and ensure that their valuable R&D information cannot be lost or inadvertently sent to a competitor.

As the meeting ended, I was informed of the news about the charges brought against five people in the Untied States around trade secret theft inside another global pharmaceutical company. Allegedly a senior level manager at the company was involved in this theft.

Given the global state of business competition, there is a special appeal to the cyber thugs with high-priced or high-demand items. There is an alarming interest in stealing intellectual property, trade secrets and exactly how these items are produced.

5 Steps To Protect Your HR Data
Ron Arden November 25, 2015
Data breach Data security Insider threat

5 Steps to protect your HR dataI recently wrote an article about the security of sensitive information in the HR department.  While everyone interacts with the people in human resources, most of us don’t think about all the sensitive information they have.

Most of us think about benefits and our 401K when we think about dealings with HR, but there is a lot more sensitive data that is under their control.  They also deal with your healthcare information, information about your spouse and family, customer financial information, employee resumes and salaries.  They also know when you have given notice to leave the company or when you change jobs in your current company.  Add to this the responsibility of developing and circulating company policies and a wide variety of interoffice communications.

Sharing company, employee and customer information with authorized internal and external users poses a unique security challenge for any organization, since HR needs to limit access to sensitive information.  While HR may be the first line of entrée into a company, they are also the first line of defense to protect some of the most confidential information in your company.