Digital Rights Management Helps the FDIC Proactively Address Cyber Security

The Federal Deposit Insurance Corporation (FDIC) will implement Digital Rights Management (DRM) software to prevent unauthorized redistribution of digital information.  This is in reaction to security incidents where departing employees accidentally took sensitive files on portable media.  According to numerous studies, trusted insiders pose a greater risk to sensitive information than hackers and cybercriminals. I applaud the FDIC for taking …

Stop Accidental Data Breaches Through Errors

“Clerical Error” in Georgia Results in Data Breach of 6 Million Voters A class action lawsuit was filed by two Georgia women alleging a massive data breach when Secretary of State Brian Kemp’s office released personally identifiable information (PII) of voters, including Social Security numbers, to the media, political parties and other paying subscribers. Allegations include that the unauthorized information …

Is There a Sure Fire Way to Restrict Access to Employee PII?

I recently wrote an article about protecting confidential data that flows through the HR department.  This is an area that many people forget when thinking about the most sensitive information in an organization. Everyone thinks about the obvious, like maintaining information about current employees.  But there are many other pieces of sensitive data flowing through HR. Resumes and personal information …

Data Encryption is Now Mandatory, Are You Prepared?

On July 1, Connecticut’s Governor Dannel Malloy signed legislation that expands the current definition of personal information and now requires new data breach security terms and conditions in every state contract dealing with confidential information. From this article, the bill also states, “Not later than October 1, 2017, each company shall implement and maintain a comprehensive information security program to …

Fasoo Shows How to Protect Data in the HR Department

HR departments have a unique set of security challenges to maintain the confidentiality and integrity of internal staff and external clients.  While maintaining the confidentiality of personally identifiable information (PII), they also develop and share information that needs wide distribution. Managing these somewhat contradictory requirements requires an approach that is flexible enough to protect against insider threats, while enabling secure …