Blog

Tag: security

Fasoo Hits Nerve with Message of Security, Governance and Productivity at RSA 2017After two days at the 2017 RSA Conference in San Francisco, it looks like Fasoo’s message of Security, Governance and Productivity is hitting a nerve with security professionals, analysts, executives and other attendees.  As the regulatory and business climate change to overcome constant threats to businesses and the data they use to drive profitability, companies are looking for a more comprehensive and practical approach to providing secure ways to conduct business.

An interesting theme at this year’s show is Business Driven Security.  I think the convergence of business and security is finally coming to a head as boards and executives realize they must think of security solutions as a business driver that helps mitigate business risk so they can propel their businesses forward.

One main focus this year is helping financial organizations comply with the New York State Department of Financial Services (NYS DFS) cybersecurity regulations.  Fasoo employees spoke to numerous banks and mortgage companies at the booth that are affected by this new regulation to encrypt nonpublic data and provide clear access control and audit trails.  The Fasoo Data Security Framework can help protect sensitive data from getting into the wrong hands and help meet this comprehensive regulation.

Other attendees were very interested in providing a more secure way of collaborating with documents.  It’s clear that organizations need to secure their data and protect against cyber attacks, but if employees and partners aren’t productive, business comes to a halt.  Productivity drives innovation and Wrapsody is a great way to let people share ideas securely as they drive their businesses.

Of course what would RSA be without some fun?  Our hourly presentations are very lively and attendees are entered into a drawing for an Amazon Echo.  We gave one away on Tuesday and will at the end of each day.  Aside from the prize, a lot of people were very interested in how Fasoo can really protect sensitive information from getting outside their companies and either cause them to go afoul of regulators or hurt their bottom line.  Encrypting and always controlling information is the best way to meet regukatory requirements and protect your intellectual property.

If you haven’t already, stop by booth S1239 on the show floor to see how we can help your business.

Fasoo Data Security and Intelligence Document Platform on Display at RSA Conference 2017Fasoo has a big presence at the RSA Conference 2017 in San Francisco where we will showcase our newly expanded data security and management framework which helps companies track, manage and secure their data.

Focusing on the business themes of Security, Governance and Productivity, Fasoo is helping executives and boards of directors comply with enhanced cybersecurity regulations while ensuring they can meet the needs of constantly changing business models that demand secure collaboration to get things done.

Today’s business world demands a new look at how we define and protect the borders of our organizations because our data is created, stored and consumed in systems that may be outside the traditional information security and document management models.  Visitors to Fasoo’s booth #S1239 will see demonstrations of the Fasoo Data Security Framework and Wrapsody that together helps organizations consistently control, secure, track and manage documents no matter where they travel.  This new, integrated data-centric approach overcomes legacy solution limitations that comprehensively satisfies organizational demands placed on data security, governance and productivity.

Fasoo will also show its machine learning based static application security tool, SPARROW, that identifies and remediates security vulnerabilities in your software.  With a large focus on embedded systems, IoT (Internet of Things) and ever expanding mobile apps, ensuring that your applications are robust and secure is the best way to protect your users from data breaches, privacy and security concerns.

“It is imperative that organizations have data-centric content management and security traveling with their information,” said Fasoo’s CEO Kyugon Cho. “Our theme at this year’s show highlights the robust nature of our best-in-class software technologies that enable us to truly be “Data-centric Everything” – and address the full range of current and emerging enterprise data demands.”

In addition to the product demonstrations, Fasoo will be hosting presentations throughout the day addressing how companies can win big by targeting data use cases that are at the intersection of multiple organization needs.  Satisfying the competing interests of business productivity and data security and governance has always been a big challenge, since focusing on one can typically cause deficiencies in others.  The Fasoo approach helps satisfy all these needs without sacrificing anything.

Another bonus is that visitors to the Fasoo booth have an opportunity to win an Amazon Echo and some other great prizes.

Fasoo Had a Busy Month in October Showing Data Security SolutionsThe month of October was very busy for Fasoo as we were all over the US talking to people about data-centric security and how it is the best solution to protect your sensitive information from insider threats and external hackers (APTs).

We started the month by attending the Rochester Security Summit in Rochester, NY.  This two-day event brought together executives and technical staff from numerous organizations in the Rochester area to share intelligence on how to protect their businesses from cyber attacks.  Fasoo was part of a vendor pavilion with our partner Brite Computers showing attendees how to protect data localized from databases, files downloaded from content management systems and those shared through the cloud and on mobile devices.  Ron Arden, Vice President – North America, presented to a packed room on “Closing the Threat Gap: A 21st Century Approach to Minimizing Risk” as part of the Threat Landscape track at the event.

The following week saw Fasoo sponsoring an executive luncheon on The Internet of Things (IoT) at the Nasdaq Ron Arden and Bill Blake at the National Cyber Security Awareness month eventMarketsite in New York City.  The event was put on by the National Cyber Security Alliance (NCSA) as part of National Cyber Security Awareness Month (NCSAM).  Bill Blake, President – North America, and Ron Arden got to participate in the luncheon and spoke to the numerous executives and government officials.  We were even part of the closing bell ceremony; look for us around 1:00 into the video.  With all the interest in IoT devices and the tremendous data that each will generate, Fasoo was educating people on how to protect the information collected and ensure that PII, PHI and other personal data is protected.

We finished the month in Las Vegas at the IBM Insight 2015 conference.  Fasoo was a Silver Plus Sponsor, so we had a booth right in the middle of all the action.  Security and analytics were big focuses of the conference this Dayhuff and Fasoo show charging station at IBM Insight 2015year as many organizations are trying to understand where they have sensitive information (the crown jewels) and how best to protect it from internal and external threats.

Bill Blake, Ron Arden and National Account Manager Alper Kizar were all in Vegas talking to customers, IBM staff and generally enjoying the warm weather.  Bill presented “Closing the Threat Gap: A 21st Century Approach to Minimizing Risk” to an enthusiastic audience at the Expo Theater.  Our partners Dayhuff and Neocol joined us in the booth and throughout the conference as many attendees were talking about securing the mountains of unstructured data in their companies.  Of course Vegas would not be complete without some fun, so Dayhuff held its annual get together at the Ri Ra Irish Pub.  The Irish definitely make some great beer and it was great to unwind with everyone after a long day at the conference.

During the different events, I heard a lot of recurring themes from attendees, vendors, speakers and security professionals.  I think they show the challenges CISOs, CIOs and other executives face as they try to move their businesses forward in an ever changing security landscape.  Here are a few of them.

clip_image001 Corporations do not have perimeters anymore

clip_image001 Security is everybody’s job

clip_image001 Monitoring data is hard, it’s like dust, it’s everywhere

clip_image001 Users are very naive about security and need to be educated

clip_image001 More than half of all data breaches are caused by human error

clip_image001 When you increase where the data is, it increases the risk

clip_image001 Being compliant doesn’t mean you are secure

Fasoo has the best approach to address each of these points through strong file encryption and persistent security policies that travel with the data.  Access to sensitive data is controlled through good identity management that ensures your sensitive data is protected and controlled regardless of location or device.  Working with existing applications and workflows makes it very easy for users to apply security to files, since they don’t have to think about it.  Automatic security policies apply the right level of access control as soon as someone creates a file.  This makes it easy to control unstructured data, whether it’s created locally or downloaded from an existing information system.

Check out some of the pictures from our busy October as the weather turns colder and the end of the year is in sight.  Hopefully we can help you create a secure work environment by protecting your most sensitive information from getting into the wrong hands.

Fasoo Extends Data Security at IBM Insight 2015This is the second year Fasoo participated in the IBM Insight conference in Las Vegas and by the reaction of customers, IBM employees and other vendors, we made a big splash.  Enterprise Digital Rights Management and data-centric security for sensitive information appear to be at the top of many people’s minds.

The event had over 13,000 attendees from all over the world and focused on Analytics, Big Data, Content Management, Information Governance and Security.  There was a major focus on using analytics to understand and predict trends for business and to help eliminate security threats.  Cloud and mobile transcend these categories as business has become mobile, fluid and unfortunately more dangerous.  There was also a big presence of the Internet of Things, as more organizations are extending business models through wearable and more autonomous devices.

Fasoo partners The Dayhuff Group and Neocol joined us as we showed how to strengthen security for content as users localize it from databases, download it from IBM ECM repositories, create it locally or share it with external parties, in the cloud or on mobile devices.  With the new IBM relationship with Box, many customers are worried about protecting sensitive information regardless of location or device.  They like sharing information easily, but need to make sure its always protected.

Security presentations focused on insider threats and external hackers or advanced persistent threats (APT) causing a lot of problems for companies.  A lot of companies today are terrified that a trusted insider may inadvertently share sensitive files in the cloud or leave them on a mobile device that is lost or stolen.  One presentation referred to the weakest link in your security as the person who does something accidentally.  You can have all the firewalls, end-point encryption and data loss prevention systems in the world, but it won’t stop Bill Blake presents at IBM Insight 2015a privileged user that does something stupid.

Bill Blake presented “Closing the Threat Gap: A 21st Century Approach to Minimizing Risk” in the Solution Expo theater to a good group of people.  I had a conversation with one of the presentation attendees about protecting reports as users download them from an ERP system.  He knows the data is controlled inside the system, but he loses visibility to it when localized in a spreadsheet or PDF.  We discussed how Fasoo can protect the files once downloaded by encrypting it and assigning a dynamic security policy to it.  He can always control that report no matter where it is.

Dayhuff had its annual Insight After Party at the Ri Ra Irish Pub in the Mandalay Bay shoppes.  We were in a private room, but could hear all the fun throughout the place.  There was a great band playing that got everyone in a dancing mood.  It was great to discuss business and personal things with the Dayhuff staff, IBM staff and lots of customers.  It’s always amazing that no matter where you live, you can always find someone Ri Ra at IBM Insight 2015who shares your love of great beer, loves or hates your sports teams or has similar experiences to you.  There is nothing better than getting to know someone over a pint.

Neocol talked about its SmarterDLP solution at Insight this year to help solve a major problem that every organization faces.  Combining Fasoo EDRM, IBM StoredIQ and some of its own technology, Neocol can help a company search for sensitive content in files share, document repositories, on a user PC and numerous other locations, and then lock it in place. This solves two problems.  Finding sensitive information and then encrypting it with a security policy immediately to ensure that only authorized users can access it.  The reality today is that organizations have so much unstructured content in so many locations, they don’t know where to start looking for the most critical information.

Customer interest was high during the Solution Expo and through numerous conversations at many of the informal parties, meals and other opportunities to interact.  I spoke with one gentleman who needed to make sure that documents involved in legal cases were made inaccessible once the case was over.  Today he has to get validation from all involved that they destroyed the case documents; that’s a tough one.  One woman needed to make sure she could control any PII (personally identifiable information) or financial data that was downloaded from an IBM Content Manager system.  I also talked to a few manufacturing companies that wanted to protect process information and parts drawings as they shared them internally and with subcontractors.  A lot of people were amazed that we can lock and control these files no matter where they are.

We want to thank everyone whom came to the booth and made it a successful event.  We look forward to it next year.

Fasoo Monthly Newsletter - November 2015
Fasoo Sponsors National Cyber Security Awareness Month Executive Luncheon
Fasoo Announcement

Fasoo Shows Rochester Security Summit How to Protect Sensitive Data
Ron Arden and Bill Blake showed Rochester Security Summit attendees how to proactively protect their most sensitive data from insider threats and hackers. >> Read More >>
Fasoo Extends IBM Enterprise Content Management Security to Cloud Based Repositories
For organizations using IBM Enterprise Content Management (ECM) solutions, Fasoo extends security by securing, controlling and tracking documents beyond the controlled boundaries of these solutions >> Read More >>
Fasoo to Present at the Rochester Institute of Internal Auditors 2015 Conference
Bill Blake, President of Fasoo, Inc., will present to members of the Rochester Institute of Internal Auditors Conference on November 20, 2015. >> Read More >>

Market Trend

Merger and Acquisition Industry Needs to Consider Cyber Security Risk
Companies need to assess the cyber security of an acquisition target to identify potential data breaches and the ability to mitigate future cyber risks.
How Many Copies of Your Sensitive Data Set Are Floating Around?
When enterprises think about copy data, they must consider using persistent data-centric security to protect all primary and copy data.
Top 10 Reasons Why You Should Use Static Code Analysis
Static code analysis analyzes source code without executing it to find potential security threats, vulnerabilities and bugs before you release it.

Recommend our Newsletter

Product Inquiry

Industry News

[eSecurity Planet]
Experian Data Breach Exposes 15 Million T-Mobile Customers’ and Applicants Personal Info
[IOT Solutions Provider]
Logging the Data from IoT Devices Securely
[MarketWatch]
As the Internet of Things Grows Exponentially, National Cyber Security Awareness Month Focuses on Securing our Connected Devices and Networks
[TechBeacon]
App attacks: How to stay a step ahead on this new frontier for hackers

 

Contact Fasoo
Follow Fasoo on Twitter
Follow Fasoo on Facebook
Follow Fasoo blog
Follow Fasoo on LinkedIn

 

When Will Your Data Breach Happen?

IT security is a growing threat for businesses of every industry and no organization can be seen as safe. Hackers are learning new methods to attack web sites and networks. Most of the time employees have easy access to company information and are often unaware of how to detect and prevent these breaches because of a lack of training or lack of security for this information. The question is not if, but when will a data breach happen?

It is very clear that data breaches can no longer be protected by perimeter security. The perimeter continues to fade as a result of increasing connectivity between 3rd party partners and vendors, along with

customers themselves.  Mobile devices and cloud computing makes this perimeter almost impossible to determine. A majority of the cost of security is spent on firewalls, intrusion detection systems and antivirus software, however, it is only effective to a minute scale. Ultimately, it is the data itself which needs to be protected and encrypted persistently, no matter where it is.

Data classification is also a key in making sure that data breaches can be prevented. Categorizing data so employees know how to handle various types of information can determine the most sensitive data rather than data that doesn’t necessarily need to be protected.

Without a doubt though, any security professional will tell you and with no disrespect, that employees are the weakest link in the security chain. Therefore, you must make sure that the data itself is secured, rather than relying on policies, or training.

DRM protected documents have the type of security that doesn’t rely on the perimeter to secure sensitive company information. With even more laws and regulations coming into play recently, encrypting your information with Fasoo’s Enterprise DRM (Digital Rights Management) can help you keep your data secure even when a data breach happens.

So when the data breach happens, will you be prepared? With the right data-centric security solution, you can certainly count on it.

Photo Credit: Jbosarl

Categories
Book a meeting