GDPR Essentials: Data Protection Officers, What Are They and How Do You Get One?

March 15, 2018 Author: Compliance 0 Comments

With the implementation of the EU’s General Data Protection Regulation (GDPR) 10 weeks away, organizations are struggling to reach compliance before the deadline passes. The new legislation is meant to unify and standardize data protection regulations across the EU, simplifying compliance procedures across borders and giving EU data subjects an unprecedented level of control over their personal data.

For the first time, privacy, in its digital context, will be legally enforced by design and by default. Companies will be held responsible for any breach of privacy and hefty fines will be applied to data controllers and processors found to not have taken adequate measures to protect EU data subjects’ personal information.

The GDPR brings one additional significant change to its predecessor: certain companies will have to appoint a Data Protection Officer (DPO). But what …

Read more

Stop by the Endpoint Protector Booth at the RSA Conference 2018

In what has now become a yearly tradition, the Endpoint Protector team will be heading out to San Francisco next month for the RSA Conference 2018. One of the best places in the world to talk security, full of inspiring speakers and valuable content, the RSA Conference has become a must-attend event for all cybersecurity professionals.

Since 1995, the RSA Conference has adopted a theme for every event and this year’s is no different. 2017 was a worry filled year for the cybersecurity industry as high-profile hacks and mass ransomware attacks flooded the mainstream, sparking debates and anxiety about data security.

Highlighting the growing attention towards the cybersecurity sector as massive cyberthreats become commonplace news, the RSA conference’s theme focuses on the urgency of addressing this wave of incidents and opening up a cross-disciplinary dialogue to come up with…

Read more

Study reveals hospitals’ vulnerability to data breaches

A recent study released by the American Journal of Managed Care (AJMC) revealed that one third of healthcare data breaches in the US occur in hospitals. The researchers analysed breaches reported to the Office of Civil Rights (OCR). Under federal legislation, if a healthcare privacy breach affects 500 or more patients, institutions are obligated to inform the OCR about it. The details of the breach are then made publicly available on the OCR’s data breach portal.

The study looked at what type of breaches occur most often in hospitals, the kind of data that they target and how vulnerable healthcare institutions are to them. Covering breaches that occurred between October 2009 and July 2016, they discovered that 215 hospitals were hit by breaches affecting over 6.5 million individuals.

The most common type of data breach, which occurred 112 times, was physical theft which compromised…

Read more

Using DLP to meet MPAA best practices

February 22, 2018 Author: Compliance 0 Comments

The entertainment industry has seen its fare share of leaks and hacks in recent years, with giants such as Sony, Netflix and HBO falling victims to attacks and having their private records and upcoming releases made public online. Movie studios in particular make for tempting targets as any cyberattacks they suffer will instantly make its perpetrators notorious and internet pirates rejoice.  They are often not targets for profit as they are for fun. After all, even hackers can’t wait to see the latest season of Game of Thrones.

It is therefore no surprise that an organization such as the Motion Picture Association of America (MPAA) has issued comprehensive guidelines to secure digital film assets and ensure industry best practices are being met by third party vendors. While abiding by these guidelines is strictly voluntary, the MPAA performs content security assessments of vendors…

Read more

Shadow IT in the Age of GDPR Compliance

February 15, 2018 Author: Compliance 0 Comments

Since the cloud went mainstream, a proliferation of online services and tools have led to the rise of so-called shadow IT, the use of unauthorized third-party services by employees in the workplace. Examples include the use of personal email and cloud storage services, file transfer sites, format conversion websites or popular collaboration platforms such as Wrike or Asana.

Mostly used without ill-intent, through either negligence or for the sake of convenience, these services pose a serious threat to data security because companies are unaware of their use and thus do not know where their data is being processed or whether they are secure channels.

With the EU’s General Data Protection Regulation (GDPR) coming into force on 25 May 2018, companies must now, more than ever, put an end to shadow IT or risk the consequences of being financially penalized under the new regulation.

Why…Read more

Five Things You Should Do to Keep Your Data Secure

The omnipresence of the internet, in all aspects of both our private and work lives, has digitized our existence and transformed it into sets of data, valuable to both companies and cybercriminals.  While when it comes to businesses, users often agree to share their data as part of a give and take, where services are customized based on their data for a better user experience, sensitive information is also often targeted by malicious individuals through various types of scams and cyberattacks.

It is therefore important that both companies and individuals understand some of the basic, but crucial practices that help keep data secure on the internet. Here are our top five picks:

1. Two-factor authentication

Most email providers and internet services now offer two-factor authentication, a way of adding an extra layer of security on top of traditional passwords. It implies the existence…

Read more

GDPR: The Pros and The Cons

February 1, 2018 Author: Compliance 0 Comments

Data protection legislation is seen as a way for governments to take back control over data security which has suffered critical hits in recent years with major breaches making headlines on a weekly basis.  Regulations are a natural reaction to these real-world threats that companies seem powerless to stop. Governments hope that through the enforcement of tougher data protection policies, companies unwilling to take extra measures to ensure data protection will be brought to higher overall standards.

While this goal in itself seems necessary given recent developments, how will these new legislations translate into the business world and how will they affect business growth and the push for innovation? There is a marked concern in business circles that cumbersome overly restrictive data protection regulations, such as the EU’s General Data Protection Regulation (GDPR)…

Read more

A Closer Look at Endpoint Protector 5.1

January 26, 2018 Author: Data Loss Prevention 0 Comments

Released in May 2017, Endpoint Protector 5 came with a modern intuitive user interface, significant backend enhancements as well as new features and a completely redesigned and improved eDiscovery module. The upgrade underlined our commitment to continuing to provide great Data Loss Prevention solutions that address today’s data security needs and concerns.

Since then, our development team has been working hard around the clock to boost existing features and add new ones based on user feedback and industry demands. Today, we are happy to introduce our very first update for the 5th version of our flagship product, Endpoint Protector Let’s take a closer look at some of its highlights.

Time and Network based Device Control policies

From this point on, admins will have the option to enable time and network based access rights from Device Control. What this essentially …

Read more

EU vs US: How Do Their Data Protection Regulations Square Off?

January 17, 2018 Author: Compliance 0 Comments

The EU’s new General Data Protection Regulation (GDPR) is coming into effect on 25 May 2018 and will have wide-ranging consequences on a global scale, affecting all businesses that trade with the European Union, from within or outside its borders. From among non-EU countries, US businesses in particular have been actively taking steps to ensure that they comply with the new regulation.

With the United States having a number of regulations in place for data protection itself, does that mean companies already compliant with national regulations will find it easier to adjust to GDPR requirements? Let’s have a look at data protection regulations on both sides of the Atlantic to find out.

The European Union under the GDPR

The most important and talked about change in data protection regulation in Europe in the last twenty years, the GDPR has set off a race for compliance among companies…

Read more

How to Ensure Your Data Doesn’t Move on When Your Employees Do

January 11, 2018 Author: Data Loss Prevention 0 Comments

In today’s fast-moving world, highly skilled professionals are constantly looking for more attractive opportunities that will move their careers forward and, as a consequence, companies struggle to retain employees in the long term. Staying in one job for one’s entire life is no longer the primary objective and changing jobs every three to five years is encouraged by every career counselor. According to consulting firm Hay Group, the average employee turnover rate in North America, across all industries, is expected to reach 23% by this year.

What does this mean in the context of data security? In a survey conducted by Biscom, 1 in 4 respondents said they take data with them when they leave a company, 85% of them feeling it is not wrong to take with them materials they themselves helped create. Many of those surveyed admitted that appropriating company data was possible due to companies’…

Read more