PCI Compliance – Why It Is a Must

April 6, 2017 Author: Compliance 0 Comments

Financial institutions often deal with data breaches due to the huge value financial records hold for external attackers or malicious insiders. A data security incident in financial organizations can have multiple negative ramifications for both the organization and the owners of the leaked data.
Last year a series of data breaches occurred in the financial sector: Citizens Bank, Nationstar Mortgage, Central Bank of Russia, TD Bank, Bangladesh Bank, and many others. One of the major causes was the significant rise of phishing attacks, especially CEO spear phishing, resulting in the breach of confidential data, starting from PII, dates of birth, home addresses, e-mail addresses, credit card numbers, social security numbers, etc.

What is PCI DSS?

According to pcicomplianceguide.org, the Payment Card Industry Data Security Standard (PCI DSS) is a set of security standards…

Read more

5 Data Security Mistakes Enterprises Can’t Afford to Make

We use the word “enterprise” for a good reason. Big companies or enterprises with more than 500 employees represent complex ecosystems with incredible resources, structures and more importantly, substantial know-how and data. Information security in these organizations is quite challenging and requires significant efforts from several departments and business unit managers, not only the IT department. But does the joint effort really exist? Or it is only a desire of the idealistic IT security vendors? What other recommended practices are not followed in enterprises?

Let’s see what are the 5 most common data security mistakes enterprises can’t afford to make:

1. Failing to make information security a business component

In an enterprise, let’s say, in the clothes manufacturing industry, having a data breach with the unreleased clothes designs is as bad as delaying…

Read more

HIPAA Basics and The Role of DLP in Meeting Compliance

Health-related data is moving more and more from paper to electronic records, determining changes in how healthcare organizations or other industries processing healthcare records are managing and protecting their data today. Businesses that are involved in any way with the use or management of PHI (personal health information) of individuals, need to ensure that they secure their sensitive data against loss or leakage, by following security guidelines, like HIPAA, in order to avoid penalties.

What is HIPAA

Health Insurance Portability and Accountability Act of 1996, HIPAA, provides data privacy and security measures for protecting medical information. The legislation is designed to protect the ePHI (electronic protected health information) of individuals, like Social Security Numbers, medical ID numbers, credit card numbers, drivers’ license numbers, home address,…

Read more

What CASBs Can and Cannot Do to Secure Your Data

Cloud Access Security Brokers (CASBs) became popular in 2016 and are continuing to get attention from companies, research analysts, and the media. They have emerged as a response to the security and compliance issues caused by cloud adoption and offer visibility into data security threats related to cloud apps usage. CASBs usually sit between users and cloud apps, acting like a gateway to intercept users’ activity and offer control and compliance. The interesting part is that they combine a sum of functionalities from different other existing solutions – firewalls, SIEM, Data Loss Prevention, encryption, and others.

Just to make sure CASBs are not confused with other tools, let’s see what CASBs can and cannot do to secure your data.

CASBs CAN

1. Provide visibility into cloud apps use

CASBs can detect file uploads and downloads and data traffic for approved or unapproved apps…

Read more

CoSoSys Recognized in the 2017 Gartner Magic Quadrant for Enterprise Data Loss Prevention

We are very happy to let you know that we have been included in the February 2017 Gartner Magic Quadrant for Enterprise Data Loss Prevention. As new entrants, we are proud to be positioned the furthest in the Niche Players quadrant.

Vendors have been evaluated based on the ability to execute and the completeness of vision. These two dimensions include several criteria like product or service, overall viability, sales execution/pricing, market execution, customer experience, innovation, and other business and technical aspects. All criteria and their weight are detailed in the report.

We believe one of the factors for our inclusion by Gartner was our ability to help organizations protect data against leakages and theft on Windows, macOS, and Linux, with support for printers, terminal servers and other virtual desktop infrastructure (VDI) thin clients. We also think that a big contribution…

Read more

Endpoint Protector 4 is Winner at the Cybersecurity Excellence Awards 2017

February 15, 2017 Author: Data Loss Prevention 0 Comments

The 2017 Cybersecurity Excellence Awards honor companies and individuals that demonstrate excellence, innovation, and leadership in information security. Winners are being chosen based on the strength of the nomination and the popular vote by the Information Security Community.

“Congratulations to CoSoSys for winning the Data Leakage Prevention category of the 2017 Cybersecurity Excellence Awards,” said Holger Schulze, founder of the Information Security Community on LinkedIn which organizes the awards program. “With over 450 entries, the 2017 awards are highly competitive. All winners and finalists reflect the very best in leadership, excellence, and innovation in today’s cybersecurity industry.”

For us, it’s the 2nd year to participate in the DLP Solution of the Year category. We are proud that this year, and in 2016 as well, Endpoint Protector 4 …

Read more

Do not let the trivial webcam turn into security disasters

Last year, Mark Zuckerberg, has incidentally revealed the simple security measures he takes to secure his MacBook: webcam and mic covered with tape. In short time, the story was covered by many news outlets, drawing everyone’s attention to the security issues. Many asked themselves why he would do such a paranoid thing. Is Mark’s fear of being seen and listened justified? If we think about the possibilities of exploiting webcams, and the fact that there’s even the smallest chance of being watched or heard without our permission, then, Mark’s concerns are totally legit. Taking into consideration the level of success of its business, he has been probably the target of many cyber attacks attempts.
Just imagine yourself sitting home, having a glass of wine and working on your laptop in your pajamas when suddenly your webcam light starts to blink, recording every…

Read more

Macs in Enterprises Today and 5 Steps to Secure Their Data

From a niche player, Apple succeeded to have a general-purpose enterprise use nowadays. Once best suited only for creative roles in design, photography or marketing, today Macs experience a growing adoption in enterprises as a result of a higher demand from all employees. One of the top reasons is the low total cost of ownership; an enterprise could save from $265 to $535 over a four-year period for each employee who uses a Mac over a PC. Apple knows that and their strategy reflects in every release and every product they launch.

Take the macOS Sierra, for example. Currently, its adoption has reached 38% among Mac users, while Windows 10 has less than 25%. When we look at the features that were released in September, we see two things – Apple’s desire to strengthen their market share by unifying users’ experience with all Apple products and their convenience and ease of …

Read more

Meet Us at RSA Conference 2017 to Fully Explore DLP

January 4, 2017 Author: Events 0 Comments

New beginnings are always exciting and bring a certain freshness and energy to start over, to reinvent ourselves and aim for higher achievements. For us, 2017 starts with great roadmaps and plans and with intensive preparations for the RSA Conference which we haven’t missed in the last 3 years.

Every year, a unique theme related to information security has been chosen for RSA, since 1995.

This year’s theme – Power of Opportunity – invites everyone to switch perspective from issue to opportunity, from problem to solution and encourages professional development, moving the industry forward and joining in a single community. “The RSA Conference opens the door and invites all inside to reimagine and reinvent what’s accepted, what’s expected and what’s possible, “says Linda Grey, director and general manager of RSA Conference.

For 2017, organizers added four more…

Read more

2016 in Review for DLP, What’s Yet to Come in 2017 for IT Security

December 23, 2016 Author: Data Loss Prevention 0 Comments

Here we are, at the end of another great year for the cybersecurity world. Along the year, we’ve witnessed some unpredictable events, but also the evolution of data loss prevention.
No one can argue that Data Loss Prevention (DLP) as a concept and technology has come a long way since it emerged in 2006. Back then it disrupted the security industry with the capabilities of identifying and blocking sensitive data from leaving the company, which no other solution could have done. It was a great innovation also due to USB control features that stopped employees from copying sensitive data to USB devices, strengthening companies’ data security. Since 2006, the DLP adoption increased exponentially and now, there is no IT security professional that hasn’t heard about this great IT security tool.

But let’s get back to the year 2016. It is a perfect moment of the year to look back and see …

Read more