Nowadays, it seems not a day goes by without another high-profile data breach being announced. From Equifax and Uber to Forever 21, no company, no matter how big, seems safe from sensitive information leaks. The consequences for these breaches range from loss of profit and customer confidence to more serious charges of noncompliance with data protection regulations and hefty fines.
Data Loss Prevention (DLP) technologies were developed to tackle this increasing threat to the security of companies’ most sensitive information. Since their emergence, they have become an indispensable part of IT departments’ security framework, protecting against both insider and outsider threats and helping to maintain compliance with increasingly complex data protection regulations.
While Data Loss Prevention has become a household name in the world of information security and more…Read more
In January 2017, a new ePrivacy Regulation meant to repeal Directive 2002/58/EC was proposed by the European Commission and published on its website. Concerning the respect for private life and the protection of personal data in electronic communications, the regulation is part of the Digital Single Market strategy and is meant to bring the ePrivacy Regulation in line with the General Data Protection Regulation (GDPR) coming into force in May 2018.
Directive 2002/58/EC previously covered the area of personal data processing and the protection of privacy in the electronic communications sector, but with the GDPR bringing requirements up to present day standards, the ePrivacy Directive needed to receive a similar upgrade that would help complement the GDPR, in the same way it was previously aligned to the Directive 95/46/EC. The two regulations are tightly interconnected with…Read more
As we draw nearer to the end of the year and we enter the last stretch to the GDPR compliance deadline, the UK has recently announced its own bill on data protection has entered Parliament for assessment. With two data protection regulations on the table though, which one are UK companies supposed to follow? Can they escape the scourge of the GDPR or will more requirements be added to their already full plate? Let’s take a closer look!What is the UK Data Protection Bill?
The first draft of the UK Data Protection Bill was made public on 14 September 2017, after it passed its second reading in the House of Lords. Its aim is to modernize data protection laws in the UK for the 21st century, give people more control over their data, and provide them with new rights to move or delete personal data. It will be replacing the now outdated Data Protection Act 1998.
Its stipulations align themselves to the EU’s…Read more
How many of us have not at one time or another misplaced a USB drive? Or maybe forgotten it plugged into a computer after a presentation? It is after all just a small device and in the continued rush of our everyday lives, it is easy to overlook such details. What happens however when it’s a company USB thumb drive? And what if it just happens to have the security details of one of the world’s biggest airport hubs on it? That is how the nightmares of the 21st century begin.
A USB drive containing highly sensitive data pertaining to London’s International Heathrow Airport, was recently found plugged into a public library computer. The data on it, amounting to 2.5 GB of information, included maps with the location of every CCTV camera in the airport, routes and security protection measures for the Queen, Cabinet ministers and visiting foreign dignitaries. The files were all unencrypted. …Read more
Apple officially launched macOS 10.13 dubbed High Sierra for public use on 25 September 2017. First announced at the Apple Worldwide Developers Conference(WWDC) 2017 keynote event in San Jose in June, the new version of the Mac and MacBook operating system, brought some significant under the hood changes as well as some improvements for both commercial and enterprise users. Along with refinements to apps such as Safari, Photos and Mail, High Sierra also received a serious security boost through the new 64-bit default Apple File System(APFS) that supports native encryption as well as new features that allow for the development of virtual reality(VR) and augmented reality(AR) content.
With High Sierra, Apple has shown it’s committed to bridging the gap between Macs and PCs and making their computers as common in the workplace as their Windows running counterparts. The proliferation…Read more
With the EU General Data Protection Regulation (GDPR) coming into effect on 25 May 2018, the clock is ticking for companies to implement its requirements and to ensure compliance is reached before the looming deadline. Designed to replace the Data Protection Directive 95/46/EC, the GDPR aims to standardize data privacy laws across Europe, to protect EU citizens’ data privacy and give them power over what happens to their data.
The GDPR puts the ball firmly in EU citizens’ court, creating a new set of priorities for companies with personal data privacy at its apex, essentially reshaping the way organizations approach data privacy and security. But what does that mean exactly, in practical terms? While the regulation is couched in many cases in general terms, there are a few requirements that are explicitly stated within it. Here are the most important five:1. Data Protection…Read more
Nowadays, you will be hard-pressed to find a company that does not understand the importance of digital security. With departments ranging from distribution and logistics to marketing, engineering and design all relying on digital tools to gather information and perform their tasks, data has never been produced in such large quantities and at such speed. Such amounts of information coupled with ubiquitous internet is a match made in hacker heaven and with new breaches made public every day, security has moved up on businesses’ priority list, becoming a top concern.
However, a traditional security strategy, usually aimed at in-house IT infrastructure that includes firewalls, antivirus software and access control, is no longer a guarantee against breaches. Technology has given the work environment a degree of never before seen dynamism and flexibility. This inevitably means…Read more
With the rise of BYOD and Mac-friendly business environments, the use of Macs in the work place is growing. As a Unix-based operating system, macOS is generally considered to be a more secure alternative to Windows that, as the predominant OS in enterprises, is the favorite target of hackers everywhere.
While it’s certainly true that Macs face fewer attacks than their Windows-running counterparts, the myth of its unbreakable OS makes companies less worried about their protection and in consequence, they invest less or no money at all into it. This, in turn makes Macs attractive marks for cybercriminals. After all, popular infiltration methods such as phishing, do not rely so much on breaking into an OS through vulnerabilities as on the ignorance of users. Without the proper security tools in place, these attacks can go undetected, potentially causing long term damage to companies’…Read more
October has become one the busiest months for the Endpoint Protector team, as they pack up and head to some of the world’s biggest information technology events. This year, they will be heading for the first time to the Jamf Nation User Conference in the US and returning to it-sa in Germany and GITEX in Dubai.
Come find us at our booths and learn the details of Endpoint Protector’s latest product updates, join the live demos and Q&A sessions or talk to us one-on-one. Our Data Loss Prevention experts will be on hand to answer your most burning questions about DLP, MDM, USB encryption, Device Control and data at rest scanning and help you get on your way to securing your data against theft and leakage.
You can find more details about the events below!1. GITEX Technology Week, 8-12 October 2017, Dubai World Trade Center
Endpoint Protector will be at GITEX for the 3rd time this year, together…Read more
The NIST Special Publication 800-171, Protecting Controlled Unclassified Information in Nonfederal Information Systems and Organizations, published June 2015 (updated January 2016), focuses on information shared by federal agencies with non-federal entities. With its implementation deadline, 31 December 2017, looming, governmental contractors and sub-contractors are running out of time to update their policies and reach compliance.
What is NIST 800-171 and who does it apply to?
Issued by the National Institute of Standards and Technology(NIST), the publication works as a guide for federal agencies to guarantee that Controlled Unclassified Information(CUI) is protected when processed, stored and used in non-federal information systems. This sort of data is often shared by the federal government with institutions and organizations that carry out the work of federal…Read more