All Data Loss Prevention related articles
The enforcement of the EU General Data Protection Regulation (GDPR) is less than ten months away and companies across the EU and international businesses with European customers are already taking steps to achieve compliance. While some are still bewildered by its legal jargon, many tech companies and news outlets have come to the rescue providing extensive guides and infographics to help businesses understand what GDPR is, what its requirements mean for everyday company operations and how they can get started on the road to compliance. We, at Endpoint Protector, have also put together a handy guide and an informational video about GDPR compliance.
In short, the GDPR is the most notable change in data privacy regulation in Europe in the last 20 years and its purpose is to protect EU citizens’ private data, solidifying their right to demand that data controllers and processors delete,…
Read more
In its 2016 top 10 security predictions, Gartner warned that by 2020 shadow IT is likely to account for a third of successful attacks experienced by enterprises. A relatively new concept that has arisen in recent years as a consequence of mounting pressure on IT departments to deliver as well as outdated company policies, shadow IT has become an uneasy element most companies either knowingly tolerate or are unaware of.
What is Shadow IT?
Shadow IT refers to applications and digital solutions not expressly sanctioned by management, but widely used in certain departments or the entire company to minimize workloads, often for the sake of convenience or as communication and collaboration tools. Slack, Evernote, Google Docs, for example, can be in many cases considered shadow IT.
There are multiple factors that have led to the rise of shadow IT. One has been the introduction of BYOD and the…
Read more
Linux has long been considered a safe operating system that, with its opensource, community built kernel, is less likely to be a mark for cybercriminals because attacking it can be a far more daunting task than going after other, bigger, more vulnerable targets. But with the rising popularity of Linux and its introduction into the business environment, its attractiveness to hackers has grown as the recent slew of cyberattacks aimed at it can attest. From the backdoored version of Linux Mint that users unwittingly downloaded in February 2016 to the Mirai trojan used in DDoS attacks on computers running Linux in August 2016 and the most recent Erebus Linux ransomware attack that infected South Korean servers in June 2017, Linux’s image as the most secure OS is slowly cracking. And while it has yet to come under the relentless wave of attacks other OS like Windows and Android (that also uses…
Read more
Employees are often cited as one of the top reasons data loss occurs. Whether negligent or malicious, insiders, with high levels of physical and digital access to sensitive information, have the power to inflict the most damage to a company’s data security. According to the IBM X-Force Threat Intelligence Index 2017, negligence accounts for up to 53% of all cyberattacks businesses suffer, depending on the industry sector, while malicious insiders only for up to 25%. However, ill-intent, because it intentionally targets valuable information, is the biggest danger a company faces from the inside. Therefore, it is well worth keeping an eye on disgruntled employees.
Warning signs include virulent disagreements with management or company policies, poor evaluations that might spark discontent and transition to other places of employment. Companies often see a spike in sensitive…
Read more
Cloud services have become a crucial and integrated part of modern IT systems and their security has been continually debated since their emergence. Big cloud service providers such as Amazon and Salesforce have argued that their systems benefit from the kind of heavy-duty state-of-the-art security features smaller businesses are unlikely to ever invest in, making their data less vulnerable in the cloud than on their own servers. However, using cloud services opens data up to easier access and potential breaches. It is, in fact, one of its biggest selling points: data access from anywhere anytime. And while it’s in tune with today’s increasingly mobile, globalized world, it also means that companies have to deal with more vulnerabilities, not necessarily from the cloud services themselves that, as stated above, have taken security concerns very seriously, but from one of …
Read more
With recent surges in hacker attacks and leaks, it seems that sensitive data has never been more vulnerable. And with every aspect of businesses becoming digitized, we are increasingly relying on third party solutions, whether antivirus, Data Loss Prevention, encryption and other solutions to keep our data safe.
Sensitive data comes in different shapes depending on the sector a business is part of. It can take the form of credit card numbers, medical records or social security numbers, but regardless of its actual content we can distinguish three different states it can be found in: data at rest, data in use and data in motion. These three types of data present different levels of vulnerability and different challenges when it comes to their protection.
Data at rest is static data stored on hard drives that is archived or not often accessed or modified. Data in use refers to data that is …
Read more
We are excited to unveil the newest version of our Data Loss Prevention solution: Endpoint Protector 5, presenting important updates and a brand new redesigned interface. Our aim, as always, is to constantly enhance the data protection features, while offering an intuitive user experience.
Endpoint Protector 5 presents some essential changes.
With a more intuitive design, the complex process of securing data becomes easier. IT Admins can benefit from a more user-friendly, modern, and responsive interface of the management console.
Key features and benefits of the new UI include:
- Faster access to certain features, such as DLP blacklists and whitelists, which have been included in the main menu as a separate section
- Flexibility – IT Administrators are now able to manage policies and check reports from any device, from desktop to tablet due to the responsive console
- Intuitive
Next to the Gartner Magic Quadrant for Enterprise Data Loss Prevention, CSOs, IT Managers, and other IT security professionals can take advantage of the most recent research published by Gartner: the Critical Capabilities for Enterprise Data Loss Prevention by Brian Reed and Deborah Kish. The research evaluates DLP products for three use cases: regulatory compliance, intellectual property protection and data visibility and monitoring. Scores have been assigned on a scale of 1 to 5 and derived from nine critical capabilities.
- DLP Endpoint
- DLP Discovery
- DLP Network
- Ease of Deployment
- Configuration Flexibility
- DLP Advanced Detection
- Internationalization Support
- DLP Management System
- DLP Vendor Integrations
We are happy to be included in the research and we believe that the scores reflect our strong DLP capabilities, with a focus on endpoint DLP, with advanced detection techniques,…
Read more
We use the word “enterprise” for a good reason. Big companies or enterprises with more than 500 employees represent complex ecosystems with incredible resources, structures and more importantly, substantial know-how and data. Information security in these organizations is quite challenging and requires significant efforts from several departments and business unit managers, not only the IT department. But does the joint effort really exist? Or it is only a desire of the idealistic IT security vendors? What other recommended practices are not followed in enterprises?
Let’s see what are the 5 most common data security mistakes enterprises can’t afford to make:
1. Failing to make information security a business componentIn an enterprise, let’s say, in the clothes manufacturing industry, having a data breach with the unreleased clothes designs is as bad as delaying…
Read more
Health-related data is moving more and more from paper to electronic records, determining changes in how healthcare organizations or other industries processing healthcare records are managing and protecting their data today. Businesses that are involved in any way with the use or management of PHI (personal health information) of individuals, need to ensure that they secure their sensitive data against loss or leakage, by following security guidelines, like HIPAA, in order to avoid penalties.
What is HIPAAHealth Insurance Portability and Accountability Act of 1996, HIPAA, provides data privacy and security measures for protecting medical information. The legislation is designed to protect the ePHI (electronic protected health information) of individuals, like Social Security Numbers, medical ID numbers, credit card numbers, drivers’ license numbers, home address,…
Read more