All Data Loss Prevention related articles
The beginning of the New Year is a time when many companies consider the most pressing issues they have to solve in the upcoming year. With 2017 turning out to be one of the most taxing years for data security in memory, 2018 will be the year when companies will have to fight back by building up better defenses against breaches and leaks. Whether out of their own concern or obligated by new legislations, businesses’ New Year resolutions should feature data protection at their core.
Here are our top picks for what companies should be focusing on when it comes to data loss prevention in the New Year:1. Become GDPR compliant
This point should come as no surprise to any business dealing with customers located in Europe. The EU’s General Data Protection Regulation (GDPR) will come into full force on 25 May 2018 and companies that will not align its policies to the new legislation’s strict regulations…Read more
With the holiday season around the corner, many employees are taking extended holidays, some choosing to work remotely to enjoy longer stays with their families. This adds an extra layer of peril to data security as work laptops and devices head out of the safety of company networks and into the busy and often times dangerous world of international travel and public internet.
Some of the most common cases of data loss occur when employees are on the move, with devices forgotten or stolen from public places. Trust in insecure networks can also lead to potential breaches and company sensitive data winding up in the wrong hands.
As remote work becomes a staple of the modern work environment, it is however up to the company to step up and ensure that their employees both understand how to keep their data safe while working remotely, but also take measures to prevent incidents from occurring.
Nowadays, it seems not a day goes by without another high-profile data breach being announced. From Equifax and Uber to Forever 21, no company, no matter how big, seems safe from sensitive information leaks. The consequences for these breaches range from loss of profit and customer confidence to more serious charges of noncompliance with data protection regulations and hefty fines.
Data Loss Prevention (DLP) technologies were developed to tackle this increasing threat to the security of companies’ most sensitive information. Since their emergence, they have become an indispensable part of IT departments’ security framework, protecting against both insider and outsider threats and helping to maintain compliance with increasingly complex data protection regulations.
While Data Loss Prevention has become a household name in the world of information security and more…Read more
Nowadays, you will be hard-pressed to find a company that does not understand the importance of digital security. With departments ranging from distribution and logistics to marketing, engineering and design all relying on digital tools to gather information and perform their tasks, data has never been produced in such large quantities and at such speed. Such amounts of information coupled with ubiquitous internet is a match made in hacker heaven and with new breaches made public every day, security has moved up on businesses’ priority list, becoming a top concern.
However, a traditional security strategy, usually aimed at in-house IT infrastructure that includes firewalls, antivirus software and access control, is no longer a guarantee against breaches. Technology has given the work environment a degree of never before seen dynamism and flexibility. This inevitably means…Read more
The enforcement of the EU General Data Protection Regulation (GDPR) is less than ten months away and companies across the EU and international businesses with European customers are already taking steps to achieve compliance. While some are still bewildered by its legal jargon, many tech companies and news outlets have come to the rescue providing extensive guides and infographics to help businesses understand what GDPR is, what its requirements mean for everyday company operations and how they can get started on the road to compliance. We, at Endpoint Protector, have also put together a handy guide and an informational video about GDPR compliance.
In short, the GDPR is the most notable change in data privacy regulation in Europe in the last 20 years and its purpose is to protect EU citizens’ private data, solidifying their right to demand that data controllers and processors delete,…Read more
In its 2016 top 10 security predictions, Gartner warned that by 2020 shadow IT is likely to account for a third of successful attacks experienced by enterprises. A relatively new concept that has arisen in recent years as a consequence of mounting pressure on IT departments to deliver as well as outdated company policies, shadow IT has become an uneasy element most companies either knowingly tolerate or are unaware of.
What is Shadow IT?
Shadow IT refers to applications and digital solutions not expressly sanctioned by management, but widely used in certain departments or the entire company to minimize workloads, often for the sake of convenience or as communication and collaboration tools. Slack, Evernote, Google Docs, for example, can be in many cases considered shadow IT.
There are multiple factors that have led to the rise of shadow IT. One has been the introduction of BYOD and the…Read more
Linux has long been considered a safe operating system that, with its opensource, community built kernel, is less likely to be a mark for cybercriminals because attacking it can be a far more daunting task than going after other, bigger, more vulnerable targets. But with the rising popularity of Linux and its introduction into the business environment, its attractiveness to hackers has grown as the recent slew of cyberattacks aimed at it can attest. From the backdoored version of Linux Mint that users unwittingly downloaded in February 2016 to the Mirai trojan used in DDoS attacks on computers running Linux in August 2016 and the most recent Erebus Linux ransomware attack that infected South Korean servers in June 2017, Linux’s image as the most secure OS is slowly cracking. And while it has yet to come under the relentless wave of attacks other OS like Windows and Android (that also uses…Read more
Employees are often cited as one of the top reasons data loss occurs. Whether negligent or malicious, insiders, with high levels of physical and digital access to sensitive information, have the power to inflict the most damage to a company’s data security. According to the IBM X-Force Threat Intelligence Index 2017, negligence accounts for up to 53% of all cyberattacks businesses suffer, depending on the industry sector, while malicious insiders only for up to 25%. However, ill-intent, because it intentionally targets valuable information, is the biggest danger a company faces from the inside. Therefore, it is well worth keeping an eye on disgruntled employees.
Warning signs include virulent disagreements with management or company policies, poor evaluations that might spark discontent and transition to other places of employment. Companies often see a spike in sensitive…Read more
Cloud services have become a crucial and integrated part of modern IT systems and their security has been continually debated since their emergence. Big cloud service providers such as Amazon and Salesforce have argued that their systems benefit from the kind of heavy-duty state-of-the-art security features smaller businesses are unlikely to ever invest in, making their data less vulnerable in the cloud than on their own servers. However, using cloud services opens data up to easier access and potential breaches. It is, in fact, one of its biggest selling points: data access from anywhere anytime. And while it’s in tune with today’s increasingly mobile, globalized world, it also means that companies have to deal with more vulnerabilities, not necessarily from the cloud services themselves that, as stated above, have taken security concerns very seriously, but from one of …Read more
With recent surges in hacker attacks and leaks, it seems that sensitive data has never been more vulnerable. And with every aspect of businesses becoming digitized, we are increasingly relying on third party solutions, whether antivirus, Data Loss Prevention, encryption and other solutions to keep our data safe.
Sensitive data comes in different shapes depending on the sector a business is part of. It can take the form of credit card numbers, medical records or social security numbers, but regardless of its actual content we can distinguish three different states it can be found in: data at rest, data in use and data in motion. These three types of data present different levels of vulnerability and different challenges when it comes to their protection.
Data at rest is static data stored on hard drives that is archived or not often accessed or modified. Data in use refers to data that is …Read more