With recent surges in hacker attacks and leaks, it seems that sensitive data has never been more vulnerable. And with every aspect of businesses becoming digitized, we are increasingly relying on third party solutions, whether antivirus, Data Loss Prevention, encryption and other solutions to keep our data safe.
Sensitive data comes in different shapes depending on the sector a business is part of. It can take the form of credit card numbers, medical records or social security numbers, but regardless of its actual content we can distinguish three different states it can be found in: data at rest, data in use and data in motion. These three types of data present different levels of vulnerability and different challenges when it comes to their protection.
Data at rest is static data stored on hard drives that is archived or not often accessed or modified. Data in use refers to data that is …Read more
The countdown has started to the implementation of the EU General Data Protection Regulation (GDPR) on 25 May 2018. With less than a year to go until the new regulations come into force, companies are scrambling to get their GDPR ducks in a row.
We here at CoSoSys have already put together a handy guide to what GDPR is and how Endpoint Protector can help our clients achieve compliance. However, during our recent participation in InfoSecurity Europe 2017, the question we were most frequently asked was in regards to the role Data Loss Prevention can play in the rush for compliance so we decided to address the issue here on the blog as well.What is GDPR and how will it affect your business?
The GDPR was a regulation jointly issued by the European Commission, the European Parliament and the Council of Ministers of the European Union to strengthen and unify data protection for EU citizens.
It is the …Read more
Last year, New York became the 1st state that proposed cyber security regulations for the financial organisations. This year, on March 1st, the New York Department of Financial Services (NYDFS) Cybersecurity Requirements came into effect.
This new regulation requires financial institutions like banks and insurance companies, and others to establish and maintain cybersecurity programs in order to protect consumers’ private data. Financial organisations have an 180-days transition period to enhance their infosec implementation in order to protect their Information Systems and Nonpublic Information (NPI). By August 28, 2017, must have a cybersecurity program in place and starting February 15, 2018, they must be able to demonstrate they are compliant by submitting annual Certifications of Compliance.What is the Information…Read more
Apple announced the upcoming release of its macOS 10.13, dubbed High Sierra, at the Apple Worldwide Developers Conference(WWDC) 2017 keynote event in San Jose earlier this month. It brings many under the hood changes along with some new eye catching updates for everyday users.
The Cupertino-based company is clearly starting to take into account the thousands of Macs used across enterprises with some updates aimed to improve the management and configuration of large scale Mac deployments. High Sierra will bring new MDM configurations such as the 802.1X Ethernet, management of firmware passwords and user accounts, tools to shut down and/or restart macOS remotely, FileVault key escrow and restrictions to iCloud desktop and documents. It will also include the ability to delay software updates for up to 90 days so IT teams can test them before installation.
The most notable change in…Read more
Between 6-8 June, security specialists once more descended on the Olympia in London for Europe’s biggest information security event, Infosecurity Europe 2017. Amid stunning Victorian architecture, vendors from across the globe unveiled their latest projects and their most successful products to a crowd of enthusiastic guests from across a multitude of industries. CoSoSys participated for the 4th time this year and our team was on hand to present and guide visitors into a demonstration of our Data Loss Prevention solutions.
Playfulness was the name of the game in the exhibition area, with the Olympia’s Grand Hall highlighting not only the tremendous growth and diversity of the information security sector, but also the creative way the over 360 vendors present have learned to showcase their products. CoSoSys was no exception: our booth’s…Read more
The premier gathering of security leaders, Infosecurity Europe, delivers every year significant insights into the data security world through the exhibition area as well as the conference programs. The event is a great opportunity for IT security professionals and business managers to find inspiration for their data protection challenges in terms of approach and solutions to implement. Infosecurity Europe is the largest and most comprehensive conference program in the region, featuring over 360 exhibitors showcasing the most relevant information security solutions and products to 13,500 visitors.
We are exhibiting at Infosec Europe for several years now and we are looking forward to this year’s edition. The team will be ready to showcase our latest product update – Endpoint Protector 5 – with the updated eDiscovery module, the redesigned, responsive…Read more
We are excited to unveil the newest version of our Data Loss Prevention solution: Endpoint Protector 5, presenting important updates and a brand new redesigned interface. Our aim, as always, is to constantly enhance the data protection features, while offering an intuitive user experience.
Endpoint Protector 5 presents some essential changes.
With a more intuitive design, the complex process of securing data becomes easier. IT Admins can benefit from a more user-friendly, modern, and responsive interface of the management console.
Key features and benefits of the new UI include:
- Faster access to certain features, such as DLP blacklists and whitelists, which have been included in the main menu as a separate section
- Flexibility – IT Administrators are now able to manage policies and check reports from any device, from desktop to tablet due to the responsive console
When it comes to data protection and regulatory compliance, most of the organizations are not taking into consideration all risk factors that could hinder the security process. The lack of awareness and preparation can lead businesses into failing to protect their company data and preventing data breaches that could cost them their reputation.No BYOD Policies
According to a research study, uncontrolled user access to data and poor management of where data is stored are two of the biggest mistakes regarding a company’s data security.
Reaching compliance is already a complex process, but companies allowing their employees to transfer data inside and outside the network makes it even more difficult. No employee training or monitoring, along with no BYOD policies is a sure road to failure for any business.
The study shows that a lot of IT professionals (69%) allow employees to transfer…
Next to the Gartner Magic Quadrant for Enterprise Data Loss Prevention, CSOs, IT Managers, and other IT security professionals can take advantage of the most recent research published by Gartner: the Critical Capabilities for Enterprise Data Loss Prevention by Brian Reed and Deborah Kish. The research evaluates DLP products for three use cases: regulatory compliance, intellectual property protection and data visibility and monitoring. Scores have been assigned on a scale of 1 to 5 and derived from nine critical capabilities.
- DLP Endpoint
- DLP Discovery
- DLP Network
- Ease of Deployment
- Configuration Flexibility
- DLP Advanced Detection
- Internationalization Support
- DLP Management System
- DLP Vendor Integrations
We are happy to be included in the research and we believe that the scores reflect our strong DLP capabilities, with a focus on endpoint DLP, with advanced detection techniques,…Read more
Financial institutions often deal with data breaches due to the huge value financial records hold for external attackers or malicious insiders. A data security incident in financial organizations can have multiple negative ramifications for both the organization and the owners of the leaked data.
Last year a series of data breaches occurred in the financial sector: Citizens Bank, Nationstar Mortgage, Central Bank of Russia, TD Bank, Bangladesh Bank, and many others. One of the major causes was the significant rise of phishing attacks, especially CEO spear phishing, resulting in the breach of confidential data, starting from PII, dates of birth, home addresses, e-mail addresses, credit card numbers, social security numbers, etc.
According to pcicomplianceguide.org, the Payment Card Industry Data Security Standard (PCI DSS) is a set of security standards…Read more