Sure Ways to Fail in Data Security

When it comes to data protection and regulatory compliance, most of the organizations are not taking into consideration all risk factors that could hinder the security process. The lack of awareness and preparation can lead businesses into failing to protect their company data and preventing data breaches that could cost them their reputation.

No BYOD Policies

According to a research study, uncontrolled user access to data and poor management of where data is stored are two of the biggest mistakes regarding a company’s data security.
Reaching compliance is already a complex process, but companies allowing their employees to transfer data inside and outside the network makes it even more difficult. No employee training or monitoring, along with no BYOD policies is a sure road to failure for any business.
The study shows that a lot of IT professionals (69%) allow employees to transfer…

Read more

CoSoSys included in the Gartner Critical Capabilities for Enterprise Data Loss Prevention

Next to the Gartner Magic Quadrant for Enterprise Data Loss Prevention, CSOs, IT Managers, and other IT security professionals can take advantage of the most recent research published by Gartner: the Critical Capabilities for Enterprise Data Loss Prevention by Brian Reed and Deborah Kish. The research evaluates DLP products for three use cases: regulatory compliance, intellectual property protection and data visibility and monitoring. Scores have been assigned on a scale of 1 to 5 and derived from nine critical capabilities.

  • DLP Endpoint
  • DLP Discovery
  • DLP Network
  • Ease of Deployment
  • Configuration Flexibility
  • DLP Advanced Detection
  • Internationalization Support
  • DLP Management System
  • DLP Vendor Integrations

We are happy to be included in the research and we believe that the scores reflect our strong DLP capabilities, with a focus on endpoint DLP, with advanced detection techniques,…

Read more

PCI Compliance – Why It Is a Must

April 6, 2017 Author: Compliance 0 Comments

Financial institutions often deal with data breaches due to the huge value financial records hold for external attackers or malicious insiders. A data security incident in financial organizations can have multiple negative ramifications for both the organization and the owners of the leaked data.
Last year a series of data breaches occurred in the financial sector: Citizens Bank, Nationstar Mortgage, Central Bank of Russia, TD Bank, Bangladesh Bank, and many others. One of the major causes was the significant rise of phishing attacks, especially CEO spear phishing, resulting in the breach of confidential data, starting from PII, dates of birth, home addresses, e-mail addresses, credit card numbers, social security numbers, etc.

What is PCI DSS?

According to pcicomplianceguide.org, the Payment Card Industry Data Security Standard (PCI DSS) is a set of security standards…

Read more

5 Data Security Mistakes Enterprises Can’t Afford to Make

We use the word “enterprise” for a good reason. Big companies or enterprises with more than 500 employees represent complex ecosystems with incredible resources, structures and more importantly, substantial know-how and data. Information security in these organizations is quite challenging and requires significant efforts from several departments and business unit managers, not only the IT department. But does the joint effort really exist? Or it is only a desire of the idealistic IT security vendors? What other recommended practices are not followed in enterprises?

Let’s see what are the 5 most common data security mistakes enterprises can’t afford to make:

1. Failing to make information security a business component

In an enterprise, let’s say, in the clothes manufacturing industry, having a data breach with the unreleased clothes designs is as bad as delaying…

Read more

HIPAA Basics and The Role of DLP in Meeting Compliance

Health-related data is moving more and more from paper to electronic records, determining changes in how healthcare organizations or other industries processing healthcare records are managing and protecting their data today. Businesses that are involved in any way with the use or management of PHI (personal health information) of individuals, need to ensure that they secure their sensitive data against loss or leakage, by following security guidelines, like HIPAA, in order to avoid penalties.

What is HIPAA

Health Insurance Portability and Accountability Act of 1996, HIPAA, provides data privacy and security measures for protecting medical information. The legislation is designed to protect the ePHI (electronic protected health information) of individuals, like Social Security Numbers, medical ID numbers, credit card numbers, drivers’ license numbers, home address,…

Read more

What CASBs Can and Cannot Do to Secure Your Data

Cloud Access Security Brokers (CASBs) became popular in 2016 and are continuing to get attention from companies, research analysts, and the media. They have emerged as a response to the security and compliance issues caused by cloud adoption and offer visibility into data security threats related to cloud apps usage. CASBs usually sit between users and cloud apps, acting like a gateway to intercept users’ activity and offer control and compliance. The interesting part is that they combine a sum of functionalities from different other existing solutions – firewalls, SIEM, Data Loss Prevention, encryption, and others.

Just to make sure CASBs are not confused with other tools, let’s see what CASBs can and cannot do to secure your data.

CASBs CAN

1. Provide visibility into cloud apps use

CASBs can detect file uploads and downloads and data traffic for approved or unapproved apps…

Read more

CoSoSys Recognized in the 2017 Gartner Magic Quadrant for Enterprise Data Loss Prevention

We are very happy to let you know that we have been included in the February 2017 Gartner Magic Quadrant for Enterprise Data Loss Prevention. As new entrants, we are proud to be positioned the furthest in the Niche Players quadrant.

Vendors have been evaluated based on the ability to execute and the completeness of vision. These two dimensions include several criteria like product or service, overall viability, sales execution/pricing, market execution, customer experience, innovation, and other business and technical aspects. All criteria and their weight are detailed in the report.

We believe one of the factors for our inclusion by Gartner was our ability to help organizations protect data against leakages and theft on Windows, macOS, and Linux, with support for printers, terminal servers and other virtual desktop infrastructure (VDI) thin clients. We also think that a big contribution…

Read more

Endpoint Protector 4 is Winner at the Cybersecurity Excellence Awards 2017

February 15, 2017 Author: Data Loss Prevention 1 Comment

The 2017 Cybersecurity Excellence Awards honor companies and individuals that demonstrate excellence, innovation, and leadership in information security. Winners are being chosen based on the strength of the nomination and the popular vote by the Information Security Community.

“Congratulations to CoSoSys for winning the Data Leakage Prevention category of the 2017 Cybersecurity Excellence Awards,” said Holger Schulze, founder of the Information Security Community on LinkedIn which organizes the awards program. “With over 450 entries, the 2017 awards are highly competitive. All winners and finalists reflect the very best in leadership, excellence, and innovation in today’s cybersecurity industry.”

For us, it’s the 2nd year to participate in the DLP Solution of the Year category. We are proud that this year, and in 2016 as well, Endpoint Protector 4 …

Read more

Do not let the trivial webcam turn into security disasters

Last year, Mark Zuckerberg, has incidentally revealed the simple security measures he takes to secure his MacBook: webcam and mic covered with tape. In short time, the story was covered by many news outlets, drawing everyone’s attention to the security issues. Many asked themselves why he would do such a paranoid thing. Is Mark’s fear of being seen and listened justified? If we think about the possibilities of exploiting webcams, and the fact that there’s even the smallest chance of being watched or heard without our permission, then, Mark’s concerns are totally legit. Taking into consideration the level of success of its business, he has been probably the target of many cyber attacks attempts.
Just imagine yourself sitting home, having a glass of wine and working on your laptop in your pajamas when suddenly your webcam light starts to blink, recording every…

Read more

Macs in Enterprises Today and 5 Steps to Secure Their Data

From a niche player, Apple succeeded to have a general-purpose enterprise use nowadays. Once best suited only for creative roles in design, photography or marketing, today Macs experience a growing adoption in enterprises as a result of a higher demand from all employees. One of the top reasons is the low total cost of ownership; an enterprise could save from $265 to $535 over a four-year period for each employee who uses a Mac over a PC. Apple knows that and their strategy reflects in every release and every product they launch.

Take the macOS Sierra, for example. Currently, its adoption has reached 38% among Mac users, while Windows 10 has less than 25%. When we look at the features that were released in September, we see two things – Apple’s desire to strengthen their market share by unifying users’ experience with all Apple products and their convenience and ease of …

Read more