What is Identity and Access Management (IAM)?

According to a recent survey, 74% of breaches involved access to a privileged account, and yet many organizations are still failing to take the steps necessary to prevent the abuse of privileged credentials. Ensuring that privileged accounts are secure requires Identity and Access Management (IAM) – a term used to describe the process of managing digital identities and controlling what … [Read more...]

A Data Breach Detection and Prevention Solution – Lepide Data Security Platform

If your company stores personally identifiable information, or sensitive data of any kind, you’re going to need to have robust data security to ensure you are protected from insider threats, malware, rogue administrators and other data breaches. IT teams must implement third-party data breach detection and prevention solutions to detect, prevent and respond to potential security threats. Achieving … [Read more...]

Best Practices for Your Data Breach Incident Response Plan

All enterprises should have a data breach incident response plan in place to help minimize the damage caused by a cyber-attack. The plan should enable enterprises to recover in the shortest time possible, with the least amount of money spent, and damage caused to their reputation. The plan should include a list of processes that should be executed in the event of a breach and should also provide a … [Read more...]

Why Data Classification is Important for Security

These days, organizations store vast amounts of data. In fact, 65% of companies are collecting too much data, and are unable to find the time or the resources to analyze it. Not surprisingly, 54% of organizations didn’t know where all of their sensitive data is located. If businesses are unable to identify exactly what data they have and how it is being used, how are they supposed to protect … [Read more...]

What is a Data Breach?

In simple terms, data breaches can be defined as incidents where data (particularly sensitive, protected or confidential data) has been accessed, shared or otherwise exposed in an unauthorized way. The actual type of data involved in a breach might vary depending on the organization and the data they process. Many compliance regulations differ on what they define a data breach worthy of … [Read more...]

Security Flaws in S3 Buckets are Responsible for Many Data Breaches

For those that don’t know, an Amazon S3 bucket is a Simple Storage Service (S3), that is offered by Amazon Web Services (AWS) – the most popular cloud service in the world. S3 buckets are used by a number of high-profile service providers such as Netflix, Tumblr, and Reddit. They enable people to store large amounts of data at a relatively low cost, provide “99.99% availability”, … [Read more...]

How Can Technology Help with ISO 27001 Compliance?

The International Organization for Standardization (ISO) is a non-governmental organization for setting proprietary, industrial and commercial standards. In the context of data security, ISO 27001 provides standards for developing and implementing information security policies and processes. Such standards are not enforced, but instead provide a framework to help organizations satisfy the relevant … [Read more...]

15 Questions to Answer for HIPAA Compliance

Any organization that has access to electronic Protected Health Information (ePHI) is required to comply with HIPAA (Health Insurance Portability and Accountability Act of 1996). Given that HIPAA applies to a wide range of covered entities and business associates, the requirements can be somewhat vague, which makes it difficult to know where to start. To help with this, below are 15 key questions … [Read more...]

New Survey Reveals the Importance of Cybersecurity Automation

These days enterprises are dealing with vast amounts of unstructured data – a problem that is compounded by the increasing number of ways to share this data. Despite this, both employers and employees are still failing to either understand or care about their responsibilities when it comes to data protection. According to research carried out by Opinion Matters – an independent … [Read more...]

Data Classification for GDPR: How Classification Can Help You Comply with Regulations

If your organization stores, processes or transfers the data of EU citizens (whether they are your customers or your employees) then the GDPR should be at the forefront of your mind. If you want to avoid the serious implications of non-compliance, including potentially crippling fines, then you need to get to grips with what the GDPR entails and how to ensure you are compliant. If your … [Read more...]