dcsimg

5 Steps for Developing a Successful Data Access Governance (DAG) Program

Unstructured data (which includes emails, PDFs, documents, presentations, intellectual property and any other data that may exist beyond the scope of your application or database) is fast becoming a prime target for cyber-criminals. To ensure that your unstructured data is sufficiently protected, you will need a Data Access Governance (DAG) program. A common issue, however, is that organizations … [Read more...]

Reporting a Breach Under the GDPR

Even though GDPR is almost upon us, there still seems to be a bit of confusion as to the rules of breach notifications. How long do I have to report a breach? Who do I report a breach to? Do all data breaches need to be reported? It’s natural to have questions, and it’s natural not to want to read that outrageously long book of chapters and articles to find … Read more … [Read more...]

Why Native Auditing Fails When It Comes to Group Policy Auditing

Organizations all over the world rely on Group Policy to control the working environment of both user and computer accounts in Active Directory (AD). However, due complex, scalable nature of Active Directory and the hundreds of available settings within Group Policy, it can be very easy to get it wrong – thus potentially leaving security vulnerabilities or leading to downtime. Due to this … [Read more...]

Sears and Delta Breaches Reinforce Need for PCI DSS Compliance

Sears, Delta, Best Buy, Kmart and likely more organizations have been the victims of a breach affecting payment card information that was obtained through online chat provider [24]7.ai. These attacks took place over the course of a few months in the latter part of 2017 but weren’t reported by the chat provider until April of 2018. Thankfully, it seems as though the breach was relatively small in … [Read more...]

4 Steps to Securing Unstructured Data for Compliance

There are two kinds of data that is stored digitally in your organization; structured and unstructured. Unstructured data is data which does not have any sort of pre-defined data model or isn’t organized in a pre-defined way. It usually comprises the majority of the digital information that an organization stores. The problem is, many companies find it tricky to keep their unstructured data secure … [Read more...]

The Threat of Unstructured Data

It’s true to say that the modern-day business is reliant on data. Organizations are constantly looking for ways to leverage data intelligence to improve marketing activities, sales and operations. But with this reliance comes a cost; the uncontrollable rise of unstructured data. What is Unstructured Data and Why Does It Pose a Problem? As an organization that deals with this every day, we … [Read more...]

Poor Visibility and Weak Passwords are Putting Active Directory at Risk

Active Directory is used by approximately 90% of organizations, yet keeping your AD secure still presents a significant challenge due to the large amounts of critical data that it handles. According to a recent security assessment of Active Directory carried out by Skyport Systems, poor visibility and weak passwords are the leading cause of Active Directory security breaches. The problems arise as … [Read more...]

How LepideAuditor Helps Meet HIPAA Compliance

The Health Insurance Portability and Accountability Act (HIPAA) was put in place in 1996 to continuously develop regulations protecting the privacy and security of electronic protected health information, or ePHI as it is commonly known. It is predominantly broken down into two parts, the HIPAA privacy rule and the HIPAA security rule. The privacy rule establishes national standards for the … [Read more...]

How can Financial Institutions Prevent and Recover from a Data Breach

According to a recent report by IBM X-Force, the financial services sector experienced the largest number of cyber-attacks in 2016. 58% of these attacks were caused by insiders, although only 5% of insider attacks were malicious. Of course, external threats, which account for 42% of attacks, still represent a significant threat. Either way, steps must be taken to help minimise the risks. Below are … [Read more...]