Data Security & Compliance Blog

Data privacy is undoubtedly going to become more of a priority for consumers in 2020, and it should therefore be on the top of your list of priorities to address. Government regulations have already forced many businesses to take a long hard look at how they approach data privacy, at it’s likely that newer, more stringent regulations will be implemented over the next decade. In this article, we will go … Read more

Security teams across the globe are grappling with a seemingly insurmountable problem, and that is, people make mistakes! We all have moments of weakness, and we all have the potential of being manipulated by malicious actors. And yes! Even those who are responsible for maintaining the security of our critical systems, will sometimes fall victim to a social engineering scam. With this in mind, it’s hardly surprising that cyber-criminals seek … Read more

2019 will soon come to a close, and it was as eventful as ever. During the first half of the year we have already seen more than 4 billion records exposed, almost 4,000 data breaches made public and a rise of more than 50% in the number of reported breaches. It is time for us to speculate about what 2020 will bring, to help us stay ahead of the curve … Read more

Have you ever received a SOC audit request and wondered where on earth to start? Maybe you’re even performed SOC audits in the past, but you weren’t thrilled with the results. Either way, it’s always a good idea to brush up on the requirements for SOC audits and how best to prepare for them. In this blog, we will go through what is required from SOC 1, SOC 2 and … Read more

The ability to determine who should and shouldn’t have access to what data, is an integral part of any data security strategy, or at least it should be. Unfortunately, many organizations still don’t have the control that they need to keep their data secure. Many don’t have a complete inventory of what data they store, let alone a clear understanding of how that data is being accessed. According to a … Read more

If your company stores personally identifiable information, or sensitive data of any kind, you’re going to need to have robust data security to ensure you are protected from insider threats, malware, rogue administrators and other data breaches. IT teams must implement third-party data breach detection and prevention solutions to detect, prevent and respond to potential security threats. Achieving the required level of data security without the use of a third-party … Read more

Are you confident that your organization would not experience a data breach? If I were you, I wouldn’t be. Recent studies have confirmed that 88% of organizations in the UK were breached last year in some way, shape or form – and the USA is doing no better. The consequences of the breaches vary drastically, with some breaches being imperceptible from the inside. It’s very possible that you have already … Read more

There are some simple Group Policy Settings, which if appropriately configured, can help to prevent data breaches. You can make your organizational network safer by configuring the security and operational behavior of computers through Group Policy (a group of settings in the computer registry). Through Group Policy, you can prevent users from accessing specific resources, run scripts, and perform simple tasks such as forcing a particular home page to open … Read more

Data protection regulations such as HIPAA, PCI-DSS and SOX, have unquestionably made an impact on the way organizations protect their sensitive data. However, unlike the GDPR, the average person has probably never heard of them. Since the advent of the EU General Data Protection Regulation (GDPR), business executives have been under increasing pressure to get their house in order and clean up their data security practices. After all, a failure … Read more

All enterprises should have a data breach incident response plan in place to help minimize the damage caused by a cyber-attack. The plan should enable enterprises to recover in the shortest time possible, with the least amount of money spent, and damage caused to their reputation. The plan should include a list of processes that should be executed in the event of a breach and should also provide a clear … Read more