Data Security & Compliance Blog

With the ever-increasing amount of data that companies collect from customers and the changing threat landscape, it’s important to make sure that personally identifiable information (PII) is safeguarded so that it doesn’t end up in the wrong hands. Data breaches are hitting the headlines more frequently and can result in major reputational damage and large fines from data commissioners and regulatory bodies. While many breaches occur through hacked databases or … Read more

The purpose of data classification is to ensure that we know exactly what data we have, where it is located, and how sensitive the data is. Yet, despite how crucial it is to have this knowledge, it is an area of data security that is often overlooked. And then we have Data Loss Prevention (DLP). DLP referrers to the methods we use to prevent the unauthorized disclosure of internal data … Read more

Every time a company experiences a data breach, one of the first things they examine to identify the cause of the breach are the access controls. Having a robust system for controlling access to critical resources is a crucial part of any cyber-security defence strategy. Access control is achieved through two core concepts: authentication and authorization, which are used to determine that users are who they say they are, and … Read more

Business Email Compromise (BEC), formally known as the “man-in-the-email” scam, is a type of cyber-attack whereby the attackers use fraudulent emails to trick unsuspecting victims into transferring money to their bank account. In some cases, the attacker may seek to obtain sensitive data instead, which they can use for other criminal activities. The average daily volume of BEC emails in 2019 was significantly higher that it was in 2018 – … Read more

Having data open to everyone is a sure-fire way of leaving yourself exposed to potential data breaches or privilege abuse. Unfortunately, many organizations seem to be making the same mistake when it comes to open shares. Fixing open shares can help improve data security, and in this blog, we will find out how. What Are Open Shares? An “open share” is a resource that is accessible to most, or all … Read more

Data privacy is undoubtedly going to become more of a priority for consumers in 2020, and it should therefore be on the top of your list of priorities to address. Government regulations have already forced many businesses to take a long hard look at how they approach data privacy, at it’s likely that newer, more stringent regulations will be implemented over the next decade. In this article, we will go … Read more

Security teams across the globe are grappling with a seemingly insurmountable problem, and that is, people make mistakes! We all have moments of weakness, and we all have the potential of being manipulated by malicious actors. And yes! Even those who are responsible for maintaining the security of our critical systems, will sometimes fall victim to a social engineering scam. With this in mind, it’s hardly surprising that cyber-criminals seek … Read more

2019 will soon come to a close, and it was as eventful as ever. During the first half of the year we have already seen more than 4 billion records exposed, almost 4,000 data breaches made public and a rise of more than 50% in the number of reported breaches. It is time for us to speculate about what 2020 will bring, to help us stay ahead of the curve … Read more

Have you ever received a SOC audit request and wondered where on earth to start? Maybe you’re even performed SOC audits in the past, but you weren’t thrilled with the results. Either way, it’s always a good idea to brush up on the requirements for SOC audits and how best to prepare for them. In this blog, we will go through what is required from SOC 1, SOC 2 and … Read more

The ability to determine who should and shouldn’t have access to what data, is an integral part of any data security strategy, or at least it should be. Unfortunately, many organizations still don’t have the control that they need to keep their data secure. Many don’t have a complete inventory of what data they store, let alone a clear understanding of how that data is being accessed. According to a … Read more