Archive for the ‘Data Security’ Category

These days, organizations store vast amounts of data. In fact, 65% of companies are collecting too much data, and are unable to find the time or the resources to analyze it. Not surprisingly, 54% of organizations didn’t know where all of their sensitive data is located. If businesses are unable to identify exactly what data they have and how it is being used, how are they supposed to protect it? … Read more

If we look at some of the most high-profile data breaches of the last few years, you will be astonished at how long it took for the organization involved to detect. Companies as big and as well-equipped as Verifone, took 6 months to detect the data breach that first started in the middle of 2016. It took Forever 21 around 9 months to detect their data breach that started in … Read more

As data breaches continue to make the headlines, more businesses are looking towards encryption technologies to help them secure their critical assets, both at rest and in transit. What is Data Encryption? Data encryption is the method of translating data into another form or code so that access to the data is limited to only those with the correct decryption key (or password). Encrypted data, sometimes referred to as ciphertext, … Read more

Data breaches are inevitable. If your organization stores sensitive data, then it’s likely you will experience a data breach at some point. The longer this data breach goes unnoticed, the more damaging it is likely to be to the reputation, bottom line and processes of your organization. If you’re serious about protecting data, then you need to know what a data breach is and be able to spot the signs … Read more

Credential stuffing is a type of cyber-attack where cyber-criminals steal login credentials from one system and try to use them to gain access to user accounts on another. This is only possible because people have a tendency to re-use login credentials on multiple websites and applications. Credential stuffing is becoming increasingly more popular, largely due to how simple and effective it is. In fact, there are software programs that novice … Read more

The GDPR has been in effect for a long time now, and the most significant change to European Union (EU) privacy law in two decades has made some serious waves. The GDPR was designed to replace the Data Protection Directive (DPD) that came into force in 1995 when web technology was nowhere near as advanced as it is today. The GDPR applies to all organizations handling the data of EU … Read more

In simple terms, data breaches can be defined as incidents where data (particularly sensitive, protected or confidential data) has been accessed, shared or otherwise exposed in an unauthorized way. The actual type of data involved in a breach might vary depending on the organization and the data they process. Many compliance regulations differ on what they define a data breach worthy of notification to actually be. For example, if you’re … Read more

In February of 2019, Gartner published their list of the top 10 security projects for 2019 – a list of security projects that security and risk management leaders need to consider implementing in order to reduce risk and achieve compliance. As organizations grow and become more complex, the prospect of introducing new security projects whilst maintaining existing ones can be daunting. Brian Reed, Senior Director Analyst at Garner, suggests that … Read more

2019 is set for being the worst year on record for data breaches, with as many as 3,813 breaches reported so far. As a result, businesses can no longer cross their fingers and hope that they won’t fall victim to a breach, as the chances are, they will. Businesses who are responsible for the personally identifiable information of consumers will be likely subject to a major compliance regulation (such as … Read more

From a security point of view, it is always recommended to use special service accounts to run application services instead of system accounts. The reason being, if a service account is compromised, the losses will be limited compared to a system account. However, any data breach (big or small) is a threat to IT security and when they can be so easily avoided what’s the point of relaxing security? The … Read more