The Equifax Breach & How to Protect Yourself and Your Business (by Todd Feinman, CEO and Founder of Spirion) My team thought others would be interested in a memo that I sent to some friends and colleagues. The memo follows: I have received an overwhelming number of requests for information about what to do since the Equifax leak of 143 million SSNs was disclosed. I’ve tried to summarize those questions to help you protect yourself, your family, and your business. If… Continue reading This entry was posted in Breaches, Classification, data breach, Data privacy, Data Security, DLP, Uncategorized on September 18, 2017 by Douglas Ribback
Why It’s Easy to Protect Customers and Avoid Equifax’s Mistakes (by Todd Feinman, CEO and Founder Spirion) Equifax allowed 143 million Social Security Numbers (SSN), Names, Date of Birth (DOB), and other personally identifiable information (PII) to be stolen. This affects most of us personally because we all have financial accounts (e.g., credit card, bank account, mortgage, car lease) and it’s highly likely Equifax was the recipient of your SSN from a bank who ran a credit report on you… Continue reading This entry was posted in Breaches, Classification, consumer privacy, data breach, Data privacy, Data Security, DLP, Regulation, risk management, Uncategorized and tagged Equifax, Todd Feinman on September 11, 2017 by Douglas Ribback
My Experience Report as a Former Spirion Customer and Advocate (by Cory Retherford, Spirion user) Greetings! I am a Solution Engineer for Spirion, LLC. My adventure using the data security software began in 2007 as the Indiana University Technology Services Manager for Student Enrollment Services. We had an organizational mission to provide a solution that would allow a better understanding our data footprint and the types of data existing on our workstations, servers, and websites. As it happens fate guided me to the Identity… Continue reading This entry was posted in Breaches, Classification, Data privacy, Data Security, DLP, risk management, Uncategorized on September 11, 2017 by Douglas Ribback
Understanding What Makes Data Sensitive? Classified data is data that has been tagged with information that identifies that data by specific attributes that allow people and technologies to treat it in a specific way. So, what makes data sensitive and how can you determine how sensitive it is and when and how to classify it? Read on to find out. Understanding What Makes Data Sensitive? Sensitive Data is information which, if accessed by an adversary,… Continue reading This entry was posted in Uncategorized on June 16, 2017 by Douglas Ribback
Forrester Webinar – Data Classification: Building a Foundation for Data Security and Privacy Data classification is a core component of defining and understanding data that security and risk professionals must protect, as well as identifying the way employees should handle it and the types of security controls that are necessary. Data classification tools, which include manual (user-driven) and automated classification, help organizations apply metadata tags to sensitive data. In the last year, more than half of global security decision makers have implemented data… Continue reading This entry was posted in Classification on June 3, 2017 by Douglas Ribback
Announcing the Classification for Dummies Blog Series Over the next 2 months, we’ll be posting a series of blogs that will share information and best practices garnered from over a decade of experience implementing data discovery and more recent data classification solutions. In this blog series you will learn how to identify data as sensitive, how to define a classification schema and separate your data, the risks of not classifying data balanced with the benefits of a… Continue reading This entry was posted in Classification on May 10, 2017 by Douglas Ribback
Ponemon Report: The Impact of Data Discovery and Data Classification In Information Security Following Spirion’s presentation at RSA 2017, “The Impact of Data Discovery and Data Classification in Information Security” Dr. Larry Ponemon of the Ponemon Institute discusses some of the key findings from “The Importance of DLP in Cybersecurity Defense” Ponemon report. The report, which was published in February of 2017, found significant differences between responses of those that are using a manual approach to mitigate or curtail the leakage of sensitive… Continue reading This entry was posted in Classification, data breach, Data Security, DLP, Ponemon, Uncategorized and tagged DLP, Ponemon, Ponemon Institute on April 13, 2017 by Douglas Ribback
Attackers don’t play fair. Neither should you. We’ve all heard sports stars and even militaries quote the famous Chinese general Sun Tzu when preparing for a big game or battle. Sun Tzu was a master strategist and completely grasped the concept of deception when facing an opponent. One of the best quotes in his famous book, “The Art of War” regarding deception goes like this: “All warfare is based on deception. Hence, when we are able to… Continue reading This entry was posted in Data privacy, Data Security, risk management on May 3, 2016 by Matthew Pascucci
Sensitive Data Management Maturity – The DLP Missing Link At the 2016 RSA Conference in San Francisco, CA, Todd Feinman, CEO and Gabriel Gumbs, VP of Product Strategy presented on Sensitive Data Management Maturity – The DLP Missing Link. As a company and with the help of industry professionals, we created a Sensitive Data Maturity Model to help organizations identify where their data is, who owns it, what should be done with it, and how much of it exists…. Continue reading This entry was posted in Classification, Conferences, Data privacy, Data Security, DLP, sensitive data management, Sensitive Data Manager and tagged Data Classification, Gabriel Gumbs, PCI, PHI, PII, sensitive data, sensitive data manager, Sensitive Data Maturity Model, Todd Feinman on March 24, 2016 by Douglas Ribback
Eight Things to Consider When Classifying Your Sensitive Data Data classification is simple—it entails assigning a level of sensitivity to each piece of information, making it easier to locate and retrieve. Classifying data is essential in enabling enterprises to make sense of their vast amounts of data. Without data classification, an organization treats all data as if it were the same. You can’t know the level of sensitivity of any specific data because it hasn’t been properly categorized…. Continue reading This entry was posted in Classification, data breach, Data privacy, Data Security, PCI-DSS, Regulation, Sensitive Data Manager and tagged classification, Compliance, data breach, data breaches, data loss prevention, data privacy, HIPAA, PCI DSS, sensitive data, sensitive data manager on February 25, 2016 by Douglas Ribback
