According to our friends at the Ponemon Institute, 65 percent of info security pros would like to store object data in the cloud. Unfortunately, 47 percent don’t believe or are not sure if data in the cloud is as secure as their own data center. Without drawing intersecting circles of interrelationship, it is clear that there is a bit of a disconnect. While the primary reason for wanting to move…
The landscape of the traditional perimeter security model is changing as many market segments, such as financial services, march toward digital transformation. Although the traditional approach of using firewalls, VPNs, and NAC technologies is still relevant to internet defenses, additional security solutions such as a Zero Trust model is necessary to mitigate malware, attack, breach, and data leakage assaults. These zero trust models utilize authentication, authorization, and verification controls for…
Two units of the Department of Health and Human Services (HHS) — the Office of the National Coordinator for Health IT and the Centers for Medicare and Medicaid Services (CMS) — issued proposed rules to address the blocking of secure information exchange. According to a CMS administrator, the proposals will “out” healthcare agencies that prohibit patients from accessing their health records. Currently a major hurdle in enabling the electronic health…
HIMSS released a report focusing on healthcare cybersecurity trends for 2019 including electronic health records (EHR) and protected health information (PHI). The Health Information and Management Systems Society (HIMSS) recently published its 2019 Healthcare Trends Forecast and it wasn’t a surprise that privacy and security are top of mind when it comes to health records. Dedicated to improving healthcare through the best use of technology and management systems, HIMSS equips…
It’s startling, but in 2017 more than 16 million Americans reported having their identities stolen. In response, federal and state governments, and industry regulators have enacted laws requiring organizations to improve their handling of sensitive data and have stipulated stiff monetary and licensing penalties for those that do not comply. Like identity fraud, one of the most valuable targets for cyber attacks is data-at-rest due to the immense amount of…
NOTE: While the webcast and our published materials are an analysis of this new law, they are not legal advice; for legal advice on this subject please seek legal counsel. Some of these questions have been edited for clarity. Jurisdiction Questions Question: Does this protection only exist if you’re an Ohio business? Can you explain the protection for those of us that are not Ohio companies? Answer: This protection applies…
At a rate of three new breaches per day in 2018, the selling of Personal Identifiable Information (PII) is a growing and lucrative marketplace. Every week new underground storefronts pop up on the dark web ready to facilitate the sale of stolen PII, including names, birthdates, Social Security numbers, credit card and banking information, and even voter records. For an unbelievably small investment, cybercriminals can walk off with valuable personal…
In December of last year, the Oklahoma Securities Commission learned that millions of sensitive files were left publicly exposed on one of their storage servers. Covering a broad sweep of disparate areas, the problem was fixed a day later, but not before thousands of email backups and images were left unprotected. Some of these files were long forgotten, dating back to 1986, and included highly sensitive life insurance information on…
What is Sensitive Data Classification? Sensitive data can be a number of things. The easiest way to think about it is to think of personal data you would not want to be shared with just anyone. There are several common pieces of sensitive data: Financial information – credit card numbers, bank account information, and social security numbers. Government information – any document that is classified as secret or top-secret, restricted,…
Healthcare Data Security – Data Loss Prevention In the healthcare industry, there is a ton of personal information stored – making healthcare cybersecurity vital. From medical charts and records, prescription and health insurance information, social security numbers, to payment details. Working in healthcare organizations like a doctor’s office, pharmacy, insurance company, or a hospital ensuring the safety of patient data is crucial. Breaches in the healthcare industry are occurring more…