Blog Banner

Keeping Data Safe This Black Friday

Decorative image of "E-Buy" Computer Key Tomorrow, most Americans will be enjoying Thanksgiving festivities with their family, celebrating what they are truly thankful for over a feast of plenty. However, the Friday after is a different story. While some might want to stay put and watch the shopping unfold on the news, others will be in the depths of shopping galore. And while I do like a little shopping myself, I’d like to take a minute to remind everyone about keeping data safe this black Friday.

High profile retail data breaches have also been of plenty over the last year. It was almost a year ago that Target was breached, and Sally Beauty, Neiman Marcus, Michaels, Kmart and Home Depot have all recently suffered data breaches that exposed their customers’ personal and payment card data. With billions to be spent on Black Friday, and a lot of that spent via credit and debit cards, retailers are responsible for a whopping amount of personally identifiable information (PII) and financial information.

With the constant threat of security breaches looming, it is more critical now than ever to keep data safe this Black Friday. Retailers need to secure the payment processes and protect customers’ account data. If you are storing cardholder data or any of your customers’ PII, you’ll need to protect that information. Here are a few suggestions to keep data safe:

  • Don’t trust the network – If an area of the network houses data, applications, or systems that are considered highly sensitive, then no one accessing them should be completely trusted, ever! Instead, the context and posture of the user’s current environment and device should be assessed and compared to corporate policy: What type of device are they using? Where are they? Does the device comply with corporate policy?
  • Don’t trust that application content is secure – Unfortunately, even with a content management system in place, files move around in companies– via copying, desktop download, email, etc. Therefore, you cannot always trust that sensitive information will remain there and stay secure. Put controls in place to restrict what authorized users can do with sensitive documents to limit the damage that can be done by accidental or unauthorized sharing.
  • Enforce policies on the handling of cardholder data – Paper policies are great, but how can you ensure employees are following them? Prevent or warn users if they attempt to distribute sensitive information such as cardholder data or confidential documents against policy using predefined rules. Key stakeholders should be automatically notified of violations so that appropriate actions can be taken.
  • Know how cardholder data is used – Track and monitor the entire lifecycle of documents containing cardholder data. Audit trails to record which users opened, printed or emailed documents containing cardholder data or other PII content are an important step to assess security and track potential misuse or leaks.

Learn more about securing application content with PII and securing network and application access.

Lastly, Happy Thanksgiving from all of us at Cryptzone and HiSoftware.

Section 508 Coordinators, HiSoftware and Microsoft Discuss SharePoint Accessibility

Decorative image of access key on keyboardLast week, I was in Washington, DC for Global Accessibility Day, a gathering of the Section 508 coordinators brought together by Microsoft to discuss SharePoint accessibility.

Some of you may not know that I was one of the attorneys responsible for surveying all of the Federal agencies and developing the report on Section 508 compliance to the President and the Congress. I worked with a number of 508 Coordinators to create many portions of that survey. During that time, I also became acutely aware of the challenges that they face. They all want to make their agencies accessible and provide opportunities for people with disabilities, but face a constant uphill battle to get accessibility recognized by their leadership.

What Every Business Can Learn from Snowden

Decorative image of 4News out that there is a second or even third leaker turning sensitive documents about the U.S. government’s terrorist watch list to a journalist reminds us all about the security of information. With this in mind, today we focus on what every business can learn from Snowden.

While you may not be keeping national secrets, content is the bread and butter for any organization. It might be customer information, HR details, intellectual property (IP) or financial and commercial information. For organizations to get the most out of content, we collaborate on it. We have it stored in platforms like SharePoint or in file shares. It is online, offline, in the cloud, on our desktops or mobile devices. We need it to achieve an end goal.

2014 Sees 25% Increase in Data Breaches

Decorative image of infographic on data breachesAnother year, another data breach; or so it seems. Year after year, the importance of securing personally identifiable information (PII), protected health information (PHI), credit card information or even company confidential information increases. In our globally connected world, data needs to be secured.

Discouragingly though, the Identify Theft Resource Center (ITRC) reports that as of this week’s total of 644 breaches, there has been a 25.3 percent increase over the same time period last year (514 breaches).

HiSoftware Accessibility Experts to Present at Accessing Higher Ground

Ahead logoNext week, HiSoftware’s Jeff Singleton and Ken Nakata will present at the 17th Annual Accessing Higher Ground: Accessible Media, Web and Technology Conference.

The event held from November 17, 2014 – November 21, 2014 in Colorado is focused on the implementation and benefits of Accessible Media, Universal Design and Assistive Technology in the university, business and public setting. Other topic areas cover legal and policy issues, including ADA and 508 compliance. The creation of accessible media and information resources, including Web pages and library resources are a particular focus of the event.

2015 Trends: Risk-Based Security and Self-Protection & Context-Rich Systems

decorative image of 2015It’s hard to believe we are in the last quarter of 2014. This has been a tough year for security with household names including Target, Sally Beauty, Neiman Marcus, Michaels, KMart, Dairy Queen and Home Depot all suffering data breaches that exposed their customers’ personal and payment card data. As we all look towards 2015 and our security practices in light of these breaches, Gartner’s recently released top 10 strategic technology trends struck a chord. Two I found particularly relevant to our readers include:

Visit HiSoftware at SharePoint TechFest Houston

logo of SharePoint TechFest HoustonSharePoint TechFest Houston starts tomorrow! We hope to see you during the event. Be sure to stop by Booth #11 to learn more about our solutions to rein in compliance and secure sensitive content in SharePoint for improved collaboration. You can also enter to win a $100 American Express Gift Card.

Trick or Treat? IT Security Pros Beware

IT security professionals, beware! Here are four individuals you’ll want to avoid this Halloween and steps you can take to protect your organization against them throughout the year!

Decorative image of vampire mouth and teethThe Vampire

Vampires feed on the blood of living creatures and cause mischief amongst the neighborhoods they live. This Halloween, avoid vampires in the workplace. These are the employees that maliciously suck information like client contacts, internal communications on products and confidential information from the organization. With 50% of employees admitting to taking corporate data with them when they leave a job, it’s important these vampires are stopped.

HiSoftware’s New Product and Accessibility Training Portal

Screenshot of  training video portalWant to learn more about using HiSoftware’s products? Now we have the tool for you. Today we announced the availability of a new on-demand, video-based Product and Accessibility Training Portal to improve customers’ working knowledge of products and provide in-depth Web accessibility training for developers.

AFM Module Supports SharePoint 2013

AFM Screen ShotWhile public-facing websites have traditionally been the focus for accessibility, the growing reliance on systems like SharePoint for internal collaboration requires organizations to also consider application accessibility. Today we announced that the latest version of the Accessibility Foundation Module (AFM) for SharePoint now supports SharePoint 2013. AFM ensures SharePoint environments can be used and accessed by all users in compliance with Section 508 and WCAG 2.0 standards.

Powered by WordPress