Blog Banner

Category Archives: Security

Trick or Treat? IT Security Pros Beware

IT security professionals, beware! Here are four individuals you’ll want to avoid this Halloween and steps you can take to protect your organization against them throughout the year!

Decorative image of vampire mouth and teethThe Vampire

Vampires feed on the blood of living creatures and cause mischief amongst the neighborhoods they live. This Halloween, avoid vampires in the workplace. These are the employees that maliciously suck information like client contacts, internal communications on products and confidential information from the organization. With 50% of employees admitting to taking corporate data with them when they leave a job, it’s important these vampires are stopped.

HiSoftware’s New Product and Accessibility Training Portal

Screenshot of  training video portalWant to learn more about using HiSoftware’s products? Now we have the tool for you. Today we announced the availability of a new on-demand, video-based Product and Accessibility Training Portal to improve customers’ working knowledge of products and provide in-depth Web accessibility training for developers.

Join HiSoftware at SharePoint Saturday New Hampshire #SPSNH

Logo of SharePoint Saturday EventsSharePoint Saturday New Hampshire#SPSNH is tomorrow and it’s in HiSoftware’s backyard. We’re excited to support our local SharePoint Saturday as a lunch sponsor and will offer you an overview of HiSofware as you eat. Our CTO and Microsoft MVP, Chris McNulty will also present a session on “Access Apps for Business Users with PowerBI on Office 365” (see details below).

Simplifying the Creation of Non-Employee Portals in SharePoint

decorative image of employees with question marksSharePoint 2013 offers companies more flexibility in creating portals for internal and external collaboration alike. Many companies are now looking to use the platform to build hubs for non-employees to access information. The problem is there are some issues and limitations with Microsoft’s recommended strategy for creating these portals that could waste resources and present security issues.

5 W’s of ITAR and EAR Compliance in SharePoint

decorative image of the word securityIf you are using SharePoint and need to comply with or learn more about ITAR and EAR, read our five W’s to help you ensure compliance with these strict regulations.

What

ITAR, or the International Traffic in Arms Regulations, are issued by the United States government to control the export and import of defense-related articles and services on the United States Munitions List (USML). In short, the U.S. Government requires all manufacturers, exporters, and brokers of defense articles, defense services or related technical data to be ITAR compliant. TAA documents (Technical Assistance Agreements) are ITAR contracts between parties, these documents are required to be restricted from transfer or access by authorized persons only.

How to Control Non-Employee Access to SharePoint

Decorative image of peopleChanges to SharePoint 2013 licensing have made it affordable for companies to build non-employee access portals in SharePoint. The expectation was that companies would rapidly deploy non-employee portals to collaborate with clients and suppliers. The reality is that very few SharePoint customers have deployed these portals.

HiSoftware and the BASH Exploits

Decorative ImageBourne again! It seems scarcely a week goes by that we don’t see another data breach or exploit running wild. Following on the Heartbleed code defect earlier this year, this week has seen the rise of a new round of exploits. The defect covers the BASH command line utilities used on Unix-derived operating systems, such as Linux and Mac OS X. Windows systems are immune to this flaw.

We are pleased to report that all of HiSoftware’s solutions are Windows-based, and thus have no known exposure to this defect. Similarly, there are no known exposures in any of the Cryptzone portfolio of products (see Cryptzone’s statement).

As always, failures of any peripheral controls could lead to indirect exposure for other systems. We encourage all customers to be careful about any potential use of Linux or Macintosh systems until the defects are patched. We will continue to monitor the situation and share relevant information as it becomes available.

Incidents such as this highlight the importance of proper security, audit, compliance and governance solutions.  If you have any additional questions or concerns, please contact us at info@hisoftware.com.

Almost Half of Organizations Have Suffered a Data Breach

Breach Infographic tearoffPonemon Institute and Experian Data Breach Resolution released findings yesterday from the second annual study “Is Your Company Ready for a Data Breach” that showed almost half of organizations surveyed have suffered at least one security incident involving the loss or theft of more than a 1,000 records, up 10% from 2013. As a result, an increasing number of organizations are putting data breach response plans in place up 12% from 2013 and 48% of organizations increased investments in security technologies in the past 12 months.

Message In a Bottle – Identity and Access Management in the SharePoint World

Decorative image of ship in bottle

Source: http://en.wikicollecting.org/antique-ships-in-bottles

For a long time, identity and access management (IAM) has been something outside the world of most implementations. Who you are, and what you can do, have stayed almost entirely within the walled garden of SharePoint farms.

Over the past few years, however, SharePoint’s been spilling out of its bottle – into the cloud and into engagement with users and systems outside the realm of on-premises data centers, networks, and Active Directory. IAM is no longer something done for “other” enterprise systems, but important to consider as new usage comes into SharePoint, and as SharePoint apps and content are extended outside the traditional farm.

Data Breaches: Is Confidential Data Lurking on Your Website?

Decorative image of the word privacyIf the most powerful part of your business is your customers and therefore the data you have on them, how are you protecting it? Most companies can tell you what measures they have in place to protect data in their networks and applications, but what about websites?

Customer data is your ‘secret sauce’ as Dave Lewis, Forbes contributor puts it. In a recent Forbes article, Dave does a bit of an experiment using a search engine to find information he shouldn’t be able to find. He was on the lookout for SQL (structured query language) databases. So just how many websites did Dave find with exposed databases dated 2014?

Powered by WordPress