The SIEM-ple way to spot a data breach as it’s happening

logLast July, the Office of Personnel Management announced it had discovered a huge data breach: The background check records of current, former, and prospective federal employees and contractors were stolen, including 21.5 million Social Security numbers. Like many security breaches, this one could have been averted with the right tools in place.

In its 2012 Data Breach Investigations Report, Verizon found that 84 percent of organizations that suffered a security breach the previous year had evidence of that breach in their logs. Every action your employees — or nefarious outsiders — take generates a kernel of information, which can become evidence of unusual behavior, or a trail of crumbs to follow after an attack to see how it was carried out.

But with so many logs and so much information to sift through, most organizations don’t tap the information these logs contain. Continue Reading…

Tags: , , ,

How one health care provider learned that compliance does not equal security

Health care compliance and securityWhich causes business leaders to buy into an IT security assessment quicker: ransomware or a data breach?

Both.

Unfortunately, that’s just the situation a regional health care provider network faced a few years ago. Although the IT staff knew a review of the security of the network and file server was overdue, the C-suite remained focused on existing HIPAA compliance guidelines.

That’s when a ransomware attack hit, resulting in a data breach. A user simply clicked on a popup, ransomware was then installed on the machine, and health care records stored on the user’s hard drive were compromised.

After the breach was fixed and the damage assessed, management realized many questions needed answering: Why did this attack happen? What should be IT’s first step in protecting data? What data should be secured? How could the organization balance compliance and security to stop attacks in the future? Continue Reading…

Tags: , , ,

How to keep your company data safe on public Wi-Fi

Wi-Fi securityCoffee shop Wi-Fi is evil. So is every other public Wi-Fi.

That’s because open Wi-Fi has no security. Full stop, period.

We’ve all heard that we should be careful about what we do on public Wi-Fi because there could be someone reading our emails or eyeing up our bank accounts in our neighborhood coffee shop or on an airplane. Some privacy advocates warn against signing into New York City’s public Wi-Fi, too.

Protecting yourself is easy: Don’t use public Wi-Fi. But in the age of mobility and the “always online” mentality, that can seem unrealistic for some. What can your employees do to protect your organization’s data (and their own private data as well) when they’re traveling or out of the office?

Here are five reminders and best practices for working on public Wi-Fi. Continue Reading…

Tags: , ,

Is your data safe with your employees? Maybe not.

lock down dataThough your company’s sensitive data is closely guarded, locked away behind firewalls and password-protected portals, there’s another threat that should keep you up at night. That gnawing feeling is one shared by 39 percent of IT professionals worldwide: They’re more concerned with their own employees leaking data than any hacker. Continue Reading…

Tags: , , ,

A retail revolution: How EMV compliance is just part of the new retail

credit cardGoodbye, strips, and hello, chips. The shift of Europay, MasterCard, and Visa (EMV) liability occurs on Oct. 1, 2015, and could leave retailers on the hook for fraudulent credit card transactions.

If you haven’t heard about this liability changeover, you’re certainly not alone; a Wells Fargo/Gallup Small Business Index survey found that 49 percent of small business owners who accept POS credit card payments weren’t aware of the changing liability on Oct. 1.

What does it mean for your business and what can you do now?

The EMV liability change is just one step in a larger digital shift for retailers. Here’s how to plan for the EMV liability change and what to keep in mind about the broader actions needed to stay not just compliant, but competitive. Continue Reading…

Tags: , , ,

4 overlooked essentials police departments should consider in their body camera initiative

policeCops and citizens agree: Body cameras for law enforcement agents have many benefits. These smartphone-size cameras help police departments assemble concrete evidence and accurately conduct investigations. But they also improve the visibility of crime prevention, can build and further public trust, and prevent frivolous complaints from becoming serious headaches.

But body cameras are a significant investment. Detroit will spend nearly $3 million on the cameras and storage, and Jersey City is hoping to secure grant money to offset some of the $1.2 million that a slew of cameras will cost. Such a large IT purchase must be made strategically with a full view of all the technology needed for a successful body camera program. But often, the behind-the-scenes equipment needed to roll out this technology goes overlooked. Continue Reading…

Tags: , ,

Why you don’t have to choose between productivity and security with DLP

Flash-driveYou sit down, ready to save a file to a USB drive so you can finish up a project over the weekend. You’ve experienced the dreaded security lock that prevented access to a web page, but now you get a similar message for your download – access denied. The immediate reaction morphs from “Who do I need to authorize this?” to “Get out of my way, I don’t have time for this.” Then comes either a heated phone call to IT, a nasty email, or a face-to-face expression of displeasure at the person who locked you out the file. It’s a waste of time — the indignity of it all.

This scenario plays out at many companies after they deploy Data Loss Prevention (DLP) solutions with file-blocking capabilities. Hard-working employees may attempt to bring work home over a weekend to plan for an upcoming meeting or catch up on important work, but DLP systems stop sensitive data from leaving the server. These roadblocks trade employee productivity for data security — something no company should have to choose.

Most well-meaning employees don’t think twice about copying or sending company files to external media or personal email accounts, but it presents a risk for the company, either as leaked data or noncompliance with certain laws and regulations. DLP solutions halt this movement no matter what employees attempt. Continue Reading…

Tags: , ,

How to lock down your data with data loss prevention systems

Data Loss PreventionMost of the highly publicized data breaches involve credit card or bank account numbers, but other sensitive data is also at risk, including Social Security numbers, medical records, personal information like your mother’s maiden name, and more. Sensitive data can also be trade secrets or any other type of intellectual property that, if stolen, could damage a company’s ability to compete in the marketplace.

Enterprise companies are responding to this threat by choosing specialized data loss prevention (DLP) solutions that use policy rules to detect, classify, manage, and protect confidential and critical information. Complete DLP solutions integrate deeply into an organization’s network, file storage, SharePoint, databases, and endpoint PCs, and they offer incredibly detailed reporting and tight security controls, but only when implemented and configured correctly.

Interestingly enough, the biggest challenges to most DLP deployments involve integrating business processes, not technology. To understand the underlying problems organizations often face with DLP implementations, we must examine the three questions every DLP solution must answer. Continue Reading…

Tags: , ,

Tackling security vulnerabilities in health care

health care data securityNetwork security is critical for any organization, but in the health care space, with the personal and medical details of millions of individuals in the balance, the stakes are even higher. Out-of-date software, unimplemented patches, or even outdated passwords could be the vulnerability that exposes the sensitive information of an innocent and unsuspecting patient base. Two recent security breaches suffered by prominent U.S. health insurers highlight these vulnerabilities.

In February, Anthem Inc., the second-largest health insurer in the U.S, revealed that a previously-disclosed hacker attack compromised the health care records of as many as 80 million individuals. A few weeks later, Premera Blue Cross reported that the personal, bank, and health data of an estimated 11 million individuals was exposed when hackers penetrated its system in a similar assault.

These two high-profile security breaches have intensified the spotlight on data security, and raised several important questions for health care organizations (what HIPAA calls “connected entities”) and groups that provide supporting services to health care entities (called “business associates”). These groups should be asking the following questions: Continue Reading…

Tags: , , , , , , ,