The risks and costs of poor data security hygiene

The physical risks of data security often get overlooked, but they can still come back to bite you.  The HealthReach Community Health Centers in Maine recently had to notify over 100,000 patients of a breach due to a simple hard drive disposal done wrong.  Combined with this physical vulnerability is that of third-party errors, as… Read More

Is your location safe from cyber threats?

One vulnerable area of concern, amid the expanding Internet of Things (IoT) and its use of smart devices, remains the security of buildings which themselves exploit enough of the IoT to cross the threshold of becoming smart.  According to Industrial Defender, the majority of new buildings with over 100,000 square feet qualify as such, and… Read More

Amazon’s GDPR Penalty

Amazon has had a rough go of it this past week, as punitive measures came down from Luxembourg’s National Commission for Data Protection for an alleged violation of GDPR.  A major case, the fine imposed is around $887 million, setting the high mark of fines so far under the European data security regulation. Amazon is… Read More

Scraping data from LinkedIn and an oil company’s breach

What does or does not constitute a data breach can sometimes be a little ambiguous.  Data scraping qualifies as such to some, as it utilizes applications to gather, or ‘scrape’, publicly available data from websites.  Is this a legitimate activity, or does it allow for more data than is publicly accessible to be taken? No… Read More

The gig economy has put corporate data at risk

Compounding the complexity of remote working, a recent rise in the gig economy is spreading enterprise data security issues even wider, as workers are brought in on a brief timeframe to fill specific roles and tasks.  Unfortunately, this fleeting arrangement further increases the attack surface whereby hackers can breach the network, spreading workers outside the… Read More

New paradigm of gig workers creates new data security risks

By now, we have seen fairly frequently the numerous risks inherent in the new remote work paradigm.  But cousin to this state of affairs is how a new “gig economy” work pattern is also creating risks and forcing companies to reshape data protection strategies.  As an ad-hoc kind of policy, organizations are increasing the threat… Read More

When the Dark Side took down a pipeline with ransomware

Generally when you see “Darkside” trending on social media, it’s about something Star Wars related.  Such was not the case recently, but rather a hacking group based in Russia that took down the Colonial Pipeline, one of the largest pipelines in the US, by compromising its management equipment. By now, the incident seems to have… Read More

Regulatory attention to data security

Effective regulatory attention to data security at the national level continues to elude us after all these years.  For as long as a patchwork of state level and local standards has existed, industry experts have been calling for drastic improvement.  According to Dark Reading, the aftermath of the SolarWinds hack may provide the best opportunity… Read More

Apple AirDrop security and best practices

A recent Apple event showcased the new AirDrop file sharing service, but a notable security flaw is drawing concern.  With only a good Wi-Fi connection and two nearby Apple devices, AirDrop’s functionality can be exploited to allow access to the personal information of potentially 1.5 billion users.  Email addresses and phone numbers at minimum are… Read More

Cybercrime does not discriminate across industries

No matter the industry, whether in finance, a ransomware breach of a Canadian construction company, or farming in Australia, the threats posed by compromised data is the same.  The recommended preventative steps likewise cut across all sectors.  Backing up data, implementing safeguards against phishing attacks and ransomware, and educating employees on best practices remain universally… Read More