The latest News and Information on Data Security including privacy, protection, and encryption.
Title II of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) has two key provisions: the Privacy Rule and the HIPAA Security Rule. The Privacy Rule establishes standards for protecting certain health information, or PHI. The Privacy Rule requires those organizations that are governed by HIPAA (covered entities) to implement safeguards to protect the privacy of PHI, and gives individuals the right to access and share their health records.
Today’s threat actors often carry out cyber attacks with the primary objective of accessing and exfiltrating sensitive information from your IT environment. Efforts to obtain this “crown jewel” information usually involve complex multi-phase cyber attacks. But another way in which sensitive data ends up in the hands of malicious actors with a lot less effort is when an organization exposes sensitive data assets in a data leak incident.
Another day, another data breach has become a common refrain, in a world saturated with data breaches and other types of data exposures. But over the past few years, a subtle change in the nature of breaches has taken place. We documented some of this change in our analysis of the 100 largest breaches in the 21st century, highlighting that breaches were getting larger and more likely the result of misconfigurations.
We are excited to share that NC Protect for Microsoft 365 is now available in both Microsoft Azure Marketplace and Azure Government Marketplace! archTIS customers can now take advantage of the productive and trusted Azure cloud platform, with streamlined procurement, deployment and management of NC Protect for M365 from the Marketplaces.
Today, for enterprises and even SMB companies, IT is a sprawling but interconnected universe of applications, devices, and services all running in tandem to maintain the lifeblood of these organizations—data. Navigating the complexities of this arrangement is not just a challenge for security teams (something which Nightfall customers have attested to, before adopting our platform), it’s a genuine challenge for anyone who must manage and use information.
Missed last week’s archTIS Defense & DIB Cybersecurity Summit with leading industry and defense experts? Watch the recording for their insights on the zero trust, CMMC 2 and the new threats the industry is facing and how to best combat them.
Broadly speaking, an information security program is a set of activities and initiatives that support a company’s information technology while protecting the security of business data and enabling the company to accomplish its business objectives. An information security program safeguards the proprietary information of the business and its customers. The Gramm-Leach-Bliley Act (GLBA) has a more specific definition of what a security information program should entail.
In early April, the tech industry witnessed a major GitHub security incident targeting GitHub organizations using Heroku and Travis CI. GitHub was made aware of this threat via an attack leveraging AWS API keys to GitHub’s own npm production infrastructure. As upstream security risks within SaaS platforms become more common, organizations that leverage these platforms are relying on tools like Nightfall to protect themselves.
