Are Your Employees Following Security Policies?

22 06 2010

In the Ponemon Institute’s study, “Trends in Insider Compliance with Data Security Policies,” a majority of respondents admit to serious non-compliant workplace behaviors that place their companies at risk. Such behaviors include the insecure use of USB memory sticks, Web-based email, social media, mobile devices and more. What’s more, the problem seems to be getting worse. The report sites lost or missing USB memory sticks and other portable data-bearing devices that often not reported to the company or are reported when it is too late.

Two key findings?

  • Employee attitudes about their employees affect the level of compliant vs. non-compliant behavior.
  • Employees do not believe their organizations provide ample training or adequate policies to inform them about data protection and security practices.

So, how does your company stack up against the percentages? 61 percent of end users transfer confidential data onto a USB stick and 71 percent says that others do it. What if there was a way to easily transfer sensitive, proprietary and confidential company and client information without using the number 1 cause of lost data? A secure, ad hoc Managed File Transfer solution can let your employees send up to 2GB of confidential information of files without even leaving their email client. No training, no ramp-up time and the ability to track messages and files. Sound too good to be true? Learn more.

Advertisements




Managed File Transfer: Preventing Healthcare Identity Theft

17 06 2010

In a recent report by the Smart Card Alliance entitled, “Medical Identity Theft in Healthcare,” the study sites that, “Further evidence of the significance of the medical fraud problem is the allocation of $1.7 billion for fraud detection in the 2011 U.S. Health and Human Services budget.” In 2009 alone, 68 reported healthcare data breaches in the U.S. put over 11.3 million patient records at risk according to the Identity Theft and Resource Center (ITRC).

Paper records are no longer acceptable for your organization.

The American Recovery and Reinvestment Act (ARRA) and the associated provisions under the Health Information Technology  for Economic and Clinical Health (HITECH),  have highlighted the need to address security and privacy across our healthcare system.

The report goes on to state that “the way to stop medical identity theft confusion is to improve patient identification and provide enhanced data production through strong authentication and encryption.” How can a healthcare organization achieve this? B2B Managed File Transfer. Protection of patient information does not happen just inside the four walls of your organization. Think of the providers, health record banks, health insurance and hospital Web portals.

The key is two-factor authentication and data encryption. Are you employing these security methodologies at your organization?





Securing Your Customers’ Data

15 06 2010

Can you guarantee the security of customer and company information with today’s available communication tools?

As a business professional, there are a number of tools from which to choose for communication and collaboration. It would be impossible to conduct business everyday without email. Additionally, you use solutions such as FTP to send large files to colleagues, business partners and clients. In a hurry, you may use expensive, expedited shipping services or a courier for your confidential and proprietary documents.

While there are many forms of communication, do you have 100 percent confidence that the content of the message or file being exchanged is secure? While these services, “get the job done” in most cases, they ineffective, costly and provide no guarantee that your documents will arrive securely or on time. So how can you transfer messages and files securely, instantly and a reasonable price?

A secure business communications solution can be used to exchange information or files quickly and securely inside and outside of your organization. As easy-to-use as email, a secure business communications solution, enables you to send important, confidential or proprietary information instantly. Just type a message or attach a file and click to send.

Learn more.





Protecting Your Data and Your Partnerships

24 05 2010

In an Information Week Analytics report, “Inside Out: Protecting Your Partnerships and Your Data,” Curtis Franklin, Jr. of Dark Reading writes, “Partners are a critical element (to enterprise security) – in fact, their importance is matched only by the potential threat they pose to the security of corporate data and the network infrastructure. For IT professionals, the vital question is how to balance trust versus risk in enabling communication between the organization and partners.”

Secure all points of contact with partners.

The report adds, “there have been instances in which partner connections were used to steal data or sabotage computer systems. These breaches show us that enterprises must stay vigilant about security, even in dealing with their closest and most trusted suppliers.” Other findings? “The difference between employee and partner risk varies by industry – in food service, partners accounted for as many as 70 percent of breaches; in the technology arena, partners accounted for only 18 percent.”

Organizations must be wary of:

  • the introduction of malware
  • confidential software theft
  • the data at risk – proprietary, intellectual property to private customer information

While concrete corporate security policies, firewalls and other security measures, help alleviate the threat, how do you ensure B2B partner and trading partner security is achieved while still optimizing those partnerships, making it easier for your partners to do business with you?

B2B Managed File Transfer – From secure ad-hoc file transfer to EDI to enterprise-wide Managed File Transfer a complete B2B communications solution can prevent these breaches from happening to you. Because whether the breach is accidental or intentional, the damage has still been done.





P2P Networks Vs. Managed File Transfer

18 05 2010

In a recent ComputerWorld’s, “P2P networks a treasure trove of leaked health care data, study finds,” the article states, “that nearly eight months after new rules were enacted requiring stronger protection of healthcare information, organizations are still leaking such data on file-sharing networks. In a research paper to be presented today at the IEEE Security Symposium, the findings include thousands of documents containing sensitive patient information on popular P2P networks such as Limewire, eDonkey and BearShare.  Further research by Eric Johnson, a Dartmouth college professor, finds that “one of more than 3,000 files discovered by researchers was a spreadsheet containing insurance details, personally identifying information, physician names and diagnosis codes on more than 28,000 individuals.” At a time when a person’s private healthcare information (PHI) is coming under closer scrutiny due to the Health Information for Economic and Clinical Health (HITECH) Act, it seems surprising that these P2P networks are still in use.

The problem with P2P software is that it is usually improperly installed on a computer that contains sensitive data.  While the use of the P2P software might be as benign as sharing music and video files, if installed improperly, the P2P software makes all data on the computer visible. Healthcare is not the only industry that has been burned by this issue – businesses and government alike face the same problem. So how do you securely share movies, music, photos and other files without jeopardizing the security of sensitive information? Ad-hoc Managed File Transfer. Similar to P2P networks ad-hoc managed file transfer solution enables you to send large files up to 2GB without disrupting sensitive data that may be on your machine.

Moreover, due to the secure nature of Managed File Transfer, you can send proprietary, confidential or sensitive information and not just large files. The ability to send messages and files securely with the ability to track when the recipient has received the message or file, gives the end user more control over how they send information and gives businesses, healthcare organizations and the government a secure person-to-person file sharing tool that prevents the leak of private information.





Is Data Security a Priority for Hotels?

17 05 2010

In a recent Hotel News Now article Hotel data breaches the result of basic failures within the industry,” the editor discusses the many headlines that have recently focused on the hospitality industry. Whether, it’s Wyndham Hotels & Resorts, Radison Hotel & Resorts or the Westin Bonaventure Hotel & Suites in Los Angeles, hotels have been hit hard by data breaches. The article goes on to state that the hotel industry is lacking in very basic security measures that could have otherwise prevented these occurrences, including password resets and remote access. The first article in a five-part series, the editor points to a study conducted by The Center for Hospitality Research in association with the Cornell Hospitality Report dated September 2008. The report, “Hotel Network Security: A Study of Computer Networks in U.S. Hotels,” states, “many hotels have flaws in their network topology that allow for exploitation by malicious users, thereby resulting in the loss of privacy for guests.”

The results of the survey found that about one out of five hotels still uses an antiquated hub-based network, an arrangement that is inherently flawed in terms of security. Also, hotels are providing unsecured wi-fi connections that are not encrypted and are subject to hacking. In fact, just six of the 39 wireless properties were using encryption. So, how can hotels secure their customers’ private information and communications? While the article suggests a series of steps (all good measures), additional security measures should be taken. Between hotel suppliers, customers and employees, secure communication should be established both internally within the hotel and external to other business partners. A complete solution from encrypted ad hoc information and file transfer to an enterprise-wide solution that goes beyond the four walls of the hotel is necessary to provide the most secure infrastructure possible.

Have you experienced a security breach while staying at a hotel?





What Would a $140 Million Loss Mean for Your Business?

14 05 2010

A recent Computerworld article, “Heartland breach expenses begged at $140M — so far,” discusses the devastating effects of the Heartland Payments Systems Inc. data breach, costing the company $139.4 to date. In Heartland’s case, credit card data was compromised from the company’s network last year. The 139.4m includes settlement money from class action law suits, data breach fines and ongoing litigation fees. Moreover, no price can be placed on the damage done to its reputation. Consider it a precautionary tale.

How can you prevent this from happening to your organization?

Security measures such as firewalls are not enough to prevent a data breach and while FTP might be a “free” file transfer solution, it’s not secure. The key to ensure a data breach doesn’t happen to your business is B2B Managed File Transfer and Communications.

  • Ensure security throughout the entire file transfer process
  • Verify that only authorized customers and partners can send data into your network
  • Protect your mission-critical data in and out of the DMZ
  • Verify authorization before data is passed through your internal firewall
  • Secure ad hoc communications including large files and attachments

How protected is your network?