Data Protection Category: Best practices, data privacy issues, and data protection management software and tools
In this blog category, you will find information about data protection, data processing, and all the IT perspectives from protecting data online.
This week the US government, as well as many enterprises, were hit by a cyberattack, dubbed Solorigate, via the SUNBURST backdoor. Fireeye (also a victim of the attack) has done a great analysis of how the attack works, and we recommend reading it. But we’ll… Read More »Five Things We Can Learn From Solorigate/SUNBURST, a Sophisticated And Highly Evasive Cyber Attack
There’s an unwritten rule that every machine that becomes visible on the internet is under attack in under 5 seconds. We recently deployed our LogSentinel SIEM honeypot with one of our customers and that rule proved correct – immediately malicious requests from all over the… Read More »LogSentinel Honeypot: Malicious Actors Don’t Wait
Data breaches happen practically every day. Personal, including financial and medical data leak to cyber criminals as well as intelligence agencies. Some notable breaches include the Equifax breach, where dozens of personal data fields were leaked, and the recently announced Marriott breach, where passports, credit… Read More »Preventing Various Types of Data Breaches
Privacy-by-design (PbD) is an engineering and managerial approach taken when creating new technologies and systems. The term speaks for itself – you incorporate privacy measures at the design stage, so no matter the purpose of the system, it will always protect privacy by default. In… Read More »Ebooks: Understanding the Value of Privacy-by-Design
As the IBM 2020 Cost of a Data Breach report outlines, the year has not been a good one for privacy, so far – with $3.86 million global average cost of a data breach, and the healthcare still being the most vulnerable sector. It is… Read More »Privacy by Design in Practice
We have always focused on backend security on this blog. However, attackers sometimes try to steal sensitive information, including credit card numbers. That’s why we piloted LogSentinel SIEM’s Script Monitoring feature which aims to protect websites from front-end attacks, including formjacking/magecart/form scraping as well as… Read More »Report: Compromised WooCommerce Websites
Electronic signatures are legally meaningful ways to store interaction by end-users. That’s an oversimplified explanation and certainly not a definition, but in the context of web and mobile applications, it is that. The European Union defined electronic signatures in a regulation (eIDAS) in order to… Read More »Practical Electronic Signatures For Your Website
Due to the COVID-19 crisis, businesses and governments have developed contact tracing apps to help health authorities overcome the situation. Although the effectiveness of those applications is still unclear, they happen to process large amounts of personal data. Respectively some of them tend to operate… Read More »Centralized vs. Decentralized Approaches to Protecting User Data
Personal health information (PHI) is very sensitive and is therefore subject to many regulations around the world – most notably, GDPR in the EU and HIPAA in the US. We have covered both regulations in depth (GDPR articles, HIPAA articles), but the specifics of each… Read More »How to Store Personal Health Information Securely
The US presidential election is in a few months and although the coronavirus is currently occupying everyone’s attention, it will soon be shifting to the election. And among the chief concerns is election security and integrity. We have previously covered the importance of audit trail for election… Read More »Technical Guide to Protecting Voter Registration Databases
In light of the COVID-19 pandemic, governments and corporations leverage contact tracing mobile applications to help health authorities overcome the crisis. Those apps process vast amounts of sensitive personal data and sometimes operate in the gray area of data protection regulations. As we believe in privacy… Read More »Webinar: Privacy in Time of Pandemic
The most interesting type of data for cybercriminals is undoubtedly credit card data. For precisely that reason, a dedicated standard exists – PCI-DSS – created and observed by the payment card industry. The PCI DSS standard is pretty thorough and aims at increasing the security… Read More »Why Are Credit Card Numbers Leaking?
The FinTech industry is rapidly growing and although it has seen a decrease in the number of deals in recent months, it still maintains a good growth pace. It has proven to be a field that raises successful startup companies as 48 FinTech unicorns are… Read More »Lessons Learned from the Biggest FinTech Breaches
Documents are at the center of many organizational processes. They make processes traceable and people accountable. However, documents are by default not protected from manipulation – anyone with access to a document can modify it and it will be hard to reconstruct the original document.… Read More »Protecting Documents Against Fraud and Manipulation With Blockchain
Digital transformation led to many changes on a large scale. Innovative companies became the new market leaders in less than a decade. In fact, the understanding of digitalization changed in less than a decade. Everything became easier, more accessible and less time consuming to cope… Read More »Digital Transformation and Government Data Breaches
Digital transformation is the process of turning paper-based processes into digital ones or even completely eliminating unnecessary steps via automation. Digital transformation is innovation, but not in the “flying cars”, “trips to Mars”, “brain-computer-interface” type of innovation. It’s a mundane, often boring organizational innovation that… Read More »Digital Transformation Happens Too Fast to Be Secure
Identity and Access Management (IAM) is core to many enterprise architectures. Centralizing the authentication is mandatory once you have more than a few systems, and IAM providers fill that requirement nicely. On first thought it might seem blockchain has nothing to do with IAM. But… Read More »Blockchain Use-Cases for IAM
A Cyber Protection Developers Conference organized by Acronis was held yesterday at the Sofia University (Bulgaria). Driven by the rising need of increasing cybersecurity and data protection measures, Acronis dedicated the conference to resolving issues such as improving the overall security of products and unlocking… Read More »Best Practices of Developing Secure Software (Acronis Cyber Protection Conference)
Data integrity, or the certainty that data has not been modified, is important in many cases – from communication protocols, through low-level data storage systems, to business-critical databases. Due to our reliance on the data we have, we need to guarantee it hasn’t been tampered… Read More »3 Reasons Not To Ignore Data Integrity
With the explosive growth of data businesses now can have a look at the very minutae of their processes. This includes details on which user took what action in which system, ranging from mission critical payments and asset transactions to the ultimately mundane users’ login… Read More »Fraud Detection: Approaches and Pitfalls