Tag: data security

The European Commission has announced the new EU-US Privacy Shield law, which replaces Safe Harbor effective immediately. The new ruling addresses European concerns about US access to the data of Europeans and gives Europeans more options to file concerns regarding the use of their data. U.S. companies may certify compliance beginning Aug. 1. Tech companies praised the new agreement, saying it restores trust that’s needed after the Edward Snowden leaks of 2013. “Our members are ready to implement the new …

Ransomware has been rising at an “alarming rate,” according to security researchers, with a 3,500 percent increase in criminal use of net infrastructure that helps run ransomware campaigns. According to Microsoft, the U.S. has the highest number of ransomware attacks, with more than 300 thousand. It can affect anyone with a computer or mobile device, and there are already plenty of examples of large businesses being victimized and shelling out large amounts of money to get their data back. How does ransomware …

Mark Stanislav’s title is “Security Evangelist.” Online Tech has previously provided him a virtual pulpit from which to preach and his barnstorming tour continued last week in Las Vegas, where he spoke at the recently concluded DEF CON 22 Hacker Conference. Stanislav and Duo Security colleague Zach Lanier presented “The Internet of Fails: Where IoT Has Gone Wrong and How We’re Making it Right,” described as a dive into research, outcomes and recommendations regarding information security for the “Internet of …

After the recent rash of high-profile data breaches, the Internet is ripe with tips for handling a breach at your organization. The standard experts’ message: Notify consumers immediately and don’t downplay the impact. The Dallas Morning News has a keen interest in data breaches because some of the largest recent reports come from retailers headquartered in its home state of Texas: Nieman-Marcus (Dallas), Sally Beauty Holdings (Denton) and Michaels Stores (Irving). In a Sunday story, reporter Pamela Yip discussed proper …

Mom always said to choose your friends wisely. Maybe she was trying to protect you from a data breach. AT&T learned that lesson the hard way. From a statement released by the company : “We recently learned that three employees of one of our vendors accessed some AT&T customer accounts without proper authorization. This is completely counter to the way we require our vendors to conduct business. We know our customers count on us and those who support our business …

There’s a fundamental change underway in the healthcare system, which is shifting away from a traditional fee-for-service model toward a more accountable, patient-centered model of care. Accountable care organizations (ACO) are popping up across the country with what’s being referred to as a Triple Aim: better care for individuals, better health for populations, and lower per capita costs. In a recent Online Tech Tuesdays at Two webinar session, attorneys Tatiana Melnik and Carrie Nixon extensively defined and discussed the ACO …

In contrast to the unseasonably cold weather Columbus, Ohio, has experienced of late, this week’s InfoSec Summit kicked off in bright purple ‘Aloha’ style with Jim Manico’s recommendations for improving web application security. Only one other attendee could match his shirt color, but none were equal to the energy with which Jim highlighted some serious software security concerns. No, this wasn’t a dig on the software developers who face an incredibly daunting tempest of deadlines, budget constraints and requirements as …

Those of us working in the security and compliance world are very aware of the data privacy rules and enforcement in different regulated industries: Health and Human Services (HHS) and its Office of Civil Rights (OCR) have broad authority over protected health information (PHI) through HIPAA and HITECH acts with significant fines for breaches of PHIO data by the holders of that data. Sarbanes-Oxley (SOX) put teeth into protecting and securing financial data for publicly traded companies and a broad …

The U.S. Department of Homeland Security released a vulnerability note stating Microsoft Internet Explorer “contains a use-after-free vulnerability” that can “allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system.” The security flaw was first detected by FireEye Research Labs. Homeland Security said in an advisory that the zero-day flaw in versions 6 to 11 of IE could lead to “the complete compromise” of an affected system and recommended “employing an alternative Web browser until an official …

HIPAA. PCI. SOX. All very familiar, but rather industry-specific, acronyms in the world of regulating data security. A recent court decision confirmed the authority of another powerful player – the FTC – to be the omnibus data security enforcer of the federal government. In the next installment of Online Tech’s free ‘Tuesdays at 2’ educational webinar series, guest host Tatiana Melnik will explain the Federal Trade Commission v. Wyndham Worldwide Corporation court case, discuss the FTC’s broad discretion to take …

Get started now. Exceptional service awaits.

Live Chat