Data security Archives - Fasoo Fasoo
  • Thank you for subscribing.

    Something went wrong.


  • Topics


    Recent Articles

    Data security

    Is Encryption Really That Hard?

    Is Encryption Really That Hard?The problem today is sensitive information is leaking from organizations like a dripping faucet.  The recent Equifax data breach is just the latest example of a constant barrage of leaks in the news.  All the experts say the best way to stop data leaks is by encrypting sensitive data.

    So why isn’t everyone doing it?   What’s the problem?  New regulations are now in place that mandate encrypting sensitive data, NYDFS part 500 and GDPR being two of the most visible.

    It’s not like using an Enigma machine to manually encrypt a message.  Today’s encryption mechanisms are easy to use and fit into the daily work of employees everywhere.

    Read the rest of this entry »

    Share it now!

    You Need Data-Aware Protection Mechanisms

    You Need Data-Aware Protection MechanismsData breaches pose one of the greatest threats to business and government.  With the recent data breach at Equifax magnifying the problem of data loss in businesses and the public sector, it’s time for organizations to think hard about using data-aware protection to safeguard sensitive information.

    The ever-changing cybersecurity landscape requires organizations to evolve beyond merely protecting the network perimeter and end-points to implementing protections on the data.  When data breaches are successful, the costs can be staggering.  How much will it cost Equifax to offer credit monitoring to millions of people?  What makes these data breaches so disheartening is that many could be avoided or mitigated by modernizing legacy IT systems and protecting information at the data or document level.

    Read the rest of this entry »

    Share it now!

    Can Updated FFIEC Cyber Assessment Tool Help With Other Regulations?

    Use the FFIEC Cyber Assessment Tool to help comply with NYDFS 23 NYCRR Part 500The Federal Financial Institutions Examination Council (FFIEC) released an update to its Cybersecurity Assessment Tool to help financial institutions establish a better baseline to identify their risks and determine their cybersecurity preparedness. The original intent of the Assessment was to provide a repeatable and measurable process for financial institutions to measure their cybersecurity preparedness over time.

    The updates are a response to criticism since its release in June 2015 for its vagueness and diversion from other well-established cybersecurity assessment frameworks, such as the NIST Cybersecurity Framework.  While there are similarities between these tools, the FFIEC is trying to provide guidance to its constituency where the NIST framework is general for all organizations.

    Read the rest of this entry »

    Share it now!

    Practical Advice At Buffalo NYDFS 23 NYCRR 500 Pathways to Compliance Event

    Practical Advice At Buffalo NYDFS 23 NYCRR 500 Pathways to Compliance EventFollowing our successful event in Rochester, the second of the NYDFS 23 NYCRR 500 roadshow events at Phillips Lytle LLP in Buffalo, NY on May 17, 2017 brought together executives, insurance, legal, and security professionals in a great forum to discuss challenges for financial services organizations to meet the new cybersecurity regulations that went into effect on March 1, 2017.  A full house heard some practical advice designed to assist entities regulated by the New York Division of Financial Services (NYDFS) comply with the new regulations.

    Jennifer Beckage of Phillips Lytle LLP started with her “Survival Guide to Navigating the NYDFS Cybersecurity Regulation”.  Jennifer talked about the challenges covered entities face not only developing their own cybersecurity programs, but how those spill over to their service providers.  Developing, implementing and monitoring vendor management programs will affect contracts, day-to-day operations and the technology used to secure and control information shared.
    Read the rest of this entry »

    Share it now!

    Fasoo Hits Nerve with Message of Security, Governance and Productivity at RSA 2017

    Fasoo Hits Nerve with Message of Security, Governance and Productivity at RSA 2017After two days at the 2017 RSA Conference in San Francisco, it looks like Fasoo’s message of Security, Governance and Productivity is hitting a nerve with security professionals, analysts, executives and other attendees.  As the regulatory and business climate change to overcome constant threats to businesses and the data they use to drive profitability, companies are looking for a more comprehensive and practical approach to providing secure ways to conduct business.

    An interesting theme at this year’s show is Business Driven Security.  I think the convergence of business and security is finally coming to a head as boards and executives realize they must think of security solutions as a business driver that helps mitigate business risk so they can propel their businesses forward.

    One main focus this year is helping financial organizations comply with the New York State Department of Financial Services (NYS DFS) cybersecurity regulations.  Fasoo employees spoke to numerous banks and mortgage companies at the booth that are affected by this new regulation to encrypt nonpublic data and provide clear access control and audit trails.  The Fasoo Data Security Framework can help protect sensitive data from getting into the wrong hands and help meet this comprehensive regulation.

    Read the rest of this entry »

    Share it now!

    7315 Wisconsin Avenue, Suite 420

    Bethesda, MD 20814

    Phone: (732) 955-2333 | inquiry@fasoo.com

    © 2017 Fasoo, Inc. All rights reserved.