Posts Tagged ‘security’

Recent HIPAA Settlements Highlight the Importance of Business Associate Agreements

Recent HIPAA Settlements Highlight the Importance of Business Associate Agreements

The Office of Civil Rights (OCR), the agency within the United States Department of Health and Human Services that enforces the HIPAA Privacy and Security Rules, recently sent a clear message about the importance of business associate agreements.


Is CaaS the Solution for Privacy and Security in the SaaS World?

Is CaaS the Solution for Privacy and Security in the SaaS World?

A new application of the technology software “containers” offers a potential approach that may reduce many of the risks in current SaaS offerings, while allowing for more security and control.


Big Law Firms See Strongest Revenue Gains Since ’08, Survey Finds

Big Law Firms See Strongest Revenue Gains Since ’08, Survey Finds

The supply of legal service providers has increased, creating a hypercompetitive market and forcing law firms to think about how they deliver legal services.


FTC: Data Security Primer for Small Businesses and Start-ups

FTC: Data Security Primer for Small Businesses and Start-ups

In Start with Security, the FTC reiterates its long-standing view that data security should be a top priority for any organization, even those in start-up mode.


Privacy Shield Update: A Recap of Recent Developments

Privacy Shield Update: A Recap of Recent Developments

Although the Privacy Shield remains in limbo at this time, a flurry of speculation and Shield-adjacent legal maneuvers have colored the landscape and heightened concerns about its long-term viability.


The Encryption Challenge

The Encryption Challenge

According to a recent 451 Research survey of senior security executives, government agencies seem to be fighting the previous war. Instead of protecting data from hackers who’ve already gotten in, they’re still focusing on keeping the bad guys out of their systems.


When “Protect and Defend” Becomes “Preserve and Collect”

When "Protect and Defend" Becomes "Preserve and Collect"

What it boils down to is simply this: the price is only one piece of the puzzle. Depending on your company’s size, needs, and storage requirements, as well as risk tolerance, resources, and expertise, different solutions may seem optimal.


The Scariest Hack So Far

The Scariest Hack So Far

Ransomware, extortion and data sabotage may lead to ongoing issues for data controllers. Each of these types of cyberattacks is evolving in ways that are truly devious.


In God We Trust. All Others Use Blockchain

In God We Trust. All Others Use Blockchain

The blockchain provides a way to track and verify transactions without requiring a central tracking authority. Right now it is used mainly by Bitcoin (or similar crypto-currencies), but it could find applications in other domains.


Cybersecurity: Big Problem for Small Firms?

Cybersecurity: Big Problem for Small Firms?

Cybersecurity should be a major priority for all firms in 2016. The problem is, not everyone is playing with big law resources.


Ignoring Orphaned Data is a Risky Business

Ignoring Orphaned Data is a Risky Business

One of the most pressing problems facing information management professionals at organizations is orphaned data — data that has no owner.


How to Design a Document Retention Policy

How to Design a Document Retention Policy

Data minimization can be a powerful – and seemingly simple – data security measure. The term refers to retaining the least amount of personal information necessary in order for an organization to function. Less information means that there is less that the organization needs to protect, and less opportunity for information to be lost or stolen.


Nearly Two-Thirds of Confirmed Data Breaches Were Related to Password Issues

Nearly Two-Thirds of Confirmed Data Breaches Were Related to Password Issues

Verizon’s 2016 Data Breach Investigations Report doesn’t waste any time providing useful statistics regarding the state of data breaches – they state right on the cover of the report that “89% of breaches had a financial or espionage motive.”


Survey of IT Pros Highlights Lack of Understanding of SaaS Data Loss Risks

Survey of IT Pros Highlights Lack of Understanding of SaaS Data Loss Risks

It turns out that IT pros across the pond have the same concerns as here in the U.S., as the survey found that security is the top concern when moving critical applications to cloud. Specifically, 44 percent of U.S. and U.K. IT pros cited external hacking/data breaches as their top concerns, ahead of insider attacks and user error.


Need to Decrypt an iPhone? There’s an “Act” for That

Need to Decrypt an iPhone? There’s an “Act” for That

A pair of recent cases pitted the U.S. Department of Justice (DOJ) against Apple, Inc. (Apple) in a Herculean struggle between asserted interests in national security and privacy.


A Look at Security with SaaS Providers

A Look at Security with SaaS Providers

Private cloud offerings including SaaS are growing in our industry largely due to the expense in maintaining hardware and security protocols for client data that law firms have traditionally managed.


Cybersecurity Compliance Just Got Tougher

Cybersecurity Compliance Just Got Tougher

While cybersecurity risks have increased, government regulation has traditionally lagged behind. Recently, some government entities have tried to catch up by mandating that companies take a proactive approach toward protecting personal and competitively sensitive data. The move is a departure from the traditional reactive response of simply notifying consumers after their personal data is breached.


The 7 Cybersecurity Habits of Secure Law Firms

The 7 Cybersecurity Habits of Secure Law Firms

As the volume and complexity of client data proliferates, protecting client confidentiality only becomes harder. Unfortunately, law firms are often soft targets for hackers because they do not invest heavily in information technology infrastructure and security.


Cyberattacks: Why Law Firms Are Under Fire

Cyberattacks: Why Law Firms Are Under Fire

As demonstrated by the so-called “Panama Papers” leak of 11.5 million records from the Panama-based law firm Mossack Fonseca, there’s no doubt that law firms are being targeted by attackers seeking to access, steal and potentially leak their clients’ secrets.


Data Breaches, Security Fears Drive Information Management Policies

Data Breaches, Security Fears Drive Information Management Policies

Concerns over compliance and fears of data breaches are key drivers for information management initiatives in the enterprise.


Perspective: 15 Security Lessons From the Panama Papers

Perspective: 15 Security Lessons From the Panama Papers

For the eDiscovery community, this is a fascinating scandal because at its root are all the issues we face every day — data privacy, data security, large amounts of structured and unstructured data, finding out as quickly as possible what you have and building a strategy with ongoing information revelations.


The Quick and Dirty Low Down on Cyber Liability Insurance

The Quick and Dirty Low Down on Cyber Liability Insurance

Cyber liability insurance has actually been around since the turn of the century (back then it was called Errors and Omissions Insurance). In the early 2000’s, this kind of insurance was only purchased by big technology companies. It’s only now that other, smaller companies are stepping up to manage the risks associated with data breaches.


The Safe Harbor is Dead. Long Live the Privacy Shield.

The Safe Harbor is Dead. Long Live the Privacy Shield.

The new Privacy Shield creates multiple enforcement mechanisms for the EU Data Protection Authorities (DPA’s) and multiple civil and administrative paths for remedies for the EU citizen. Consent requirements are expected to be higher, and there is an expectation that data will be secured.


Thirteen Companies That Use Deep Learning To Produce Actionable Results

Thirteen Companies That Use Deep Learning To Produce Actionable Results

Our means for gathering data have largely outstripped our tools for analyzing that data. The result is a mountain of unstructured and largely inaccessible information gathered from social media, app permissions, website cookies and hardware and software service agreements.