Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

June 2021

The Basics of PCI Compliance: Merchant Levels and Requirements

PCI compliance isn’t just good for customers; it’s also good for business. Merchants that fall short of PCI compliance standards not only put their customer data at risk, they also may face hefty fines. The PCI Compliance Guide reports that fines and penalties can range from $5,000 to $100,000 per month for the merchant.

Is Dropbox HIPAA Complinant?

Dropbox is known for being a convenient file sharing and storage tool. For over a decade, Dropbox has allowed teams to collaborate cross- functionally by providing a single source of truth. With files being managed and synced to a central location, teams can work together without issues of version control. Even in a post- Google Drive and OneDrive era, Dropbox remains important, as not everyone uses the same productivity suites.

Is Google Drive HIPAA Compliant?

Google Drive is one of the oldest and most well known cloud storage and productivity suites. Although Google Drive launched in 2012, Google’s productivity platform dates back to 2006, when Google Docs and Google Sheets first launched. Over the years, Google would more closely integrate these services before moving them under the Google Drive and Google Suite brand. Today, Google Drive and Google’s entire suite of collaborative tools are referred to as Google Workspace.

PII Compliance Checklist & Best Practices

Research from Gartner suggests that, by 2023, more than 60% of the world’s population will be covered by some form of personal data protection legislation. From GDPR to CalPRA, privacy regulations are on the rise. These compliance regimes aim to protect a user’s rights to their data — which, in practice, means that businesses need to implement more effective approaches to security.

Open source data loss prevention for helpdesk ticketing systems

When your customers want help, ticketing systems provide the first line of communication between your company and your customers. Solving a problem or resolving an issue for your customers often requires collecting a lot of information and context throughout the support interaction. Especially today, these interactions can be captured through a myriad of channels including but not limited to messaging apps, SMS, social media, help centers, forums, bots, video conferencing, and more.

PHI Compliance: What It Is and How To Achieve It

For organizations that work in or partner with the healthcare industry, HIPAA compliance is of paramount importance. Keeping a patient’s medical records and personal information safe isn’t just a matter of avoiding penalties. It’s also key to building trust with patients and, ultimately, providing great patient care. Here’s what health organizations and their partners need to know about PHI and keeping it secure.

Is Slack Secure? Vulnerabilities and Solutions

Slack has become one of the most integral platforms for businesses over the last decade, with more than 12 million users currently active. Despite its popularity, however, there are some Slack security concerns that linger from the platform’s 2015 security breach. Here’s what you need to know about Slack security and how to protect your sensitive information on the platform.

Is Atlassian Cloud HIPAA Compliant?

In 2021, digital transformation has accelerated. At the tail end of the COVID pandemic, with companies remaining remote, the demand for cloud services in the enterprise is the highest It’s ever been. Healthcare organizations, which more directly encountered the acute challenges posed by the pandemic, were among the first to be shaped by the current wave of digital transformation.

Nightfall's DLP API Adds Data Discovery and Classification to Your Applications

As a cloud-native data loss prevention solution, Nightfall DLP can natively integrate with some of the most popular SaaS applications in order to protect against the proliferation of sensitive data in these environments. With our native integrations, Nightfall helps keep client data safe on apps including Slack, GitHub, Google Drive, Confluence, and Jira. But did you know that Nightfall also exists as a standalone DLP API?

Evaluating content inspection engines for data classification applications

Many organizations recognize the emergent need to discover, classify, and protect their sensitive information stored in cloud applications (SaaS) and infrastructure (IaaS) via a dedicated cloud content inspection process. However, cloud-native detection engines are a relatively new technology, and many corporate Information Security teams or Product Security developers are, understandably, not yet familiar with how to effectively evaluate cloud content detection.

What Is DevSecOps and How To Implement It

DevSecOps follows the same trend as Agile and DevOps: how can developers create software that’s better, faster, and less expensive? The DevSecOps motto — “software, safer, sooner” adds the missing piece to the latest approach to quicker product development. Security, previously an afterthought in the product development lifecycle, is now becoming an integral part of the process.

Cloud Security Architecture: 5 Best Practices

Cloud programs like Slack and Google Drive allow businesses to work collaboratively and efficiently, often at a low cost. However, these cloud platforms open a business up to new levels of risk: sharing information via cloud programs can put customer data at risk. Cloud security architecture provides a way to recognize and remedy vulnerabilities that result from using cloud service providers (CSPs).

The Anatomy of Mega-breaches: An Analysis of the Top 100 Data Breaches of the Past 15+ Years

In today’s world, data breaches are a fact of life for both consumers and companies. It’s become somewhat of a truism to point out that for many companies breaches are a matter of if not when as defenders are at a significant disadvantage.