Google Drive is an integral part of Google Workspace (formerly known as G Suite). With over 6 million customers and over 2 billion monthly active users, Google’s platform is the world’s largest collaboration tool for companies both large and small. In Google Drive, employees across the world create, edit, and share files on a daily basis. This, however, does not occur without the risk of data leakage.

As with most SaaS applications, within Salesforce it is your organization’s responsibility to determine whether Salesforce’s default security settings meet your specific security and compliance obligations. Read this online guide, for free, to learn about the problem of data exposure in Salesforce and how to ensure compliance with HIPAA, PCI, and other leading industry standards while storing sensitive data in Salesforce.

The rise of cloud, containers, and microservices has shifted the way software developers work for good. Whereas traditionally, software developers would release a new version of an application every few months, today’s platforms allow teams to work faster and more streamlined. These advancements have led to the rise of “software, safer, sooner” — also known as DevSecOps.

Cyberattacks are still big business and on the rise. Despite substantial increases in cybersecurity spending, many businesses aren’t taking enough action to mitigate their risks. While a significant data breach in itself is a scary concept, the costs of inaction and the subsequent charges associated with investigations, penalty fines and reputational damage should worry you even more.

Enterprise email encryption is a must-have security tool for anyone who wants to safeguard data that’s in transit. The truth is, there are numerous types and technologies available to help you with this, but what you need for your business ultimately depends on how seriously you want to take the protection of your own, and your clients’ or customers’ data.

Personal data remains attractive for malicious actors and cybercriminals. As they evolve their methods for stealing and compromising such data, implementing sufficient data protection measures is especially vital for any organization. In some industries, protecting personal data is a must to comply with privacy laws and regulations. But even if your organization is not subject to a particular data privacy requirement, it’s highly recommended to secure the data of your customers and employees.

Environments like GitHub present data exposure risk in the form of secrets leakage and sensitive PII leaking from repositories. Read this online guide, for free, to learn about the problem of secrets exposure and leakage in GitHub, as well as how to easily implement secrets detection and scanning to prevent this risk.

When Uber was breached in September, the hacker remained undetected until they announced their presence within the org via Slack. This incident provides yet another example of Slack being leveraged by an attacker. In this post, we’re going to review some of the ways attackers have used Slack in breaches, why this is happening, and what you can do about it.

What a few weeks it has been for Twitter, from the sacking of half its workforce, and the rushed release of a new feature that allows impersonation of people and brands, through to the unintentional lock out of some users with a certain multi-factor authentication (MFA) configuration enabled. Added to this, we have also seen major resignations of key individuals across the Information Security, Privacy and Compliance groups.

Data trafficking for identity theft is rife. Approximately 82% of the web contains some form of third-party scripts, with over half tracking users. 2020 saw the sharpest rise in data theft for malicious use. Over 500,000 reported identity theft cases through digital channels in the United States. These thefts are often used to perform bank and credit card fraud, government and document fraud, and loan or lease fraud.

Malware is becoming more sophisticated, and it would be impossible to prevent and defend from every single cyber threat out there. As the digital dependence of enterprises grows in tandem with the enterprise’s growth, we at Rubrik are seeing some consistent trends that can be mapped to their exacerbating cyber risk. In today's competitive landscape, it is even more important to secure your data to defend against cyber attacks.

Calling all enterprises, endpoint management is changing. New endpoint protection platforms & AI-powered solutions are a game-changer for companies looking to enhance their security capabilities and remain bulletproof. The worst of the pandemic appears to be behind us; however, enterprises are still adjusting to the post-COVID new normal. For many industries, remote work and the hybrid office remain essential adjustments that are not going back to normal.

There’s no denying that the market for data encryption solutions is multifaceted and broad. But, it must be in order to keep up with modern security gaps and evolving threats. In this article, we’ll tell you about what enterprise data encryption is, why you should care about it, some of the different types of data encryption, and how SecureAge takes a unique approach to effectively protect enterprise data without compromising existing workflows or requiring a tech overhaul.

In this post, we’ll quickly cover the highlights of what you need to know about California’s Data Breach Notification Statute.

Over the past two decades we have seen security get more and more granular, going deeper into the stack generation after generation, from hardware, to network, server, container and now more and more to code. The next frontier of this evolution is data, especially sensitive data. Sensitive data is what organizations don’t want to see leaked or breached. This includes PHI, PII, PD, financial data.

Now is the time to rethink how you manage data security. We’ve discussed the potential for breaches, financial ramifications, and loss of business in the past. These get your attention, but we’re well beyond that. No company is immune to these risks anymore. It’s the “how” that trips people up. How do you account for every line of code? How do you keep tabs on third parties? How do you ensure security teams aren’t in the way of developers?

The Brazilian General Data Protection Law (LGPD) came into effect on August 16, 2020. The law creates new rights for individuals with respect to their data and imposes significant obligations on companies that process personal data. This guide will provide an overview of the key provisions of the LGPD and explain the steps that companies must take to comply with the law.

Nightfall customers have always lauded the platform’s ease of use and simplicity, but our team is always hard at work looking for ways to improve user experience. This month, we’ve made multiple features GA across the platform, that will further your ability to further customize what content and files trigger Nightfall detectors as well as the ways you can ingest this data.

There are many ways to share data in SharePoint, including lists. A SharePoint list is a collection of data that a user can share with other users to whom they have permitted access. A variety of default list templates are provided in SharePoint to allow for easier set-up. Users can also import such lists (usually in CSV format) from other applications.

Every software we use consists of instructions in the form of computer codes that dictate how computers behave or perform certain tasks. But not all software is designed to make our lives easier. Malware, a portmanteau of the words malicious and software, is specifically designed to help hackers gain access to, steal information from, or damage a computer. Oftentimes, all this happens without the knowledge of the computer user themselves. Until it’s too late, that is.

I’ve heard the title of this article uttered in exasperation by more than a few CISOs. That can’t be the case though, right? Developers are some of the most paranoid cautious, security-conscious people I know. Compared to your average person, developers are far more skeptical when it comes to their personal data. Even as a CEO, those instincts from my time as a full-time dev persist.

In today’s data-driven world, businesses view data as a crucial business asset. Companies gather growing volumes of information from increasingly diverse data sources. Coupled with distributed and complex IT environments, this interwoven data landscape presents cyber threats through data supply chain risks.‍ A statistic exemplifying data supply chain risks is that 45 percent of data breaches occur in cloud computing systems, many of which aren’t owned by the companies that use them.

Yesterday, TechCrunch broke a story about pharmaceutical giant AstraZeneca, which experienced a leak affecting sensitive patient data. We think this incident is worth reviewing to learn more about how data exfiltration risk is distributed across the entirety of an organization’s SaaS infrastructure.

That’s a wrap for Data Security Summit 2022! Last month, we gathered some of the wisest forces from the frontlines of cybersecurity to discuss why data security is a crucial component—and often a missing one—of a well-rounded security strategy.

In today’s digital world, data breaches are becoming more and more common. In fact, recent studies found that a large majority of breaches are caused by stolen secrets & credentials, such as API keys. API keys are used to access data and resources from another application or service. They are typically used to connect two applications so that they can share data. For example, if you use a weather app on your phone, that app likely uses an API key to access the Weather Channel’s data.

Data classification is an important business process. It makes it easier to apply data protection, helps employees understand what data is sensitive, and, importantly, which data can be made public. Unfortunately, many organizations provide employees with access to far more data than is needed. The oversharing of information with employees is a huge security risk.