Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Today, we are delighted to announce that Nightfall has launched the first and only DLP solution for Asana. As part of this launch, Nightfall has joined the Asana Partner program as an official Technology Partner. Nightfall’s solution for Asana builds comprehensive data protection into the Asana app.

archTIS Director of Federal and Defense, Bill Kalogeros recently presented a CMMC 2.0 Workshop with FCW on new controlled unclassified information or ‘CUI’ marking requirements for CMMC 2.0 which is expected to go into effect in May of 2023. Here’s a summary of his session and a link to the recording to learn more about the pending changes to CUI handling and how to prepare.

The Health Insurance Portability and Accountability Act (HIPAA) was enacted in 1996 and sets forth a comprehensive set of standards for protecting sensitive patient health information. The Privacy Rule applies to all entities that fall within the definition of a “covered entity“, which generally includes healthcare providers, health plans, and clearinghouses.

As a CIO, you are responsible for safeguarding your company's data. This includes both protecting it from accidental loss and preventing unauthorized access. A Data Loss Prevention or dlp solution can help.

The FTC Safeguards Rule, is a set of regulations promulgated by the Federal Trade Commission in order to protect the privacy of consumers’ personal information. The Rule requires financial institutions to develop, implement, and maintain a comprehensive information security program designed to safeguard customer information.

Customers, Partners and Colleagues, I am excited to share that archTIS’ NC Protect product has been named 2022 Policy Management Solution of the Year in the 6th annual Cybersecurity Breakthrough Awards.

When two companies merge, there is typically a lot of data that needs to be transferred between the two organizations. This data may include confidential information such as customer records, financial reports, and employee data. If this data falls into the wrong hands, it could be used to commit fraud or theft. That’s where data loss prevention (DLP) comes in.

As an employer, you have both a moral and legal obligation to shore up sensitive information about your employees. Sensitive information includes genetic and biometric data, medical records, SNNs (social security numbers), and criminal history records, just to name a few. Fail to do so, and you will open yourself up to loads of risk. Hackers are constantly on the hunt for applicant and employee data that they can further sell on the dark web or use to perpetrate fraud.

The number of secrets exposed in public repositories is staggering. With reports in 2021 reaching up to 6 million secrets detected, an increase of 50% from 2020. Secret sprawl is part of every organization, but it is a plague on the open-source world of software development. Even if your organization has a top-notch security-aware culture, human error will inevitably cause secrets to leak and data to be lost or compromised.

Strong data loss prevention requires two things: a strong policy that guides user actions and permissions, and the tools to monitor and manage data security. Many organizations know they need to invest in software, platforms, and other security settings to create secure networks, endpoints, and cloud settings. But not every organization has a strong DLP policy to guide these tools. Many compliance regimes require companies to record data loss prevention policies.