Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

We are pleased to announce the launch of NC Encrypt to provide independent encryption key management and Bring Your Own Key (BYOK) support for Microsoft 365 applications and SharePoint Server environments. The sheer number of communication and collaboration channels the M365 platform has introduced, increases the vulnerability of sensitive data and potential for accidental data loss or overexposure, making protection mechanisms such as encryption critical.

Demands on data have created a host of challenges for security and administration, and traditional tools are not keeping up. As we expand collaboration and business activities outside the office, data moves more widely and user permissions expand with every responsibility or team project. Keeping ahead of this permission burden is tough yet necessary for zero trust “don’t trust, verify” security.

The US Department of Defense (DoD) initiative to adopt the Executive Order for Zero Trust is heating up. This week the Pentagon’s CIO, John Sherman, announced plans to implement a zero trust architecture agency-wide within the next 5 years – by 2027. To support this initiative, he plans to announce a new strategy next month to help meet the ambitious deadline for an agency of over 4 million people.

Many organizations want to leverage encryption in their environments. This usually starts off with encrypting data and devices that physically leave the organization. External USB drives with encryption or internal drive encryption on laptops using BitLocker for example. We have all heard stories of secret government documentation being left behind on the train or a laptop with employee information being left in a Taxi while traveling.

We’re pleased to announced the release of Kojensi SaaS v2.0 to ensure secure document collaboration and sharing of sensitive and Export Controlled content between Government, Defence, Defence supply chain, and higher education institutions. This new release assists organisations with meeting strict regulatory guidelines and compliance obligations for secure information sharing.

While the Singapore Personal Data Protection Act (PDPA) 2020 Amendment phases came into effect on Feb 1, 2021, starting on October 1, 2022, the maximum financial penalty for breaches of PDPA will be increased. Here’s what you need to know for the next phase of PDPA and how to ensure your information security practices are compliant to avoid penalties.

All information is an attractive target for bad actors, but some is inherently more valuable than others. State-sponsored and hacktivist attacks constantly probe enterprise networks seeking to identify the location of sensitive information. Attackers historically targeted core enterprise systems but as the defenses for those systems have matured, attackers now target the same information but in less secured unstructured (broadly speaking, file and email based) repositories.

Selling to the Department of Defence or dealing with Export Controlled material? Discover how to manage the information security and compliance of ITAR and other regulated data.

Speaking with clients, I find one of the biggest issues they struggle with how to properly secure Guest access in Microsoft 365 applications. While many organizations had already begun outsourcing their email to M365, most had really only begun looking at the rest of the M365 offering (Teams, SharePoint Online and OneDrive) when COVID hit. Most organizations wound up diving headfirst into this offering in an attempt to deal with the sudden need to work and collaborate with colleagues from home.