BLS_web_ad_300x250_V3B
CM300x250
Certification_CIPT_300x250final-01

By Katherine Audet

Concerns for privacy are at an all-time high. In light of recent events—the Target breach, Facebook’s change in its privacy policy for teens and the NSA controversy, among others—fear regarding the protection of personal data, or lack thereof, has grown significantly. Companies are rolling out products designed to protect consumers and help business know how to prevent breaches and the crucial steps to take if a breach occurs. Examples of these products include:

AvePoint Releases Update to its Software-As-A-Service Platform


AvePoint has released DocAve Online Service Pack 3, an update to its software-as-a-service platform for Microsoft Office 365 management, that features data protection, governance and reporting enhancements aimed at empowering organizations to “maintain the same level of protection and control over their cloud-based assets as they have with on-premises solutions.” 

Updates featured in the new release include policy enforcement, granular content protection and configuration reports.

“The policy enforcement enhancements in DocAve Online gives companies the ability to have truly comprehensive governance policies that will address all-in cloud, hybrid, or on-premises deployments,” said George Petrou, chief technical officer at AvePoint, in a press release. “That, combined with our additional data protection and reporting capabilities, gives companies the confidence that relinquishing control over physical servers doesn’t mean losing control over users, permissions, and content.”

IBM: Fully Homomorphic Encryption

IBM recently announced  new patented technology: a data encryption technique with the potential to further data privacy and strengthen cloud computing security. This new cryptography solution is known as “fully homomorphic encryption.” This technology makes it possible for a server to process encrypted data without actually first decrypting it. Confidentiality is protected as the technology facilitates the analysis of confidential encrypted data without revealing the original, private data. Craig Gentry, IBM cryptography researcher and co-inventor of the patented innovation, told eWeek, “Fully homomorphic encryption will enable companies to confidently share data and more easily and quickly overcome challenges or take advantage of emerging opportunities.”


The Secure Local Data Residency as a Service

            

Coretec Solutions, a prominent Australian Salesforce solutions company, and PerspecSys, a global leader in cloud data protection solutions, have partnered to create a managed service to address the barriers to cloud computing adoption for businesses and government agencies in Australia and New Zealand. The key concerns sought to be addressed by this service are data security, data privacy and data residency, the control over where sensitive data and documents are stored).  The innovative service is called Secure Local Data Residency as a Service (Secure LDRaaS). With Secure LDRaaS, sensitive data is never stored or sent outside of the local jurisdiction; instead, sensitive data is replaced with an undecipherable random token value before leaving the local jurisdiction. This service allows businesses to use cloud applications risk-free.

Android Users: Counterveillance Anti-Spyware App

Concerned about cybersecurity threats and privacy invasions on your phone? Then check out this new app for Android available on Google Play. SnoopWall protects against viruses, malicious apps and spyware. The basic version of the app is a free download for all users. It includes the Android device scan to audit apps for high-risk behavior such as spying or data leakage, the Real-time Privacy Meter to visually check mobile security and instant mobile security alerts that immediately alert the user when apps have attempted to access any high risk data ports including the webcam, microphone, GPS, WiFi and Bluetooth. The premium subscription has additional features, including remote locking of a lost phone, customized app and port permissions and preset device activity scans. The premium subscription requires a yearly subscription plan for $9.95.

Do Not Track - Epic Privacy Browser

Epic Privacy Browser is a Chromium-based browser that creates a private browsing experience. The browser is a free download that actively blocks websites that track you, ads and third-party cookies. Epic blocks referrer data sent to search engines, which prevents those sites from gathering and selling search data to advertisers. According to Epic, one benefit of blocking these trackers and ads is faster download speeds. Epic also offers a built-in secure proxy that allows users to browse websites without sending their IP addresses and physical locations to the server. Using this feature, any website that attempts to locate the user based on the IP address will instead receive the location of where the proxy server resides. Finally, Epic purges all stored data upon closure of the browser, deleting everything the user did online.

Move Over Cloud Storage, Everydisk is Here

Everydisk is an alternative to cloud storage solutions that offer storage space on servers. Everydisk creates a direct, secure connection between all hard drives on a user’s device. Using the Everydisk app, a user logs into Air Connect, a web-based server platform, and then chooses which devices to connect from a list presented. Once all devices are selected, Air Connect creates a direct connection between the user and the remote devices. When this direct connection is created, user data stays on the user’s machines as the data passes through the server and is never stored.

Risky Business

Privacy Analytics, a world-renowned developer of data anonymization solutions, recently published their first magazine in December 2013.  Risky Business began as a risk management newsletter but was reinvented to provide an easier reading format for subscribers. The magazine will be published bi-monthly and includes more articles than the newsletters previously contained. The magazine also includes re-identification risks and compliance and in-depth anonymization analyses. In the future, Risky Business will feature articles highlighting how organizations use the latest technologies and management practices that enable data for secondary use.

Data Breach Survival Guide

Data Breach 411 is a new app for iPhones designed to help companies in the event of a data breach. As of 2014, 46 states in the U.S. have data breach security laws in place that address how businesses should respond to the theft or loss of data. Data Breach 411 provides an alphabetical listing of the states that have data breach laws and links to the applicable individual state statutes. The app also includes breach notification rules associated with the theft or loss of personal health information. This app is very beneficial to business and organizations. To sum it up: “Our app is a ‘one stop shop’ for in-house counsel and privacy officers to instantly access the relevant state-specific details on what they need to do, who they need to notify, when and how.”

New Family Privacy Tool

PrivacyFix Family is an app for parents concerned about their children’s privacy settings on Facebook. For many parents, not being friends with their children on Facebook—and therefore not being able to monitor the content being posted—is a big problem. This app provides an easy way for parents to monitor privacy settings and know how secure their kids are while logged into Facebook. The app is designed to be very simple to use: Parents log into PrivacyFix Family through Facebook, adjust their personal privacy settings and then invite family members who will all share those same privacy settings.

Reporting Data Breaches Made Easy!

Every year, business entities are susceptible to data breaches, potentially compromising millions of personally identifiable information records. The response to a data breach must be quick and efficient; proper reports have to be sent to the proper authorities. This process can also be quite complicated as state regulations vary and federal law may preempt those state laws. Failure to report to the proper entities in a timely fashion can result in fines, penalties and civil sanctions. The CSR Breach Reporting Toolkit makes breach reporting extremely easy: One phone call to CSR’s toll free hotline starts the process. From there, CSR organizes all the information regarding the breach, selects the proper reporting authorities and sends out breach reports to those authorities as required by law.

Risk Assessment

IDT911 recently release two new tools designed to assess the risks and costs associated with privacy breaches in small businesses: The DataRiskCompass and the Breach Expense Risk Compass. These tools are only available to partners of IDT911 as part of their DataRiskStages service. The Data Risk Compass has policy holders answer a series of questions to obtain a breach risk score between 1 and 100. It also allows them to figure out weaknesses and provides tips on how to eliminate the weaknesses. The Breach Expense RiskCompass is available to insurance brokers to aid in determining the appropriate privacy breach coverage limits available to commercial policy holders.

USB with Built-In Encryption and Anti-Virus Protection