Hardly a day goes by without a media report about a data breach that involves exposed personally identifiable information (PII). In the same way an organization takes care of its employees, customers, and finances, it also needs to ensure its sensitive data, such as PII, is well protected. Let’s explore what constitutes as PII, the consequences of it being exposed, and what organizations can do to...

Data privacy regulations have really come into play over the last four years. Consumers are becoming more concerned about the disclosure and use of their data and trust is playing a key role. According to a survey conducted by Salesforce , 48% of consumers said they had lost trust in brands during the pandemic due to misuse of personal information. As the world becomes more technology driven and...

It’s no surprise to anyone that the amount of data that exists is rapidly growing. A report by IDC predicts that by 2025, the global datasphere will have grown to 175 zettabyes. To put in perspective how much data this truly is, one zettabyte is equal to one trillion gigabytes – that is an astronomical amount of data. Needless to say, humans are not equipped to manually keep up with ensuring this...

The primary reason most organizations look at classifying the data they create and handle is to control access to sensitive information, driven by the need to manage security risk, and comply with data protection regulations such as GDPR , CCPA , ITAR , and more. All organizations have to comply with the rules of their industry bodies, as well as the nation states they operate in. Achieving...

The data protection landscape and its associated compliance environment changed fundamentally with the implementation of the European-wide GDPR in May 2018, with many other privacy regulations following suit around the globe. It is no longer about what organizations think they need to be doing in order to control their data, but that they are being told what they need to do by regulators such as...

In today’s global economy, businesses must be compliant with standards established by various countries so they can service customers around the world. One such regulation you can’t afford to ignore is the GDPR (General Data Protection Regulation) , which is the core of Europe’s digital privacy legislation. The GDPR applies to any organization that operates within the EU or offers goods or...

South Africa’s Protection of Personal Information Act (POPIA) has finally come into force . That’s good news for South African citizens and residents, since the legislation’s aim is to protect their personally identifiable information (PII) after it’s collected by public and private entities in the country. But what does the new law mean for South African organizations who must comply? For some...

Serious question: Has anyone, ever, consciously decided not to use a website they require (or even just want to use) because they don’t agree with a cookie consent warning? Cookie consent warnings are those little strips that appear along the bottom of virtually every website you visit nowadays (including ours), notifying users that the website uses cookies to collect user data. Some are more...

Working remotely has become the “new normal”, at least for the foreseeable future. Some 1.5 billion people are now working remotely. It seems companies overnight moved into a work-at-home reality, and many workplace experts predict that more and more organizations will continue to rely on remote workers after this pandemic has passed. Virtual work settings are not new. Companies around the world...

Data needs to be classified and protected using a common format. By using a common format, we can more easily share and protect our information, as well as and provide ongoing post-release control of the information we have shared. Fortra has worked with sensitive messaging systems in the defense and intelligence environments; this has also included a lot of direct contact with NATO and the...

Have you updated your agency to the Email Protective Marking Standard (EPMS) version 2018.2 ? As you likely know, changes to the standard went into effect 1 January 2019. Since the last iteration was released in 2010, the EPMS standard has been amended. The changes include updates to the range of security classifications, changes to specific markings and caveat types, as well as new language used...

A definition of SOX Compliance In 2002, the United States Congress passed the Sarbanes-Oxley Act (SOX) to protect shareholders and the general public from accounting errors and fraudulent practices in enterprises, and to improve the accuracy of corporate disclosures. The act sets deadlines for compliance and publishes rules on requirements. Congressman Paul Sarbanes and Michael Oxley drafted the...

Many companies are currently in various phases of projects to comply with the European Union’s General Data Privacy Regulation (GDPR) ahead of the May 2018 enforcement deadline. Many vendors and service providers speak generally about GDPR and often, in my view, over simplify solutions to issues that are raised. Rather than try to address the whole of the regulation, I want to speak specifically...

The best way to protect and govern your data is to let it tell your business applications and infrastructure what it contains. Chris Farrelly, General Manager at HANDD Business Solutions, explains how that’s possible and why you should do it A quick Google search on “data, lifeblood, and business” turns up dozens of headlines, each with a hoary old cliché: data is the lifeblood of your company...

Why is Data Retention & Archiving Important? Businesses manage data retention in a multitude of ways for many different reasons, ranging from technical considerations to privacy and liability concerns. The regular considerations are, and will always be, top of mind to include regulatory requirements and compliance, financial reporting, disaster recovery and others – but there is a growing sense if...