With the introduction of various compliance requirements such as HIPAA, PCI and GDPR (just to name a few from around the world), there is an increasing need for organizations to determine where their sensitive data is located, secure access to it and protect it accordingly. There are many products that incorporate the ability to Discover and Classify data. NC Protect is no different.

In July, the Pentagon’s acquisition office issued a memo reminding acquisition officials of the DoD’s requirements for handling controlled unclassified information (CUI). The standard which applies Defence contractors is not new. The original Defense Federal Acquisition Regulation Supplement (DFARS) clause 252.204-7012 requirement went into effect in 2017.

All information is an attractive target for bad actors, but some is inherently more valuable than others. State-sponsored and hacktivist attacks constantly probe enterprise networks seeking to identify the location of sensitive information. Attackers historically targeted core enterprise systems but as the defenses for those systems have matured, attackers now target the same information but in less secured unstructured (broadly speaking, file and email based) repositories.

Selling to the Department of Defence or dealing with Export Controlled material? Discover how to manage the information security and compliance of ITAR and other regulated data.

Speaking with clients, I find one of the biggest issues they struggle with how to properly secure Guest access in Microsoft 365 applications. While many organizations had already begun outsourcing their email to M365, most had really only begun looking at the rest of the M365 offering (Teams, SharePoint Online and OneDrive) when COVID hit. Most organizations wound up diving headfirst into this offering in an attempt to deal with the sudden need to work and collaborate with colleagues from home.

Cybersecurity has become an important topic for the defense supply chain. The ever-increasing number of digital channels that data can be exchanged through, has exponentially increased the risk of data breaches and leaks. This puts a lot of pressure on these organizations to ensure that the risks associated with the handling of sensitive data are as low as possible.

Protecting Controlled Unclassified Information (CUI) is a top priority for companies that have government and defense contracts, especially with the changes being rolled out in CMMC 2.0. We’re pleased at announce a new NC Protect watermarking feature to support CUI Designator labelling capability to assist US Defense and the Defense Industrial Base (DIB) with meeting the new CUI document handling and tagging requirements. The feature will be globally available during the July 2022 timeframe.