The Privacy Management (PMT), Privacy by design (PbD) and Privacy Impact Assessment (PIA) tools, Integration of Data Management and Security, Integration of Extensible Key Management (EKM) and Cloud Key Management as a Service (KMaaS), Data Security as a Service (DSaaS), Data Security Platforms and Cloud Database Activity Monitoring (DAM) are in rapid development.

When defining security policies, it is critical to know who the user is and what their privileges should be based on their role, and whether the device itself or the state of the device at the time of connection is in a known good state.

Title II of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) has two key provisions: the Privacy Rule and the HIPAA Security Rule. The Privacy Rule establishes standards for protecting certain health information, or PHI. The Privacy Rule requires those organizations that are governed by HIPAA (covered entities) to implement safeguards to protect the privacy of PHI, and gives individuals the right to access and share their health records.

Today’s threat actors often carry out cyber attacks with the primary objective of accessing and exfiltrating sensitive information from your IT environment. Efforts to obtain this “crown jewel” information usually involve complex multi-phase cyber attacks. But another way in which sensitive data ends up in the hands of malicious actors with a lot less effort is when an organization exposes sensitive data assets in a data leak incident.

It's not uncommon to hear about businesses storing large volumes of personal data. There are endless reasons as to why personal data may be collected and processed, such as to build user profiles in order to send targeted products and services. However, many businesses fail to consider what should be done with the data once it has served its purpose, without negatively influencing their reputation and infringing upon a data subjects' rights.

Another day, another data breach has become a common refrain, in a world saturated with data breaches and other types of data exposures. But over the past few years, a subtle change in the nature of breaches has taken place. We documented some of this change in our analysis of the 100 largest breaches in the 21st century, highlighting that breaches were getting larger and more likely the result of misconfigurations.

We are excited to share that NC Protect for Microsoft 365 is now available in both Microsoft Azure Marketplace and Azure Government Marketplace! archTIS customers can now take advantage of the productive and trusted Azure cloud platform, with streamlined procurement, deployment and management of NC Protect for M365 from the Marketplaces.

Today, for enterprises and even SMB companies, IT is a sprawling but interconnected universe of applications, devices, and services all running in tandem to maintain the lifeblood of these organizations—data. Navigating the complexities of this arrangement is not just a challenge for security teams (something which Nightfall customers have attested to, before adopting our platform), it’s a genuine challenge for anyone who must manage and use information.

Missed last week’s archTIS Defense & DIB Cybersecurity Summit with leading industry and defense experts? Watch the recording for their insights on the zero trust, CMMC 2 and the new threats the industry is facing and how to best combat them.