Bring your own device

Laptop stolen from Doctor’s Car

March 2nd, 2015

Heath information was potentially compromised when laptop was stolen from doctor’s car. Around 400 patients are notified about the recent data breach. The incident took place at the Medical College of Wisconsin. According to the Medical College spokesperson, that a document with private information on about 400 patients was stolen from the vehicle, while a laptop with data on one patient was also taken.

“Firm policies are in place prohibiting the downloading of patient information to portable media, as well as the secured transport of documents containing patient information,” read a Medical College statement obtained by WDJT. “We sincerely regret that this unfortunate event occurred.

According to the statement, the affected patients are contacted and steps are taken to prevent this type of event. Institutional policy is revisited to safe guard the sensitive information. Excerpts from the statement on website –

The purpose of this policy is to address the appropriate protection and encryption of all MCW Electronic Protected Information (EPI) when it is stored, transferred or accessed on any mobile device.  Full mobile device encryption and related controls are required to access MCW’s electronic network or information through another means.

All Workforce members must protect MCW EPI. Workforce members using a Mobile Device owned by a workforce member, an external entity or one provided by MCW, to access or store EPI must have encryption using an institution-approved tool.

On personally owned devices (i.e. BYOD), should a workforce member choose not to permit MCW’s MDM tools and supporting processes on their personal device, access to MCW’s secured resources will be limited as outlined in procedure below.

Get your personal as well as office laptops encrypted by Alertsec

Unencrypted laptops present a major risk of data loss. 80% of information theft is due to lost or stolen laptops and other equipment. About 50% of network intrusions are performed with credentials gathered from lost or stolen devices. The penalties for a data breach are severe not only in terms of the monetary fines imposed on the organization, but also the potential loss of trust from customers and suppliers. Encryption software greatly enhances the security of your organization’s data as the information is not compromised if a laptop is lost or stolen.

Alertsec Xpress is the full disk encryption service that delivers a mobile data protection system for all information stored on laptops used throughout your organization.

IT companies: Ways to tackle Cloud File Sharing Threat

March 20th, 2014

 

Many cloud file sharing companies are now slowly but steadily wiping out the traditional IT companies methods. More and more IT infrastructure and apps are moving to cloud. Trend for employees using devices like Smartphone, tab to access corporate data (BYOD) is increasing.

Current situation is also leading to increase in security threats for corporate data. Environment is such where IT departments are losing their relevance and control over data.

Adaption of the Technology

IT professionals have adapted to the phases of technological breakthroughs. It is fact that more and more IT infrastructure is moving to the cloud and best way to adapt cloud technology is to put policies and audit strategies in place to avoid data breach. Control objectives should be created for cloud usage and implementation.

Encryption

One of the efficient ways to protect data is by creating encryption. Basically with encryption one need not to worry for the data whether it is moved or stored. Relying on the encryption has its own challenges like visibility of the data for day to day usage. Also trying to encrypt and decrypt work all the time is not feasible. Policy should be in place for the strategic encryption of the data.

Access to right Cloud service provider

Organizations today understand the need and importance of moving operations to cloud but many hesitate due to security threat involved in it. When choosing a cloud vendor it is important to ensure that compliance guidelines are in line with the organizations regulations and standards.

Alertsec strengthens security

Alertsec has created a web based encryption service that radically simplifies deployment and management of PC encryption by using industry leading Check Point Full Disk Encryption (former Pointsec) software.

Organizations, especially corporate giants, have to have an information security policy in place that proves they have taken necessary steps and measures to safeguard the information they gathered. If these policies are not adhered to, the regulators may prosecute.

Alertsec Xpress is used by organizations that have recognized the need to protect their information. Customers range from single-user sole traders and consultants to multinational companies with a large number of offices around the globe. Over 4 million users worldwide use Alertsec Xpress’s Check Point Full Disk Encryption.

Enhanced by Zemanta

Healthcare compliance improving according to DataMotion security survey

January 28th, 2014

DataMotion’s conducted second annual survey on corporate email and file transfer habits. It helped to give insights about the perception of responding IT and business decision-makers about their organizations. It considered both advancement and ongoing issues for health care providers in securing patient as per the procedures.

More than 400 IT and business decision makers across the US and Canada participated in the survey.  Survey conducted was cross-industry but special significance was given to healthcare. According to the response from the health care companies, there is a strong effort toward improving security and compliance practices but there is still work to be done. Companies are now beginning to understand the importance to protect private and sensitive data.

“There [have] been improvements in security and compliance since last year, and healthcare in many ways is leading the way compared to other industries, but there are still serious problems to address,” DataMotion’s Chief Technology Officer, Bob Janacek said, “52 percent of healthcare respondents said their company either doesn’t have, or they are unsure if they have, a BYOD policy. There have been many incidents of mobile devices being lost or stolen that contain protected health information, potentially resulting in a HIPAA breach, and this puts organizations at great risk. Furthermore, healthcare regulations have expanded; meaning companies not previously covered, might be now.”

Study showed above average progress in privacy through emails and file transfers because of the emphasis HIPAA and the final Omnibus ruling place on policies. Some of the aspects of the reports are –

-90.4 percent of companies responded positive for security and compliance policies for transferring files electronically

– 84.8 percent mentioned their employees/co-workers capability to encrypt email

– 86.4 percent stated their policy to achieve compliance

– 32.6 percent healthcare respondents replied about co-workers inability to fully understand security and compliance policies for transferring files electronically.

– 3 out of 4 healthcare respondents replied about employees/co-workers “routinely” or “occasionally” violating security and compliance policies

– While 87.7 percent of healthcare companies permit the use of mobile devices for email, 40.3 percent d stated there is no BYOD policy.

– 11.7 percent are unsure about the policy existence.

– More that 25% promoted free consumer-type file transfer services. 30.5 percent said their company does not forbid the use of these services.

Janacek said “These survey findings give us a textured understanding that hopefully will help businesses overcome and anticipate related issues, especially in an age where security and compliance can so dramatically impact the bottom line,”

More efforts have to be made to get the compliance to protect private data. Alertsec has created a web based encryption service that radically simplifies deployment and management of PC encryption by using industry leading Check Point Full Disk Encryption (former Pointsec) software.

Enhanced by Zemanta