Cloud SaaS


  • Best Practices for Secure Texting in Healthcare

    As healthcare providers and vendors seek information about how to safeguard personal health information (PHI), texting is one area that without question carries a great deal of risk. It's convenient, but unsecured texting of PHI opens healthcare organizations up to additional scrutiny, at best; at worst, lawsuits and fines.

    In this handbook, experts explain how secure texting policies can enable convenience in healthcare organizations but still comply with HIPAA regulations. First, contributor David Weldon examines the role that corporate culture plays in stressing the importance of secure communications throughout the organization. Next, news and features writer Shaun Sutner offers tips from a lawyer on how to combat the dangers of unsecured texting of PHI in healthcare. Finally, contributor Reda Chouffani looks at data breaches in healthcare statistics from 2015 and provides insights into how you can protect your organization against breaches.

    Continue Reading

  • Deconstructing the emergency incident response process

    Professional incident response providers can quickly bring the additional resources and the expertise that companies often need to handle a rapidly unfolding threat.Continue Reading

  • Ask the expert: HIPAA breaches and the tech most likely to cause them

    It's safe to say HIPAA breaches should be avoided at all costs. One CISO discusses the technology most likely to cause a breach and what to do to ensure compliance.Continue Reading

  • Ask the expert: Encryption is key for a HIPAA covered entity

    David Reis, CISO at Lahey Hospital & Medical Center, discusses important steps a healthcare organization, as a HIPAA covered entity, should take to remain compliant.Continue Reading

  • A disaster recovery/business continuity plan for the data breach age

    As we become 'digital by nature,' a good enterprise disaster recovery/business continuity plan must put data first, says Harvey Koeppel. He lays out 10 tips.Continue Reading

  • Forming a DR/BC plan for the inevitable data breach

    According to one statistic, as of July 2015 there were, in total, almost 4 million applications available on the app stores of Amazon, Apple, BlackBerry, Google and Windows. This figure is only one reflection of how the technologies that enable our digital selves -- like mobile computing, cloud and social media -- have not only transformed the way we work, but also how we live. In light of the fact that we also now live in an increasingly cyberthreat-filled landscape, having a comprehensive DR/BC plan is no longer optional for enterprises, says SearchCIO columnist and former CIO Harvey Koeppel.

    In this SearchCIO handbook, Koeppel offers a list of DR principles CIOs can follow to help them design and implement a solid DR/BC plan that will protect both business and personal data when the next disaster strikes. In our second piece, CTO Niel Nickolaisen shares advice on how to get the most value out of DR testing -- without risking damage to your organization. In our last article, writer Mary K. Pratt gathers tips from DR experts on how to craft a DR/BC plan that can tackle any type of disaster, including data breaches.Continue Reading

  • Three ways to build an open source security toolkit

    Enterprises should have a diverse set of open source security tools in their arsenal. Here are three factors that can help guide them in building the right security toolkit.Continue Reading

  • A disaster recovery/business continuity plan for the data breach age

    As we become 'digital by nature,' a good enterprise disaster recovery/business continuity plan must put data first, says Harvey Koeppel. He lays out 10 tips.Continue Reading

  • Eight-step data breach plan for the IT organization

    A data breach plan that addresses the many variations a hack can take should consider these eight points.Continue Reading

  • The steps to effective cybersecurity incident response

    Planning and foresight are essential to any cybersecurity incident response plan. Follow these steps to make sure you're ready for a data breach.Continue Reading

  • Data protection and security incident response when all information is a target

    Data breaches have become increasingly commonplace for businesses, and every company that has an online presence is a potential target for hackers: High-profile hacks of Target Corp. and Anthem Inc., to name a few, show how valuable personal data has become to nefarious parties. In addition to customer data, companies must make sure sensitive company information such as trade secrets and intellectual property are protected as well. To face these constantly evolving data security threats, businesses have been forced to completely revamp their approach to information protection and embed security into data governance and business processes. In this handbook, learn about the pressing information security vulnerabilities facing modern companies and advice to implement governance strategies that keep your data secure.Continue Reading

  • Why relying on network perimeter security alone is a failure

    A network perimeter security strategy alone can no longer protect enterprises. Expert Paul Henry explains why organizations must adapt.Continue Reading

  • Data protection requirements start with firm grasp of GRC needs

    Corporate data protection requirements are complex, but determining a company's unique GRC needs is an essential first step to information security.Continue Reading

  • What executives must know about data breaches in healthcare

    The U.S. Department of Health and Human Services Office for Civil Rights' investigations into healthcare data breaches produced information that can help stop future leaks.Continue Reading

  • How to ensure a secure API

    Application program interfaces, or APIs, are nothing new in the IT world, but over the past ten years, public-facing APIs have risen from a handful to over 10,000. The function of APIs is to add capabilitiies to Web applications and mobile apps, allowing the automation of common processes that interact with services on other machines. APIs, in other words, let programs and websites "talk" to each other, which means APIs allow those programs and websites to provide even greater value to the end users.

    Like almost all good things in the world of IT, this raises security questions. When developers create an API, they can also inadvertently open a window to hackers. So this three-part guide looks carefully at both the nature of the security risk and also outlines best practices for managing your organization's use of outside APIs in a secure fashion, as well as making sure that any API's you make publicly available are not opening you up to attack.Continue Reading