05.29.2018 - Should U.S. Companies Be GDPR Compliant? Yes!
Should U.S. companies be GDPR compliant? The short answer is yes. The General Data Protection Regulation (GDPR) is the European Union’s (EU) strengthened data protection rule covering all citizens of the EU, no matter where they are located in the world. Starting May 25th, 2018, the goal of the law is to give control of personal data back to the individual as well as placing restrictions on ‘hosters’ and ‘processors’ of that data. While enforcement of the GDPR is still under debate, this is not a compliance program to be ignored by anyone outside of the EU. If you are an organization that happens to have the name, address and any other data point of a person from the EU in your data logs, you need to prove compliancy, or face stiff fines. Continue reading the full article. By Ed Gorczyca, Chief Compliance Officer, Optimal IdM ...
05.22.2018 - Protecting Your Patient’s PHI Data
For healthcare, there’s never been a more urgent time to reassess your cybersecurity and identity and access management strategy. Until recently, protected health information (PHI) was the most valuable merchandise on the Dark Web. Complete healthcare records were going for $75 to $100 dollars at the height of demand according to Institute for Critical Infrastructure Technology (ICIT). ...
05.22.2018 - Video Interview: Terri Robinson, Executive Editor of SC Media, speaks with Optimal IdM
Watch the full video interview of Terri Robinson, Executive Editor of SC Media, as she speaks with Optimal IdM’s Mark Foust, Chief Product Evangelist at Optimal IdM discusses the identity landscape and client’s identity concerns. ...
05.17.2018 - How Privacy Is Moving Data Security To The Top Of Corporate Agendas: CSO and IT News
It’s no longer privacy vs security. Regulations like GDPR and customer data breaches have joined privacy and security efforts at the hip. Optimal discusses how privacy is moving data security to the top of corporate agendas. http://ow.ly/u7HM30k3pU6 By Maria Korolov, CSO and IT News ...
05.14.2018 - Healthcare Industry Selects Optimal IdM as Top 10 Authorization and Authentication Solution
Black Book Market Research LLC’s annual poll of cybersecurity products, services, outsourcing and consulting clients spanned 17 functional areas of cybersecurity including: Authorization and Authentication Solutions; Blockchain Solutions; Compliance and Risk Management Solutions; Cybersecurity Advisors and Consultants; Cybersecurity Training and Education; DDoS Attack Prevention; End Point Security Solutions,; Access Management; Firewall Networks; Data Encryption; Intrusion Protection Solutions; Threat Detection and Prevention; Network Security; Email Protection; and Cybersecurity Data Analytics. The full listing of cybersecurity rankings in each category can be found at Black Book’s website. ...
05.2.2018 - Know Your Credentials: The Other KYC Requirement
The way people want to interact with their financial providers has changed quickly in the past few years. Now, account holders want control over their funds, and they don’t want to jump through hoops to exert that control. They expect a streamlined customer experience that lets them accomplish their tasks quickly, and there are great rewards to be reaped by institutions able to meet those expectations. For example, according to PwC’s 2017 Digital Banking Consumer Survey, 46 percent of consumers do all their banking online, a percentage that will grow even larger as the first generation of digital natives—those graduating high school around now—enter their adult lives and establish relationships with banks and investment firms. A delightful customer experience isn’t the only purpose of good identity and access management. Financial firms need to meet Know-Your-Customer (KYC) requirements from many regulatory bodies in order to avoid hefty fines. These institutions may assume that meeting KYC and other regulatory requirements means their sensitive data is safe ¾ but that would be a mistake. Hackers aren’t the only threat to Personally Identifiable Information (PII) and other sensitive data. A financial organization’s own employees can present a danger as well. Insider threats take many forms. In rare cases, the employee is a thief who has actively sought access to parts of a core system they have no business accessing. In some cases, the employee is an opportunist who borrowed someone else’s credentials for legitimate reasons and then stumbled onto a trove of data that was too tempting to leave alone. But far more often, the employee is an unwitting pawn who’s fallen for a phishing scam or been socially engineered into sharing credentials with a con artist. Yet regardless of an intruder’s motivation or means, the results for the employer are the same: data leakage, brand damage, and regulatory penalties. ...