News just in. LastPass’ parent company, GoTo, has revealed malicious actors stole encrypted customer information – and, more troublingly, a decryption key – in a November 2022 attack. While you might not have heard of GoTo, your company will probably use at least one of its digital tools. There’s the communications platform Central, the online […]
Data security news & resources
What must companies disclose to the Securities and Exchange Commission (SEC) in the event of a data breach?
How to manage SaaS data sprawl?
HIPAA compliance for Google Workspace admins
Why it’s time to say goodbye to proxy-based SaaS security
LastPass owner GoTo says hackers stole customer backups
What is SaaS security posture management (SSPM)?
We all know that cloud apps like Slack, Teams and Google Workspace are the backbone of modern business. But they’re also a huge risk to compliance and security. Research shows that the average company has a $28 million data breach risk because of exposed data in SaaS environments. Risks like data leakage, compromised credentials and […]
Do covered entities need to retain HIPAA Audit Logs for six years?
“Is it true we need to retain our HIPAA (Health Insurance Portability and Accountability Act) audit log records for six years?” That’s a common question healthcare organizations ask us when they learn about Polymer data loss prevention (DLP) for HIPAA compliance. While our audit reporting capabilities enable you to capture records for well over a […]
How to achieve zero trust in Slack?
Zero trust. You know it’s important. You know you want to implement it in your organization. And you know it could make Slack way more secure – especially given the recent Uber breach! But there’s a problem. Moving from concept to reality is proving mighty difficult. You’re not alone. 96% of security decision-makers state that […]
AstraZeneca breach exposes sensitive patient data
This week, the pharmaceutical giant, AstraZeneca, hit the headlines after security researchers discovered credentials for one of the company’s internal servers on the code sharing platform, GitHub. While this is a relatively small-scale breach, there are a lot of lessons here about the risks of data exfiltration across SaaS environments. Here’s everything you need to […]
Should your business be worried about Slack security in 2023?
In September 2022, tech giant Uber had to shut down its company Slack channels after a malicious actor sent a Slack message to multiple employees, stating: “I am a hacker.” Yikes! This incident isn’t the first time hackers have leveraged Slack in a cyber-attack, and we’ve got a feeling it certainly won’t be the last. […]
GitHub security best practices you need to know
What software developer doesn’t love GitHub? This amazing—and free—platform is a fantastic way to share code files, connect with fellow developers and collaborate on projects seamlessly. It’s no wonder that the platform has over 32 million monthly users. But, unfortunately, many people aren’t using the platform securely. Just recently, security researchers scanned GitHub for sensitive […]
What is the cost of PII on the dark web in 2022?
How much money do you think a cybercriminal needs to steal your identity on the dark web? $1000? $2000? Maybe less; $800? Actually, the figure is much, much lower. According to recent research, cybercriminals can start purchasing personally identifiable information (PII) for as little as $15. That would buy you a hacked credit card with […]
How NLP can supercharge HIPAA compliance
The Health Insurance Portability and Accountability Act (HIPAA) consists of several rules that HIPAA-covered entities must follow to protect the confidentiality, integrity and availability of protected patient health information (PHI). One such rule, which we will focus on today, is the mandate to “enhance safeguards as needed to limit unnecessary or inappropriate access to and […]
How did Dropbox data breach of 100 GitHub repositories occur?
It looks like Dropbox has dropped the ball. In a blog post published on November 1st, the company revealed that it had suffered a data breach after a successful phishing lure fooled numerous employees. Read on to discover how this breach happened, and the critical learnings to apply to your organization. What’s Dropbox? For those […]
What is shared cybersecurity defense?
Hands up if your organization uses cloud applications like Microsoft 365, Google Workspace, Slack or AWS? If you do, you’re in the majority. It’s estimated that 90% of companies use the cloud. It’s a huge part of the future of work. But the cloud is complex—especially when it comes to security. This is because it […]