Is your sensitive data at risk? Request a free scan to learn more.

Polymer

Download free DLP for AI whitepaper

  • Reset
offshore dev teams

Offshore development teams: data breach & security risks abound!

Large number of businesses leverage offshore technology teams. However, very few of those companies have data governance on customer data nor understanding of the cyber-security risks involving some amazing and cheap talent. Chances of breaching GDPR, CCPA and other global privacy regulations is high when working with offshore development teams.  Risks of working with remote and […]

read
Data Compliance

Compliance challenges in client facing chats on Zoom/Slack/Zendesk et al

Client facing Slack and Zoom channels are especially useful for the direct and safe communication and support environment. For this reason, these client-facing chat rooms can also act as sources of sensitive data leaks, commercial chatter that could affect stock price or highly confidential data that stays is memorialized in ‘history’. Efficiency and organization at […]

read
Slack data security

Third-Party Apps on Slack: Lurking Data Security Threat

Many Slack users are unaware of the permissions that may become enabled when third-party applications are linked with one’s Slack account. According to the Slack Help Center, “an app’s permission scopes depend on the kinds of things it’s supposed to do.”  Typically, such permissions may encompass the ability to view information, post information, and carry out […]

read
employee training

SOC2, ISO or HIPAA Compliance: False Sense of Security

In the US alone, the overall cost of healthcare breaches in 2019 was US$ 11.8 billion (£9.2 billion) – more than double the 2018 figure, & healthcare breach discovery time is the longest for any industry. Technology and process audits such as SOC2, ISO and HIPAA compliance certificate often creates a false sense of security […]

read
HIPAA Security Compliance

Is Slack HIPAA compliant?

Slack, a proprietary business communication platform that provides long-lasting chat rooms — ranging from channels to direct messages — offers users the capability to comply with HIPAA regulations for messaging and file collaboration via the platform’s paid Enterprise Grid plan.  “The Health Insurance Portability and Accountability Act of 1996 (HIPAA) is a U.S. federal law […]

read
Cybersecurity training

Data leak risks using Slack as a remote team

Work-from-home security risks within collaborative and productivity apps such as Slack is being under appreciated. Security failures on platforms like Slack may not manifest directly as ‘platform breaches’ but indirectly through leaks of files downloaded and data shared that is then saved locally. Data breaches, malware infestations, brand or credibility damage have occurred when vulnerable […]

read
Data Breach Procedures

Security & privacy in the decentralized tech stack (especially in the post-Covid world)

Enterprise privacy practices and security posture in general have not kept up with the increasingly decentralized tech stack.  The remote workforce phenomenon recently, and cloud adoption in general, is accelerating adoption of tools and services that should trigger a ‘rethink’ by enterprises to look deep into data breach risks from within. Background As an organization […]

read
Data Breach

Data breaches: the new normal?

Equifax. Target. Marriot. Delta Airlines. Recognizable names of course, but as of late, perhaps for the wrong reasons. Every day, malicious actors take the web in search of valuable personal information, made available through the misguided handling of customer data by companies across the globe. When they come for your company, don’t be surprised–almost 30% […]

read

Collaborative software, micro-services & their impact on data privacy

The proliferation of cloud apps has created high-network user groups. The ease of integrating with Rest APIs has the added benefit of sharing data and files between Slack, Google Sheets and other SaaS products. However, sensitive data in multiple places within open chat channels creates a compliance headache of managing data-leak and regulatory risk. Collaboration […]

read

The power of nudge in data privacy & security

Nudge refers to “Influencing people’s behavior in a predictable way without forbidding any options or significantly changing their incentives.”–Richard Thaler & Cass Sunstein (“Nudge: Improving Decisions About Health, Wealth and Happiness”) In this blog we will explore the behavioral science’s concept of ‘nudge’ in improving the security and data privacy posture of organizations. There are […]

read

Get Polymer blog posts delivered to your inbox.