Are You Asking the Right Security Questions?

The frequency and magnitude of security breaches continue to rise. Target, LinkedIn, Home Depot, Twitter, Wendy’s, Sony, and the list is growing. Even more worrisome, many breaches go unreported or worse yet, undiscovered. C-level executives are increasingly concerned with protecting their companies from security breaches. LightEdge’s Chief Security and Compliance Officer explores what questions C-Level executives are currently asking in regard to security and what we should be asking. With the spotlight on Information Security, business leaders are asking:

  • Are we protected?
  • What gaps do we have?
  • Are we a target?
  • What should we be protecting?
  • We have a firewall and Antivirus software, isn’t that enough?

A firewall and Antivirus software were once considered a solid security strategy. While these are still good practices, this strategy is like locking your car doors. It keeps us from being an easy target, but will not protect us from the level of sophistication today’s cyber criminals have at their disposal.


Ransomware: 5 Unbeatable Response Tips

Many cybersecurity experts are now talking about “when” an attack happens, not “if” an attack happens. With ransomware attacks growing in frequency, it’s more important than ever to stay on top of current ransomware prevention tactics to keep your organization’s data locked down. One of these tactics involves crafting your response plan to head off attacks quickly should they occur. Here are our five best tips to keep your recovery running smoothly.

Data Classification and Compliance

It’s become more critical than ever to clearly define user roles and separate data by classification types. It gets to be a tricky balance when your legal team doesn’t want to store excess data, but compliance requires it. Download the whitepaper to learn how to adapt to meet evolving audit guidelines, implement a cross-organization process to keep this data current, and serve each department’s unique needs.

Cyberattack Threat and Prevention

If your organization isn’t as secure as it could be, what can you do? The current market for security tools is hard to navigate. Forty-five major vendors offer 85 major security tools from which organizations can choose. Once the tools are purchased, you are left on your own to integrate and layer these tools, which are oftentimes incompatible with each other.

How to Tech Guide: Encryption for Data Security

Widespread connectivity creates many entryways for cybercriminals to hack your network. When data falls into the wrong hands, the consequences can be devastating. Accounting for all of the traveling data across your computers, mobile devices, databases and cloud systems is a serious challenge. Luckily, there are tried-and-true methods to safeguard your assets—and encryption is at the top of that list.

Complete Guide to Compliance as a Service

Modern financial institutions are subject to a wide variety of regulations that will only continue to evolve more rapidly. Even organizations that wouldn’t characterize themselves as financial services companies are impacting this sector and subject to these same guidelines, whether they know it or not. Due to these high-stake environments, finding the right partners to help financial institutions meet compliance requirements is critical to continued success.

Preventing and Mitigating a Data Breach

Cybersecurity crimes and data breaches are on the rise, and it’s estimated that these crimes will cost $6 trillion annually by 2021. Small to medium-sized businesses (SMBs) are more likely to fall victim; oftentimes, SMBs don’t think they are large enough to target and lack the proper technology and processes to protect their network. In fact, 87% of SMBs surveyed by Symantec’s Security Threat Report said they didn’t feel like they were at risk for a breach.

Patient Privacy and Data Security: Utilizing IT Vendors to Meet HIPAA Compliance and Avoid Risks

The Health Insurance Portability and Accountability Act (HIPAA) of 1996, was enacted by Congress to protect sensitive patient data. The act contains a “Privacy Rule” and a “Security Rule,” which protect the privacy of patients and set standards for the security of electronic protected health information (e-PHI). Together, these rules establish national standards for how companies should handle sensitive patient data and ensure data confidentiality, availability, and integrity.

HIPAA Compliant Private Clouds

As more and more healthcare businesses evaluate cloud-based technologies to solve their IT problems, many have come to realize that the promise of inexpensive, flexible, and scalable computing solutions often obscures the traditional boundaries used to secure sensitive information. With evolving cybersecurity threats and a changing legal landscape surrounding the confidentiality, availability, and integrity of sensitive healthcare data, many businesses are left wondering whether the cloud is even a safe option.

How to Deploy a Secure Compliant Cloud for Healthcare

Cloud services offer clear benefits—performance, cost savings, and scalability to name a few—so it’s no wonder healthcare organizations are eager to take advantage of all that the cloud has to offer. Unfortunately, vulnerabilities are often introduced to your network when you adopt new technology. Cloud computing is a prime example, as the implementation process brings security and compliance concerns.

Case Studies

The University of Kansas Hospital was in need of a new Data Center facility. Improving where and how the new systems would operate was vital for the organization in order to avoid ongoing costly outages. The hospital’s current Data Center facility was located on their campus, which did not allow for geographic redundancy from its second, offsite Data Center located just five miles away. In addition to not being geographically redundant, the second facility was out of space.

The building that the Data Center was located in was not a purpose-built facility, which led to several outages that impacted the hospital in various ways. In order for The University of Kansas Hospital to maintain its enterprise-class status, it was time for them to start treating their Information Technology system the same way. Rather than just fixing problems that came up, they were ready to invest in an elite Data Center facility that would support their top-notch practices going forward.

The need for Prelude Dynamics to safely secure sensitive clinical study data at rest and in motion, was of utmost importance to the company and its customers. The ability to demonstrate these capabilities through onsite audits was, and continues to be, necessary for Prelude Dynamics to meet the industry’s evolving data storage requirements. In addition to being able to meet these audit standards and offering premier compliant facilities, Prelude Dynamics was in search of a provider who could also deliver ancillary data center services and provide onsite, in-rack support for their colocation equipment.