Articles, Data Loss Prevention, Data Protection, DLP, Information Protection, Microsoft purview, Purview Information Protection
Is Microsoft Purview going too far, or not far enough?
Read More: Is Microsoft Purview going too far, or not far enough?Is Microsoft Purview going too far, or not far enough? Many things happen on a day to day basis within an organisation. Employees look for new roles, they reply to emails that could be less than 100% above board, but does this mean that Employers should be using policy to detect things like: Leavers, Corporate Sabotage, Gifts and Entertainment.
Data is difficult!
Read More: Data is difficult!Know your Data? (link below)….. Data is difficult, Categorising and securing Data is difficult, I personally rate this as a 4 or 5 out of 5 stars in my Cyber Security complexity Framework. Meaning that it is my opinion that this is not the place that most organisations looking to reduce their Cyber Risk should…
Articles, Advanced Managed Detect Response, AMDR, Data Loss Prevention, Data Protection, DLP, Endpoint Detection Response, Extended Detection Response, MDR, MSP, XDRData Incontinence – when leaks sneak out
CSF framework: 1. Identify; 2. Protect. Cyber Maturity Level:⭐️⭐️
Read More: Data Incontinence – when leaks sneak outTo prevent data being used against you in the future either through competitive, intellectual or malicious usage or publication? What should you do?
CSF framework: 1. Identify; 2. Protect. Cyber Maturity Level:⭐️⭐️
Anonymous?
Read More: Anonymous?Anonymising data is not anonymous data, nowadays many data providers are claiming that our data will be used anonymously by removing uniquely identifiable markers from the details they collect from us. Unfortunately to de-anonymise data all that is needed is pointers that make you unique, take for example your GPS data which shows you travel…
Data Leakage Protection, preventing loss of data
CSF framework: 1. Identify; 2. Protect; 3. Detect; Cyber Maturity Level:⭐️⭐️⭐️⭐️
Read More: Data Leakage Protection, preventing loss of dataWho owns the Data? does the business expect SecOps or IT to manage? (Hint: very often “yes”) Where is the budget for managing the DLP solution coming from after implementation? Is the business going to accept the inconvenience of DLP rules “upsetting” their daily workflows” Will the business get sufficient value from the ongoing investment What Data needs “Loss Prevention”, is there a better way to do DLP, because maybe the business only needs to protect accidental emails etc (Hint: often yes)
CSF framework: 1. Identify; 2. Protect; 3. Detect; Cyber Maturity Level:⭐️⭐️⭐️⭐️
Data Protection as an afterthought
Read More: Data Protection as an afterthought8 Terabytes lost….. 14 Terabytes of data recovered from a data migration gone wrong….. that was called a deletion of data not a migration when I worked as a Sys admin or a “Career limiting move”. Considering that the parts of a data migration plan I would outline involve: 1. Assess what data needs to…
Teach your employees information security
Read More: Teach your employees information securityWhen it comes to securing an organisations digital assets there are several approaches to minimising the risk as there is no solving a moving target. One that is not given the priority is the most obvious and the largest source of risk to a business: people, that is you and me, we are idiots and…
