Urgences 24 sur 7 – (888) 287-5858   Connexion au Portail TitanSupport    Contactez-nous      Blogue

IT security specialists deal with threats everyday, this is part of their daily work in an ever-growing business. But with the recent, unprecedented move to employees working from home, are security teams focusing enough on the potential issues that employees can create while working remotely during this heath crisis? Specifically, are privacy issues being sufficiently reviewed before new technology is implemented?

 
Whether it’s HR, sales, finance, marketing, etc., employees in all departments expect to be able to continue their professional activities from the comfort of their own homes. As employees shift to working from home, organizational leadership expects IT teams to understand how any one of a number of privacy regulations apply when the workforce is no longer protected behind the proverbial corporate firewall. While remote/mobile workers are not new, the sheer scale caused by the COVID-19 pandemic is forcing IT teams to test the limits of many internal policies.

 
In healthcare, for example, where HIPAA and HITECH have long enforced protection of patient information, employees that previously would never have been allowed to work from home, are now safely ensconced in their home office with potential access to vital patient data. The Personal Information Protection and Electronics Documents Act (PIPEDA) in Canada regulates how Canadian organizations collect, use and disclose an individual’s personal information. The Payment Card Industry Data Security Standard (PCI DSS) regulates merchant or a service provider storing, transmitting, or processing cardholder data (especially with cash payment declining) in order to ensure card data remains safe. But now, with employees moving in droves to work from home, the scope of data for any of these compliance frameworks has been dramatically expanded and the methods of sharing this data are being stretched to their limits.

 
All organizations, whether beholden to a regulatory framework or not, should be very concerned about accidental personal and sensitive data disclosure through the usage of sharing tools. Recently, a very popular video conferencing solution has made the headlines for all the wrong reasons. Between a privacy policy that states customer data is not very “private” or a known issue where video conferences could be easily hacked, this company is finding that being the darling of the tech world comes with a price. Consider both scenarios where employees now have the potential to share information, such as the COVID-19 health status of employees, through such tools. Insecure tools can result in personal data leaking into the unknown realms of the internet, never to be recovered again. Some of these products will take it all, words spoken, transcripts generated, videos, documents shared on screen, names of participants, your face and the background attendees are sitting in front of. The terms of use allow these sharing tools to gather and re-use information collected at the time of usage and thereafter. Regulatory frameworks very likely consider this information sharing unacceptable.

 
Information sharing is vital, especially with the workforce now spread across the globe. Everyone using any “sharing” tools, which includes social media, should consider whether business-sensitive or personal information is required for the conversation at hand. Security teams must also perform a thorough review of all sharing tools, including the review of data privacy policies as well as known application vulnerabilities, before deciding whether to implement the tool. In times like these, you can’t be too careful with personal information.

Détection et réponse gérées et étendues GoSecure TitanMC (MXDR)

Détection et réponse gérées et étendues GoSecure TitanMC (MXDR) Fondation

Gestion des vulnérabilités en tant que service GoSecure TitanMC (VMaaS)

Surveillance des événements liés aux informations de sécurité gérée GoSecure TitanMC (SIEM gérée)

Défense du périmètre gérée GoSecure TitanMC (pare-feu)

Détection et réponse des boîtes de messagerie GoSecure TitanMC (IDR)

Passerelle de messagerie sécurisée GoSecure TitanMC (SEG)

Modélisateur de menaces GoSecure TitanMC

Identity GoSecure TitanMC

Plateforme GoSecure TitanMC

Services de sécurité professionnels de GoSecure

Services de réponse aux incidents

Évaluation de la maturité de la sécurité

Services de confidentialité

Services PCI DSS

Services de piratage éthique

Opérations de sécurité

MicrosoftLogo

GoSecure MXDR pour Microsoft

Visibilité et réponse complètes au sein de votre environnement de sécurité Microsoft

CAS D'UTILISATION

Cyberrisques

Mesures de sécurité basées sur les risques

Sociétés de financement par capitaux propres

Prendre des décisions éclairées

Sécurité des données sensibles

Protéger les informations sensibles

Conformité en matière de cybersécurité

Respecter les obligations réglementaires

Cyberassurance

Une stratégie précieuse de gestion des risques

Rançongiciels

Combattre les rançongiciels grâce à une sécurité innovante

Attaques de type « zero-day »

Arrêter les exploits de type « zero-day » grâce à une protection avancée

Consolider, évoluer et prospérer

Prenez de l'avance et gagnez la course avec la Plateforme GoSecure TitanMC.

24/7 MXDR

Détection et réponse sur les terminaux GoSecure TitanMC (EDR)

Antivirus de nouvelle génération GoSecure TitanMC (NGAV)

Surveillance des événements liés aux informations de sécurité GoSecure TitanMC (SIEM)

Détection et réponse des boîtes de messagerie GoSecure TitanMC (IDR)

Intelligence GoSecure TitanMC

Notre SOC

Défense proactive, 24h/24, 7j/7

À PROPOS DE GOSECURE

GoSecure est un leader et un innovateur reconnu en matière de cybersécurité, pionnier de l'intégration de la détection des menaces au niveau des terminaux, du réseau et des courriels en un seul service de détection et réponse gérées et étendues (MXDR). Depuis plus de 20 ans, GoSecure aide ses clients à mieux comprendre leurs failles en matière de sécurité et à améliorer leurs risques organisationnels ainsi que leur maturité en matière de sécurité grâce aux solutions MXDR et aux services professionnels fournis par l'une des équipes les plus fiables et les plus compétentes de l'industrie.

CALENDRIER D’ÉVÉNEMENTS

DERNIER COMMUNIQUÉ DE PRESSE

BLOGUE GOSECURE

AVIS DE SÉCURITÉ

Urgences 24 sur 7 – (888) 287-5858