GDPR, data breaches, a surprise California data privacy law, social engineering, and more: 2018 was a year of growing awareness of cloud data security threats, privacy considerations, and the proliferation of data across cloud applications like Salesforce. So what were readers most interested in this past year? Here, we present the top 10 most popular cloud security blog posts, webinars, and reports from 2018 on the FairWarning blog.
The first significant data privacy law passed in the U.S., the California Consumer Privacy Act of 2018 (AB 375) was signed into law on June 28, 2018, by California Gov. Jerry Brown. This post serves as a one-stop-shop for understanding the impact of the Act (CaCPA) on businesses, how it differs or relates to GDPR, timelines and action steps for compliance, and more.
For many years, organizations struggled to conduct forensic investigations on Salesforce users. The lack of continuous user monitoring and alerts made data security around the mission-critical platform tenuous. In 2015, however, Salesforce released Shield, a suite of platform tools that includes Event Monitoring, with access to audit logs of more than 40 Salesforce events (e.g., exports, login activity). But is Shield enough for a proactive user activity monitoring program? This post breaks down the five lessons learned from user activity monitoring in Salesforce. You’ll also learn what to keep in mind when creating a comprehensive data protection program for Salesforce and other mission-critical cloud applications.
Social engineering — a form of human emotional-manipulation — has emerged as one of the top threats to data security. According to Microsoft, in fact, 12 people fall victim to cyber-crime every second. But while email solicitation remains the most common type of social engineering, some attackers are using more sophisticated tactics. This article reveals the top five most common social engineering tactics to help you mitigate and remediate any threats.
Salesforce Security: Evaluating Options for Governance and Security Monitoring for Your Salesforce Instance [WEBINAR]
As the focal point of many organizations’ mission-critical applications, Salesforce has become the primary database for storing sensitive information. This might include prospect and customer information, financial data, or your company’s own proprietary knowledge — all of which can be accessed around the clock by different devices. With vast amounts of sensitive data at risk, many Salesforce customers are pursuing additional security and governance controls to protect their data. This webinar lays out the business challenges most Salesforce customers face today and explains how proactive financial services, banking, and insurance organizations — as well as those in other industries — are resolving those concerns.
The proliferation of data across cloud applications brings a lot more user activity surrounding this data. As more organizations begin to monitor this activity using audit logs (like those available through Salesforce Shield Event Monitoring), the question becomes: “Where do I start?” Next, organizations often ask themselves, “How can I translate cloud visibility into insights around cloud application security, usage/adoption, performance, and compliance?” The 2018 Cloud Visibility Report reveals, for the first time, the priorities of real organizations when it comes to increasing Salesforce visibility and monitoring cloud-based applications.
Privileged users in Salesforce may be people at a keyboard, or they may be applications and interfaces interacting with your instance. Either way, they have higher levels of permission than the standard user. This can represent a considerable vulnerability — after all, 80 percent of security breaches involve privileged user credentials, according to Forrester. But how do you know who they are — or keep track of what they’re doing within Salesforce? In this webinar, Mark Bowling, Consulting ISO of United Capital Financial Partners, and LaDon Williams, Information Security Analyst at FairWarning, show how they’ve approached the challenge of privileged user abuse in Salesforce at their respective organizations, and best practices for managing Salesforce user access as part of a broader data governance strategy.
IBM Released Its 2018 Data Breach Study and Financial Services, and Healthcare Organizations are Taking Note to Prevent Data Breaches
IBM and Ponemon’s latest Cost of a Data Breach Report pinpoints the average total cost of a data breach at $3.86 million — a 6.4 percent increase over last year’s estimate. So what does this mean for financial services firms and other organizations facing data security, governance, and compliance issues in 2019 and beyond?
Cloud applications like Salesforce allow organizations to remain nimble, deliver exceptional customer service, and drive bottom-line growth. They also create a new set of opportunities for businesses to transform their approach to data security and privacy, demonstrate the ROI of mission-critical systems, and encourage usage and adoption organization-wide. On this interactive FairWarning Executive Series Webinar, the audience had the opportunity to ask top technology and security leaders what they’re doing to make the most of their cloud applications, secure their companies’ data, and build a culture of trust and empowerment in their workforces.
Corporate legal discovery can be quite complicated, due to the sheer amount of unstructured data held across applications. While lawyers are at the front line of attack, it’s crucial for business owners and leaders to be positioned to translate the importance of particular data held in mission-critical cloud applications. This blog post covers the Salesforce data that can be useful in forensic investigations, along with seven common legal situations and the best way to find data to tackle them.
Enacted May 25, 2018, the EU General Data Protection Regulation (GDPR) changed the way organizations collect, store, and transmit personal data of EU citizens, making 2018 a watershed year in the global battle over the future of our privacy. GDPR requires organizations all over the world to take specific privacy and security measures to ensure the privacy of EU citizen data and fulfill on specific rights granted to data subjects under GDPR. This popular post outlines the purpose and scope of GDPR, key takeaways from the regulation, how to prepare for compliance, and critical questions to ask yourself while aligning your business.