Prime Factors Blog

Pete Flagella

Find me on:

Recent Posts

Data Security Architecture: Is Your Data Really Protected?

Posted by Pete Flagella on Apr 12, 2018 10:00:00 AM

The Problem 

Are you faced with gaps in your current data security architecture? If you could fill those gaps with a cost-effective, platform-independent encryption solution with key management and tokenization to protect your business data today, would you? Could you afford not to?

Read More

Topics: Tokenization, Crypto Key Management, encryption, data breach, encryption keys, healthcare security, EncryptRIGHT, key management

At Risk: The Human Factors in Data Security

Posted by Pete Flagella on Jan 4, 2018 10:01:00 AM

The Problem

The successful cyberattacks of 2017 demonstrated the following: cyber criminals are getting more sophisticated, the profile of those attacked is widespread and indiscriminate, ranging from the enterprise, to small and medium businesses, as well as individuals. With the emerging Internet of Things (IoT) used to access business and personal data, transactions, and Cloud-based services, the one common variable is ‘wetware’, the device between the keyboard/touchscreen and the seat – the Human Factor.

Read More

Topics: Tokenization, encryption, PCI Data Encryption, PCI Data Security Standards, PCI Compliance, PCI DSS, EncryptRIGHT, key management

Operating Inside the Healthcare Industry. Is Your Data at Risk?

Posted by Pete Flagella on Dec 20, 2017 10:00:00 AM

The Problem

When a cyberattack occurs inside the healthcare Industry, personal, medical, and even financial information are often stolen, making for a highly desired data set that can be used for identity theft, medical fraud, financial misdemeanors, tax fraud and insurance fraud. In many instances the data is auctioned off to the highest bidder resulting in even greater damage than typical financial data breaches and theft.

Healthcare IT systems are often more prone to breaches than any other industry IT systems due primarily to the underinvestment in maintaining up-to-date operating systems and devices. In spite of regulations like HIPPA, HITECH ACT, ARRA, ACA and the HIPAA OMNIBUS RULE, the healthcare industry continues to struggle with the balance between regulations, patient confidentiality, and adapting to new technologies. This resistance to change is especially challenging because there are constant changes to service provider networks, insurance companies, and medical device technologies. The use of mobile access, which now allows these technologies to work together, adds an additional layer of complexity to protecting sensitive data. Combined, all of these frequent changes within the technological landscape effect everyone and every aspect of doing business within the healthcare industry.

Read More

Topics: encryption, PCI Data Encryption, PCI Data Security Standards, PCI Compliance, health information security, PCI DSS, hippa, healthcare security

The Average Cost of a Failed Data Security Audit

Posted by Pete Flagella on Nov 16, 2017 12:38:41 PM

If your organization is big enough to mandate a data security audit, it’s big enough to be a target for a variety of cybercriminals, hackers, identity thieves, or any other bad guys lurking around the Internet. Making sure your organization can pass a data security audit isn’t just a good idea—it’s a great way to prevent and deflect cyberattacks, saving you a great deal of time and money in averted data and public relations damage control.

Surprisingly, many organizations fail data security audits.  This can occur when the organization does not have adequate notice or is not properly prepared for an examination. On the flip side, just because an organization passes a data security audit does not necessarily mean they are completely prepared for attacks either. One thing is for sure, failing an audit is a sure sign there is a weak link inside the organization’s cybersecurity and encryption strategy.

Read More

Topics: encryption, PCI Data Encryption, PCI Data Security Standards, PCI Compliance, PCI DSS

The Human Element of Effective Cybersecurity

Posted by Pete Flagella on Nov 2, 2017 12:27:53 PM

With 90% of employees violating data breach prevention policies, how do you get the attention of your employees to avoid the same mistakes?  

The biggest threat to your firm’s data security might not be hackers in Russia or China; it could be much closer than you think.  It could be your own employees. Your employees are the ones who constantly use, work with, transfer, and create sensitive organizational data on a daily basis, so it makes sense that they’re the ones who are most likely to accidentally (or intentionally) expose important information.

Read More

Topics: encryption, PCI Data Encryption, PCI Data Security Standards

Turnover in the IT Department Have You Feeling Lost in Transition?

Posted by Pete Flagella on Oct 18, 2017 4:13:13 PM

Are you ready to face the impact of losing a key resource in the IT department?

Companies work extremely hard to recruit and retain top-notch employees with valuable skills and knowledge. While there are respective costs and metrics used to quantify the monetary value of loss, what about the measurement of value in knowledge? While there are a number of reasons that losing a key IT resource can be harmful to your company, security may be at the top of the list. The security and encryption tools that you use in your organization can be greatly affected if the knowledge surrounding how these solutions are implemented walks out the door.

Read More

Topics: encryption, PCI Data Encryption, PCI Data Security Standards

The Perfect Cocktail for an Effective Encryption Strategy

Posted by Pete Flagella on Oct 5, 2017 3:17:42 PM

Have you felt “shaken and stirred” with all the recent cyberattacks lately? Equifax, state election systems and the SEC have all been hit in the last few months and there’s more to come. The question is whether the key ingredients of communication, smart key management, and intelligent access control are all mixed to achieve the ‘perfect cocktail’ to an effective encryption strategy. 

Whether using an ATM, sending an email, shopping online or managing a multi-level enterprise, encryption and cryptography are a part of our everyday lives. If organizations are not implementing an effective encryption strategy their most sensitive data and infrastructure are vulnerable to fraud, identity theft, corporate espionage, and a variety of other digital threats.

Read More

Topics: encryption, PCI Data Encryption, PCI Data Security Standards

Data Security Breach Responsibility Shifting to C-Suite, Costly Blind Spots Affect Company’s Financial Landscape

Posted by Pete Flagella on Sep 27, 2017 12:45:49 PM

Data breaches through all industry verticals are on the rise and the responsibility for those breaches has shifted to the C-Suite. According to 2017 data breach reports by Forrester and Verizon, “45% of IT Practitioners don’t believe that brand protection is taken seriously in the C-Suite and 42% of CMO’s don’t believe that brand protection is taken seriously in the C-suite.”  This kind of “in the dark” thinking creates blind spots with costly consequences resulting in decreased bottom line, shareholder value, and damage to the brand.  Additionally, the reports state, “31% of consumers discontinue relationship after a breach.”   The C-Suite miscalculation of risk must be taken seriously and can no longer be viewed only as an IT issue, but rather must be treated as a shared responsibility.

Read More

Topics: encryption, PCI Data Encryption, PCI Data Security Standards, data breach, equifax

If This Isn’t Enough to Make Your Heart Stop...

Posted by Pete Flagella on Sep 18, 2017 10:00:00 AM

We have all heard by now that cybersecurity threats through all industry verticals are on the rise. Verticals such as banking and credit services have been sectors ripe for cyber-attacks and data breaches where personal information is targeted. But personal information required for health care services has become a key source for data hackers who are getting smarter -- targeting hospitals for the patient data they require to deliver care and services…it’s enough to make your heart stop. The recent article in Health, Inc. “Hospitals Face Growing Cybersecurity Threats” reminds us how important it is to protect not only the technology that keeps a patient alive and breathing, but also their personal and private health data.

Read More

Topics: encryption, PCI Data Encryption, PCI Data Security Standards, encryption keys, PGP, PGP Encryption, PII, health information security

Bang for the Buck: Why Encryption Provides Effective (and Cost-Effective) Data Security

Posted by Pete Flagella on May 11, 2017 10:00:00 AM

Unfortunately, keeping data secure is no longer as simple as placing items in a locked file cabinet. With the adoption of cloud computing, companies now have data that is located across a myriad of different providers and platforms, and ensuring this data is safe can be a challenge. While it may be difficult to institute a perfect security system, encryption offers companies perhaps the most powerful and cost-effective way to protect data – both at rest and while in transit. 

In this blog, we’re going to discuss why it should be a requirement for any company doing business in today’s environment.

To learn how encryption can lower the cost of regulatory compliance while enhancing security, download our white paper Reducing the Cost of Regulatory Compliance with Encryption 

Read More

Topics: encryption, PCI Data Encryption, PCI Data Security Standards, encryption keys