Prime Factors Blog

At Risk: The Human Factors in Data Security

Posted by Pete Flagella on Jan 4, 2018 10:01:00 AM

The Problem

The successful cyberattacks of 2017 demonstrated the following: cyber criminals are getting more sophisticated, the profile of those attacked is widespread and indiscriminate, ranging from the enterprise, to small and medium businesses, as well as individuals. With the emerging Internet of Things (IoT) used to access business and personal data, transactions, and Cloud-based services, the one common variable is ‘wetware’, the device between the keyboard/touchscreen and the seat – the Human Factor.

Read More

Topics: Tokenization, encryption, PCI Data Encryption, PCI Data Security Standards, PCI Compliance, PCI DSS, EncryptRIGHT, key management

Operating Inside the Healthcare Industry. Is Your Data at Risk?

Posted by Pete Flagella on Dec 20, 2017 10:00:00 AM

The Problem

When a cyberattack occurs inside the healthcare Industry, personal, medical, and even financial information are often stolen, making for a highly desired data set that can be used for identity theft, medical fraud, financial misdemeanors, tax fraud and insurance fraud. In many instances the data is auctioned off to the highest bidder resulting in even greater damage than typical financial data breaches and theft.

Healthcare IT systems are often more prone to breaches than any other industry IT systems due primarily to the underinvestment in maintaining up-to-date operating systems and devices. In spite of regulations like HIPPA, HITECH ACT, ARRA, ACA and the HIPAA OMNIBUS RULE, the healthcare industry continues to struggle with the balance between regulations, patient confidentiality, and adapting to new technologies. This resistance to change is especially challenging because there are constant changes to service provider networks, insurance companies, and medical device technologies. The use of mobile access, which now allows these technologies to work together, adds an additional layer of complexity to protecting sensitive data. Combined, all of these frequent changes within the technological landscape effect everyone and every aspect of doing business within the healthcare industry.

Read More

Topics: encryption, PCI Data Encryption, PCI Data Security Standards, PCI Compliance, health information security, PCI DSS, hippa, healthcare security

The Average Cost of a Failed Data Security Audit

Posted by Pete Flagella on Nov 16, 2017 12:38:41 PM

If your organization is big enough to mandate a data security audit, it’s big enough to be a target for a variety of cybercriminals, hackers, identity thieves, or any other bad guys lurking around the Internet. Making sure your organization can pass a data security audit isn’t just a good idea—it’s a great way to prevent and deflect cyberattacks, saving you a great deal of time and money in averted data and public relations damage control.

Surprisingly, many organizations fail data security audits.  This can occur when the organization does not have adequate notice or is not properly prepared for an examination. On the flip side, just because an organization passes a data security audit does not necessarily mean they are completely prepared for attacks either. One thing is for sure, failing an audit is a sure sign there is a weak link inside the organization’s cybersecurity and encryption strategy.

Read More

Topics: encryption, PCI Data Encryption, PCI Data Security Standards, PCI Compliance, PCI DSS