This summer, Governor Ricardo Rossello was forced to resign after a massive information leak from a messaging application he had been using exposed various levels of corruption and other embarrassing details. Earlier this year, Jeff Bezos certainly experienced a similar (though not as damning) information leak when his WhatsApp messages with now-girlfriend, then-mistress Lauren Sanchez revealed he was having an affair. Let’s not even talk about Anthony Weiner… And yet, we continue to see information leaks stemming from messaging applications over and over again.
Using online communication tools at the office has become second nature—it just makes life easier and business more efficient. Need to drop a quick note to a co-worker with a project update? Send it on Slack. Need to discuss a deal with a potential client halfway across the country? Set up a meeting on Zoom. But as we look a little closer we become quickly aware of the potential risks of sharing business information online . We’re now at a turning point where consumers and businesses alike are realizing that they don’t want to sacrifice the security of their sensitive information for the sake of convenience. But the question is: Do they have to?
With severe weather becoming the norm across the world, businesses in the United States are faced with the challenge of ensuring that your business can continue to operate if a disaster strikes. In 2018 alone, 11 weather and climate-related disasters struck within our boarders – so it’s not a surprise that severe and extreme weather events are a leading concern for businesses when It comes to emergency communications, response and business continuity.
They’re a basic foundation of security, yet somehow constantly dismissed.
Passwords are one of the most important components of a strong cybersecurity strategy—but employees overwhelmingly have bad password habits – despite all attempts to ensure best practices across the organization. People pick simple, easy-to-guess phrases like “password” or “12345” or regularly reuse the same password for multiple logins.
For the third year in a row, Vaporstream is a winner of the Cyber Defense Magazine Infosec Awards—this time winning Best Product in Messaging Security. Cyber Defense Magazine (CDM) is a leading electronic information security magazine. Of the 3,000 companies considered for this prestigious award, less than 200 were ultimately selected by CDM as winners for the 2019 InfoSec Award.
Over 90% of all cyberattacks begin with email phishing. It’s a startling statistic, but it’s not a surprise: businesses send over 281 billion emails every day. Phishing attacks, which typically ask targets for sensitive information or to download malware, work because they prey on human nature—victims respond out of curiosity, a sense of urgency, even fear.
Shortly after Amazon CEO Jeff Bezos and his wife Mackenzie announced that they were divorcing, the National Enquirer published text messages that Bezos had reportedly sent to Lauren Sanchez, who he is currently in a relationship with. Bezos, like everybody else, is entitled to his privacy. These text messaging leaks, however, remind us that security is a must in order to protect personal information—whether business related, financial or private conversations with friends and family.
In an era where data breaches or leaks seem inevitable, business disruptions too frequent and the press all too prone to run away with a salacious story, what can the board of directors do to protect sensitive corporate data? It is all too easy for information to be inadvertently exposed—whether as a result of hacking, a slip of the finger that results in an email being sent to the wrong person, or a disgruntled employee who decides to share confidential information via a text.
In this modern day and age, mobile business messaging—specifically, secure mobile business messaging—is a must-have for the transportation and logistics industry. Today, electronic data is a critical part of supply chains, making secure communications a necessity for both efficiency and security.
End-to-end encryption is often touted as the end-all be-all. When it comes to text message security, encryption is definitely important. End-to-end encryption essentially ensures that while a message is in transit—that is to say, from the time send it hit until it reaches the intended receiver’s device—it cannot be read by an outsider.
In 2018 technology touches nearly every aspect of our life. But no innovation seems to come without some form of drawback or compromise. While technology has undoubtedly improved most of our lives, it has also brought new risks that we all find a way to balance – or in some cases choose to ignore. The number of cybersecurity breaches in 2018 speak to this risk.
Hurricanes, power-outages, man-made disasters—every organization has to prepare for these but when it comes to emergencies, universities face unique challenges because of the very nature of their structure and communities. Unlike the average office, universities are not enclosed spaces, and many different people—from students, to faculty, to staff, to visitors—are moving in and out of campus on any given day or time. This can make securing the campus and creating a comprehensive university incident response plan difficult.
In emergency situations, speed is key for first responders. Law enforcement agencies need to have the tools in place to be able to communicate and coordinate quickly. Using old and clunky tools—like desktops and laptops—are simply not sufficient for teams to make decisions quickly and securely. And, the traditional radio system can present interoperability problems.
For more than a decade, the energy and utilities industry has been investing in smarter energy infrastructure in order to enhance energy grid resiliency, reliability and efficiency. Grid modernization has become essential to integrating an increasing number of renewable energy sources and technologies – or distributed energy sources (DERs) – including electric vehicles, energy storage, private solar and smart appliances.
As we come to the end of cyber security month – we must admit to ourselves that to err is human. You can employ the latest technology at your company to bolster defenses but you cannot always keep employees from making stupid and unintentional mistakes. This lone fact is why cybersecurity training, and repetitive training, is so important.
Natural disasters, mass shootings, and cyber-crimes are on the rise, and it isn’t just sensationalism. According to NOAA, (National Oceanic and Atmospheric Administration), there are 10 – 15 disasters per year with costs in the billions, up from 1 or 2 in the 1980s. Not only that, but according to the LA Times, mass shootings are becoming more frequent, and deadlier. Add that into the pot with the numerous cyber-crimes against big and small businesses alike, and it’s time to create a plan.
You might have heard about the ransomware attack against Atlanta this year. A ransomware attack had significant impact on the city, forcing police officers to file reports by hand and city workers to report via time sheets. Atlanta is currently facing more than $20 million in costs due to the attack.
When it comes to dental health, there is a lot that dental service organizations (DSO) have to do to properly engage their patients; whether to remind them of a six-month check-up or to simply help patients keep on top of their dental care. Everyone who has visited the dentist is familiar with the postcards, phone calls and emails reminding them to schedule (and attend!) their appointments.
HIPAA may be twenty-two years old but the HIPAA Security Rule—which assures the security of confidential electronic patient information—hit its twenty-year mark just this year. HIPAA was signed into law in 1996 to protect Americans from losing health insurance coverage when changing jobs or dealing with a lay off and to protect the privacy and security of individual health information. Rules that govern HIPAA’s implementation requirements include the Privacy Rule and the Security Rule, which followed the initial rule 2 years later, issued in 1998.
If you’re in healthcare, you are familiar with MACRA, the Medicare Access and CHIP Reauthorization act of 2015—bipartisan legislation that requires the US Centers for Medicaid and Medicare (CMS) to implement an incentive program. Merit-based Incentive Payment System (MIPS) evaluates clinicians in four areas—Quality, Improvement Activities, Promoting Interoperability, and Cost.
The California wildfires have been especially devastating this year, with fires reaching unprecedented sizes. Hundreds of thousands of acres have been burned and it may take until September to contain the fiercer fires. When it comes to emergencies like wildfires, strong incident response is important for protecting those affected.
Since prenatal care shifts into postnatal care and pediatrics, patients are likely to continue seeing the same healthcare provider (or providers) for years to come – so the need to improve doctor-patient communication is paramount in order to ensure quality of care and patient retention.
The high-profile Golden State Killer case is causing experts to debate the privacy implications of using genealogical data from open-source sites, like GEDmatch.com, in criminal investigations. There are no laws prohibiting detectives from using the data, but law enforcement experts are concerned about potential abuses of this investigative method. Others have argued the tactic represents an invasion of privacy – but does it?
The home infusion therapy market is growing at astounding rates as many long-term, intravenous care patients are now preferring to be treated away from the typical hospital setting. With more patients being treated at home, and at alternate sites, there is an increase in care team members needing to coordinate at-home infusion therapy.
The revelations Tuesday and Wednesday about the extensive use of Wickr inside Uber upended the high-stakes legal showdown with Alphabet’s Waymo unit, which accuses the ride-hailing firm of stealing its self-driving car secrets. The issue of course is not whether using Wickr or apps like it, including Vaporstream, is acceptable. The issue is when, where and how to use the application and what legitimate use indeed looks like.
Do you have an emergency preparedness plan in your household? Many families do—whether because they live in an earthquake or hurricane prone area, or because they want to be prepared for a personal emergency just in case. A smartphone can provide critical support during an emergency but—like your emergency kit and home vehicle—it needs to be prepared. There are several ways you can prepare your smartphone for an emergency.
This past year has been riddled with crisis from wildfires, earthquakes, tornadoes and hurricanes, to global cyber-attacks at a scale unlike what we’ve seen before. The one thing that all of these events have shown us is that accurate and constant communication is critical. Proper notification and continual communication during the event and during response set the tone for how quickly we can recover. Florida and Texas are no strangers to hurricanes.
Encryption. It’s a word we hear frequently in the media. Encrypted applications should have backdoors, insists one popular publication. No, it should not, insists another. But what is it actually and why is it so important? Below, are some thoughts. Simply put, encryption is the translation of data into a secret code.
If you are a healthcare provider or supplier that engages with Medicare and Medicaid programs, it’s urgent that you understand and comply with new Department of Health and Human Services (HHS) healthcare emergency preparedness regulations (“EP Regulations”) to protect your access to Medicare and Medicaid programs. Under the new rules issued by the Center for Medicare and Medicaid Services providers must comply by November 15, 2017. That is this calendar year folks. Are you ready?
In March 2017 the nation’s first cybersecurity regulation became law imposing strict cybersecurity measures on financial institutions operating in New York. The new rules specify everything from naming a Chief Information Security Officer, to risk assessments, event notification, encryption, penetration and vulnerability testing, training and monitoring and audit logs.
The biggest cyberattack in history has been spreading the globe since last Friday. Spanning across 150 countries, the 300,000 victims have included government agencies, hospitals, manufacturers and universities. When ransomware attack affects your organization how can you keep a secure line of communicaiton with your team? Read on to learn why ephemeral messaging should be a part of your incident response plan.
Unlike healthcare providers, family members are not subject to the privacy and security mandates in the Health Insurance Portability and Accountability Act (HIPAA). However, there is a huge market for medical information, drug prescriptions, social security numbers and credit card numbers on the dark web. Cybercriminals are mastering how to invade devices to steal this exact type of information we bandy about in our family beehives during a health crisis.
It seems that every day we have a slew of new sensational cases and revelations that make us stop and think “Is our privacy over? Does anyone even care? What are we to do to protect ourselves?” I say, relax, the situation is bad, but it is not as bad you might think and probably not for the reasons you might think so.
Quick – when was the last time you used your smartphone to investigate a health issue? If you are like most people you are probably a “connected patient” using smart devices to take more ownership of your health. A 2015 Pew Research Center (PEW) report shows 62% of smartphone owners use their phone to look up information about a health condition. And many of us now also use our smartphones to correspond with providers.
Communication and effective collaboration within the healthcare industry is not always as easy as it should be. Care teams – from doctors and nurses to the patients and their caregivers – need the ability to communicate efficiently, effectively, privately and securely to ensure the highest level of service. Unfortunately, this is an ongoing challenge, particularly when it comes to long term and home based healthcare.
There is only one thing certain in today’s world, and that’s uncertainty. It was certainly driven home by the election results, where everyone was certain of the outcome, until they were not. It is disconcerting to live in this environment. From random terrorist attacks to unprecedented economic and geopolitical events, we need to almost block out the news cycle. In order to survive in this environment, it is important to make a list of things that are in your control and those that are not.
It is no secret that we are living in a digitally evolving world. The use of personal mobile devices continues to increase as constant advancements bring more and more convenience to our busy lives. With today’s smart phones you can do almost anything you want with just the tap of your finger. It leaves me wondering – what’s next?
The healthcare industry, by nature, demands a high level of privacy and compliance, but it also demands quick communication between care providers to ensure best-in-class patient care. Therefore, many healthcare providers are turning to mobile devices to enable faster, more efficient communications. “Today, short mobile communication methods like text is getting immediate response and better read rates, facilitating a new way of doing business,” said Galina Datskovsky, CEO of Vaporstream. But what happens to information and images that are texted and left on these personal devices? How do you maintain privacy, security or compliance?
As the workforce becomes increasingly mobile and employees rely on texting for quick, easy communication, organizations across industries have been driven to create policies that guide how the information created by mobile text messaging is managed. These frameworks help to effectively support recordkeeping, answer compliance needs and ensure data availability for eDiscovery. Information governance is one such accepted discipline, ensuring a reasonable level of security for records and information that require protection.
“Whoever Wins the White House, This Year’s Big Loser is Email.” Thus, reads the headline in the NY Times on October 19, 2016. Indeed, in the current election cycle, month after month, the focus has been on hacked and released emails, on disappearing emails, on emails that reappear on various devices – not of the user’s choosing. It certainly seems that the people who sent those emails should have known better than to write what they actually wrote in the first place.
Welcome back from what we hope was a happy and relaxing July 4th. Happy Independence Day! For us, July 4th is a particularly meaningful holiday. It’s an opportunity to spend time with family and friends and to appreciate the freedoms and liberties we have living in the United States of America.
People engage in conversations over phones in public areas without a thought to who can overhear, or about the potential consequences. There is a blind faith that privacy is somehow granted by being surrounded by strangers. That privacy is often valid, however strangers don’t always equal safety.
Today’s mobile lawyers travel constantly, all over the country and world. Many travel to areas known to be less secure and even aggressive when it comes to cyber surveillance. Rightfully so, lawyers and their clients worry about the security of devices and communication methods while traveling abroad, however still require a high standard of responsiveness.
We are seeing much discussion about encryption and encrypted communications in the news in the wake of the Paris attack. The intelligence community did not intercept the communication between the attackers leading up to the attack, and this leads many to believe that encrypted communications must have been used.