Learn how Fortra's Data Classification Suite can facilitate compliance with GDPR, HIPAA, PCI DSS, SOX, and other prominent data privacy regulations.

Learn how your organization can walk the line between fulfilling business needs and maintaining sufficient data privacy with the help of the NIST Privacy Framework.

Why should the financial services sector adopt a data classification strategy? Because more than nine out of ten (95%) of data breaches are financially motivated, according to this year’s Verizon Data Breach Investigations Report . Within the finance and insurance sector specifically, the rates were as high as 97% — no surprise there. However, what may be surprising is that most of these attacks...

The Export Administration Regulations (EAR) are a set of regulations administered by the U.S. Department of Commerce to control the export of certain goods and technologies from the United States for reasons of national security and foreign policy. Here is a breakdown of the essentials your organization should know for proper compliance. The Export Administration Regulations (EAR) Explained In...

An Introduction to FedRAMP In late 2011, the Office of Management and Budget under the Obama Administration released a memorandum that introduced the Federal Risk and Authorization Management Program (FedRAMP), noting that “[in the two years prior], the Administration worked in close collaboration with the National Institute of Standards and Technology (NIST) , the General Services Administration...

What Is ISO 27001? Everything You Need To Know About ISO 27001:2022 ISO 27001, also known as ISO/IEC 27001, is a widely recognized international standard that defines best practices for implementing and managing information security for an Information Security Management System, or ISMS. The risk-based standard was published by a joint technical committee comprised of the International...

Trust is one of the most important aspects of business, especially when it comes to the collection and use of people’s personal data. As consumers advocate for organizations to take more precautions in handling their personal data, legislative bodies are listening, and more data privacy regulations are being passed globally each year. Being proactive in complying with, or better yet, staying ahead...

The GDPR in Europe was one of the first major data privacy regulations to be implemented in recent times, followed closely by the CCPA in the United States. And since its enforcement, GDPR has been seen as the “gold standard” when it comes to data protection regulations. However, it is important to remember that each data privacy regulation has differences in areas such as what and who is...

Hardly a day goes by without a media report about a data breach that involves exposed personally identifiable information (PII). In the same way an organization takes care of its employees, customers, and finances, it also needs to ensure its sensitive data, such as PII, is well protected. Let’s explore what constitutes as PII, the consequences of it being exposed, and what organizations can do to...

Data privacy regulations have really come into play over the last four years. Consumers are becoming more concerned about the disclosure and use of their data and trust is playing a key role. According to a survey conducted by Salesforce , 48% of consumers said they had lost trust in brands during the pandemic due to misuse of personal information. As the world becomes more technology driven and...

It’s no surprise to anyone that the amount of data that exists is rapidly growing. A report by IDC predicts that by 2025, the global datasphere will have grown to 175 zettabyes. To put in perspective how much data this truly is, one zettabyte is equal to one trillion gigabytes – that is an astronomical amount of data. Needless to say, humans are not equipped to manually keep up with ensuring this...

The primary reason most organizations look at classifying the data they create and handle is to control access to sensitive information, driven by the need to manage security risk, and comply with data protection regulations such as GDPR , CCPA , ITAR , and more. All organizations have to comply with the rules of their industry bodies, as well as the nation states they operate in. Achieving...

The data protection landscape and its associated compliance environment changed fundamentally with the implementation of the European-wide GDPR in May 2018, with many other privacy regulations following suit around the globe. It is no longer about what organizations think they need to be doing in order to control their data, but that they are being told what they need to do by regulators such as...

In today’s global economy, businesses must be compliant with standards established by various countries so they can service customers around the world. One such regulation you can’t afford to ignore is the GDPR (General Data Protection Regulation) , which is the core of Europe’s digital privacy legislation. The GDPR applies to any organization that operates within the EU or offers goods or...

South Africa’s Protection of Personal Information Act (POPIA) has finally come into force . That’s good news for South African citizens and residents, since the legislation’s aim is to protect their personally identifiable information (PII) after it’s collected by public and private entities in the country. But what does the new law mean for South African organizations who must comply? For some...

Serious question: Has anyone, ever, consciously decided not to use a website they require (or even just want to use) because they don’t agree with a cookie consent warning? Cookie consent warnings are those little strips that appear along the bottom of virtually every website you visit nowadays (including ours), notifying users that the website uses cookies to collect user data. Some are more...

Working remotely has become the “new normal”, at least for the foreseeable future. Some 1.5 billion people are now working remotely. It seems companies overnight moved into a work-at-home reality, and many workplace experts predict that more and more organizations will continue to rely on remote workers after this pandemic has passed. Virtual work settings are not new. Companies around the world...

Data needs to be classified and protected using a common format. By using a common format, we can more easily share and protect our information, as well as and provide ongoing post-release control of the information we have shared. Fortra has worked with sensitive messaging systems in the defense and intelligence environments; this has also included a lot of direct contact with NATO and the...

Have you updated your agency to the Email Protective Marking Standard (EPMS) version 2018.2 ? As you likely know, changes to the standard went into effect 1 January 2019. Since the last iteration was released in 2010, the EPMS standard has been amended. The changes include updates to the range of security classifications, changes to specific markings and caveat types, as well as new language used...