Blog image

Blog

Why DevOps Should Be Your Privacy Champions

12/4/20

Anyone familiar with data privacy legislation will know that The General Data Protection Regulation (GDPR), Europe’s main data privacy law, is considered the benchmark which other regulations follow It was the foundation from which The California Consumer Privacy Act (CCPA) was built, and will no doubt be the model for others.One of the main provisions of the GDPR is for businesses to adopt the principle of Privacy by Design, which calls for data privacy to be taken into account during the entire engineering and development process.For many businesses, sound data privacy practices and compliance measures are adopted once business operations are already well-established...



Why Easy Integration Is Important For Developer Tools

11/30/20

When it comes to sourcing data protection software and developer tools for enterprises, several factors are usually taken into account, such as if the software meets regulatory compliance standards, whether it satisfies the needs of the business, and of course, price.One factor that isn’t given enough airtime at the beginning of the procurement process, is the impact any new software or tool will have on your developers.In order to avoid unnecessary disruption and incur additional costs, it’s crucial to understand the needs of your developers and DevOps teams, and make sure any new technology meets their criteria for a smooth transition.Developers are crunched for timeTo maximize efficiency and meet production deadlines, most Development teams work in sprints, with tasks carefully planned in advance In other words, if there is a business need for data privacy, unless creating an in-house solution is accounted for in their schedule, most teams just don’t have the time to build their own solution...



The Importance Of Data Protection For Pharma Companies

11/20/20

In the pharmaceutical sector, access to data is crucial for the research that goes into the manufacturing of new drugs These drug companies require access to vast amounts of patients&rsquo...



Bookmark This GDPR Checklist For Your Business

11/13/20

Is your business GDPR compliant?The General Data Protection Regulation (GDPR) relates to all businesses that offer goods and services to European residents and collects personal data in the process.That means that if you have even one customer from the EU, you’re required to be compliant with this comprehensive privacy law The good news is that if your organization is serious about data privacy and data protection, you probably have nothing to worry about.Follow this simple GDPR checklist to see howcompliant your business really is.Self-assessmentAccording to the GDPR’s own website, conducting a data protection impact assessment is the simplest way of establishing compliance, not just with the GDPR, but with other privacy laws like the CCPA and HIPAA as well.Ask yourself the following questions that relate to your data processing activities.- Have you conducted an information audit?- Does your business have a legal justification for processing data?- Do you provide clear information about your data processes and privacy policy?- How transparent are you about data processing?- Did your customers opt in to have their data collected?Data securityOne of the core principles of the GDPR is that of “data protection by design and by default.&rdquo...



How Sensitive Data Discovery Helps Protect Your Student Data

11/6/20

If you work in the educational sector, whether as a university professor, college administrator, a tutor or teacher, or even a high school principal, you will no doubt come into contact with student data.But did you know that the collection, handling, and privacy of student data is subject to the requirements of the Family Educational Rights and Privacy Act (FERPA)?Don’t worry You’re in the right place...



What to expect from the SAFE DATA Act

10/30/20

A new federal privacy law has been introduced to the U.S Congress which is garnering a lot of excitement...



Everything You Need To Know About CCPA Compliance

10/22/20

The California Consumer Privacy Act (CCPA) came into effect on 1 January 2020 The strongest consumer data protection law in the U.S., it lays out the rules for handling customer data, similar to the EU’s General Data Protection Regulation (GDPR), which is considered the most important and comprehensive set of regulations around data privacy.What happens if you don't comply? — your business could be liable for a heavy fine, as mega-companies like TikTok and Google who have fallen short of the GDPR compliance have discovered.In this blog, we will outline everything you need to know about this new data privacy law.Who does the CCPA apply to?In a nutshell, the CCPA protects the data privacy rights of residents of California and governs the businesses that handle their personal information.The CCPA applies to all for-profit businesses operating in California that collect and process personal customer information and that meet the following requirements:Exceeds $25 million gross revenue annuallyHandles the personal information of 50,000 or more customersAcquires more than 50% of annual revenue from selling personal customer informationThe law also applies to any business that controls or is controlled by an entity that meets the above criteria.The CCPA is enforced by the California Attorney General, and currently provides businesses 30-days to comply if accused of noncompliance...



The Only Data Privacy Glossary You'll Ever Need

10/16/20

Navigating the landscape of data privacy and compliance can be daunting If you’re new to the field, or simply need a refresher, here is a list of the most common data privacy terms you should be aware of.Adequate Level of ProtectionThis refers to the level of data protection that the GDPR requires from a country or international organization before cross-border data transfers can take place.AnonymizationAlso known as Data Masking, this is the process of altering personally identifiable data (PII) so that it cannot be used to identify an individual.Audit TrailAn audit trail is a trail of documentation used to record activity for auditing purposes...



Data Masking Best Practice For Test Data Management

10/12/20

Most businesses use test data for testing, QA, and training purposes outside of the development environment, but often don’t give much thought to how that data is protected.Data masking protects data in non-production environments by substituting identifiable values like names, surnames, social security numbers, and credit card numbers with similar values that cannot be used to identify an individual.In this blog, we will share some data masking best practice for protecting test data and explain why it should form part of your regular DevOps activities.Why Data Masking?Data masking is a method of protecting sensitive data by de-identifying or masking values that could be used to identify an individual, as is required by data privacy laws such as the GDPR, the CCPA, HIPAA, and PCI/DSS While data masking conceals certain values, it also succeeds in retaining test data’s referential integrity, so test data retains its usefulness for testing, quality assurance, and training, without posing a risk to anyone’s data privacy...



How To Train Your Team To Avoid The Most Common Insider Threats

10/2/20

As we reported in our last blog, the cost of a data breach averages globally at $3.86 million Lost revenue, operational disruption, legal fees, and reputational costs are just some of the consequences of a serious breach...



How Much Does A Data Breach Really Cost A Business?

9/25/20

IBM recently released its updated Cost of a Data Breach Report for 2020, which analyzed 524 data breaches in 17 countries The study, which was conducted by the Ponemon Institute, found that the global average total cost of a data breach now stands at $3.86 million...



Rapid Digital Transformation In Healthcare And The Need For Data Privacy

9/18/20

COVID-19 has fast-tracked digital transformation in an industry known for dragging its heels — healthcare The problem lies with deep-rooted culture and legacy systems that span the industry as well as a lack of agility...



Why Data Masking Works Best For Different Types Of Breaches

9/11/20

Protecting sensitive data from data breaches is every company’s lawful responsibility, but data breaches come in many forms Hacking and Malware are common causes of data breaches, but leaks can occur in every corner of your organization — and without.Data masking is a thorough method of protecting sensitive data that comes recommended by risk frameworks such as the NIST framework, and by the GDPR law itself.In this blog, we will unpack how data masking works against the most common types of data breaches.Types of BreachesFirst, let’s look at the types of breaches that can affect an organization.Card:Debit and credit card fraud, not specifically due to hacking.Hack:A hack perpetrated by an external source or Malware.Insider:This is when the threat is an insider, like a member of staff or vendor.Physical:Loss or theft of physical documents.Portable:Loss or stolen portable devices such as hard drive, laptop or mobile phone.Stationary:Prohibited access to a stationary computer or server.Disclosure:Unintentional disclosure of information.Each of the breaches mentioned above has one defining characteristic in common — loss of data.How Data Masking combats several types of breach at onceData masking works by anonymizing certain elements of data to render it safe...



What Is The Difference Between Personal and Sensitive Data?

9/7/20

In the digital age we operate it in today, personal data is widely recognized as an asset, as well as a commodity It can be bought and sold, and is the basis of most corporate business intelligence and marketing strategies...



Why Every Risk Management Plan Worth Its Salt Should Start With Data Discovery

8/28/20

Whether they know it or not, any business or service that collects, handles, or processes personally identifiable information (PII) is subject to various laws and regulations that set out the requirements for data privacy Laws such as the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and the Health Insurance Portability and Accountability Act (HIPAA) do not simply act as guidelines...



Everything You Need To Know About HIPAA Compliance

8/21/20

For healthcare providers, whether you’re a hospital, doctor, nursing home, health insurance company, lab, IT company, or clearinghouse — if you handle patient data, maintaining HIPAA compliance is essential Those that don’t toe the line risk huge fines and increase the likelihood of experiencing a serious data breach.In July 2020 alone, over 1 million patients were affected by data breaches.Here is everything you need to be aware of where sensitive patient data privacy is concerned, and what you can do to stay compliant with this data privacy regulation.What is HIPAA?Signed into law in 1996, the Health Insurance Portability and Accountability Act (HIPAA) outlines the rules and regulations for medical data protection...



Why Is Healthcare So At Risk To Data Breaches?

8/14/20

More than 45% of data breaches are reported by the healthcare industry This year, one of the biggest healthcare data breaches was reported by a Fortune 500 healthcare company, which suffered a ransomware attack and data breach that affected 365,000 patients...



Approaching Data Privacy From A Customer’s Perspective

8/10/20

Data privacy regulations are on the side of the consumer Both the GDPR and the CCPA see individual control and autonomy as the ultimate objective of data protection...



How To Protect Data From Insider Threats During Lockdown

8/3/20

When we discuss data breaches, most of us will automatically think of hackers and Malware as the main causes, but more and more cases of data breaches are being put down to insider threats, with some reports estimating that as many as 60% of all security breaches involve insider negligence One of the biggest brands to report such a breach was retail giant Wal-Mart, which is now facing a lawsuit for allegedly violating CCPA regulations.According to privacy regulations such as PCI, GDPR, and HIPAA, organizations need to ensure that sensitive customer data such as credit card numbers, social security numbers, and account numbers, are protected across the organization — including non-production environments and remote desktops...



How To Secure Sensitive Data When Your Team Is Working From Home

7/31/20

COVID-19 has changed the way businesses operate Those that can, have shifted operations to the cloud and let staff work from home...



The Simple Guide to Data Masking

7/28/20

A new report reveals that poor privacy practices increase an organization’s chance of being breached by as much as 80% This week alone saw thirteen universities targeted by a combined ransomware and data breach attack.Data masking is one of the safest methods of protecting sensitive data...



Top EU Court Invalidates EU-US Privacy Shield

7/22/20

In a landmark ruling that can have far-reaching effects for data privacy compliance, the Court of Justice of the European Union (CJEU) has invalidated the EU-US Privacy Shield, which allows the legal transfer of personal data between the EU and the U.S.The Privacy Shield data transfer framework is currently used by 5,300 companies in the U.S.The CJEU found that U.S law and surveillance activities go against European citizens&rsquo...



What is the difference between data encryption and data masking?

7/17/20

Any company that handles customer data, be it payment card information (PCI), personally identifiable information (PII), or financial account numbers, needs to employ a certain level of data protection.Protecting sensitive customer data is essential for building and maintaining trust with your customers, but also forms part of your business’s risk management strategy that covers cybersecurity, compliance, and internal threats According to the FBI's 2019 Internet Crime Report, the total cost of reported cybercrimes last year was $3.5 billion.In this article, we’ll break down the difference between the two most common forms of data protection — data masking and data encryption — so you can determine which method is right for your business.What is data encryption?With data encryption, original, readable data or plaintext is converted to unreadable text or ciphertext using an encryption algorithm...



How Covid-19 Is Reshaping How We Think About Data Privacy

7/13/20

With the new normal, comes new risks.According to a recent KPMG survey,75% of Americans are thinking more about data privacy now than before the COVID-19 pandemic began.It stands to reason considering the flow of data has never been more insecure With companies forced to go remote and track and trace measures being implemented across the board, it’s not imprudent to wonder what checks and balances are in place to prevent misuse, security breaches, and data leaks.Organizations and individuals alike need to look closely at the way they handle data...



Adopting The NIST Privacy Framework Could Be The Best Business Decision You Can Make

7/7/20

Many companies understand the risks associated with a data breach, but many don’t fully comprehend just how far data travels within an organization — and beyond Activities that cause data privacy risks are often unintentional...



Does Data Masking Meet HITRUST CSF recommendations?

6/29/20

Consider this your quick guide to the HITRUST CSF and how it applies to data masking.These days, data is considered a commodity, and because of that, private data is becoming more and more accessible to third-parties Many consumers react with surprise when presented with marketing offers that are too accurate for comfort, or asked about details of their life they didn’t know their cellular phone company representative was privy to.In the healthcare industry, however, certain regulations apply to how confidential data can be used...



Data Privacy Regulations You Need To Know About

6/24/20

Data protection management is an important activity in any successful business Customers expect it, the media are constantly on the lookout for leaks, and hackers are getting smarter...



5 Ways To Manage Data Privacy Risk In Your Organization

6/19/20

Without proper data governance, data breaches pose a major risk for businesses, both financially and reputationally The risk is higher during times of disruption...



Google’s Recent GDPR Fine Is A Lesson To All Businesses

6/17/20

Google's recent unsuccessful attempt to appeal a GDPR fine is an important turning point in the war against non-compliance If Google isn't exempt, no one is.In short, Google lost its appeal against last year’s ruling by French data authority CNIL, which saw the tech giant penalized €50 million for not complying with GDPR privacy legislation.In January last year, Google was accused of using a vague and unclear process for gathering data and failing to sufficiently inform its users of how their information would be used...



October 2019 News - Latest Releases, GDPR happenings, and more

10/30/19

In this issue: NEWS, NEWS, and more NEWS! New components, past events, upcoming webinars, and more October2019 Phone 855.968.4874 Fax 855.487.4773 info@mask-me.net www.mask-me.net Hush-Hush EditorialJustlike with the year 2000, GDPR has created a lot of anxiety among software professionals and rightfully so...



Azure and RollUp components Issue

10/25/17

Azure Issue96 August 2017 Phone 855.968.4874 Fax 855.487.4773 info@mask-me.net www.mask-me.net In This Issue Product News AzureAs announced in our press release, now you can try HushHush Data Masking components in Azure with a free limited time trial for a month Our solution is a VM based image with the components and the sample solution that has a package per each component with a typical data sample...



SQL Malibu Ad-Hoc , TOTAL SUCCESS

11/16/16

We were proud sponsors of SQL Malibu, our permanent local group of SQL enthusiasts At the last moment the founder of HushHush, Virginia, stepped in to substitute sick scheduled presenter...



Mask Data in SQL Server - Dynamic and Static Masking

8/5/16

We have recently enjoyed participating in the SQL Saturday Orange County with the seminar on Data Masking While introducing new and exciting feature of Dynamic Data Masking, Microsoft has created some confusion in many people on when and how to use it...



Learn SSIS with SQL Malibu in May 2016

5/23/16

Come and learn SSIS old and new features on May 26, 2016 http://www.eventbrite.com/e/san-fernando-valley-sql-server-user-group-aka-sql-malibu-event-may-2016-tickets-25626873669



Meeting with Kathi - Always a Success

2/25/16

Meeting Kathi Kellenberger at SQL Malibu was a delight She always delivers an outstanding quality, and this time was not an exception...



HushHush and SQL Malibu: Kathi Kellenberger

2/16/16

Next Meeting: Tue, Feb 16 2016The need for a SQL Server DBALanguage: EnglishEvent Type: In-Person & OnlineOnline Meeting URL: https://zoom.us/j/485174277 RSVPURL: http://sqlmalibu1602.eventbrite.com /p>Kathi Kellenberger | Teammate with Linchpin People and Data Platform MVP, co-author of SQL Server books, a trainer and speakerSQL Server is a popular and powerful relational database system It's easy to install with just a few clicks...



FTC and International Partners Launch New Privacy initiative

10/26/15

FTC and seven international partners boost international dialogue and create an initiative to boost cooperation among countries in handling consumers' privacy Thanks to enabling new technology, the complaints can now go international with more privacy enhancement...



PASS conference is starting tomorrow

10/26/15

PASS is a great event for every professional in the SQL server domain, be they novice or a seasoned professional There are a total of 5000 people from 52 countries...



HushHush is a proud sponsor of SQL Saturday Oregon, on October 24

10/22/15

This is an especially rich event with many sessions devoted to SQL Server stack security and privacy as well as Business Intelligence We are hoping to meet all of you at the event, and will be happy to explain how you could use SSIS for data masking as well as reporting services.See you Saturday!...



Community Events: Hardening SQL Server With SQL Malibu and Craig Purnell

10/15/15



Dynamics of Data Breach Discovery

10/7/15

As major companies and their clients discover, the first number announced for the data breaches don't show the scale of the disaster The following article follows up on the dynamics of the data breachesDynamics of Data Breach Discovery...



OPM breach and National Security

6/23/15

I heard from many readers last week who were curious why I had not weighed in on the massive (and apparently still unfolding) data breach at the U.S Office of Personnel Management (OPM)...



It's All About Privacy

5/11/15

In our second installment of the #GenXTT I was excited to bring a bunch of smart GenXers together to espouse their views on privacy After the Millennial Think Tank Session on Privacy, I wanted to determine if there were differences in perception about Privacy among GenXers, especially given the increasing influence of technology.It's All About Privacy...



Card Breach at Natural Grocers

3/23/15

Sources in the financial industry tell KrebsOnSecurity they have traced a pattern of fraud on customer credit and debit cards suggesting that hackers have tapped into cash registers at Natural Grocers locations across the country The grocery chain says it is investigating “a potential data security incident involving an unauthorized intrusion targeting limited customer payment card data.....



HushHush is Presenting in Silicon Valley

3/23/15

SQLSaturday is a free, one-day learning event about SQL Server, Microsoft Business Intelligence, and Big Data HushHush is Presenting in Silicon Valley...



Can You Let Down Your Guard During Holidays?

12/3/14

Tomorrow is Thanksgiving, and then Friday—Black Friday—kicks off the official start of the holiday shopping season Retailers love the materialistic frenzy of the holiday season, and so do cybercriminals...



HushHush Presents at Security Day Fullerton

11/10/14

In an era where massive data breaches have caused some consumers anxiety while swiping their credit card, keeping out hackers is a hot topic among students learning to build and maintain the systems that often fall victim HushHush Presents at Security Day Fullerton...



Internal Privacy Breach: Mayor Rob Ford's privacy breached, hospital says

10/17/14

Mount Sinai is the latest in a string of hospitals to compromise patient confidentiality Over the summer, the Star revealed that GTA hospitals provided records without authorization to baby photographers and in one case, to RESP marketing companies...



Third-party Snapchat site claims photos were hacked from server

10/13/14

Developers behind Snapsaved.com, which stores Snapchat pictures, claim user photos were stolen - while another claim the site’s administrator gave access to hackers Third-party Snapchat site claims photos were hacked from server...



Your medical record is worth more to hackers than your credit card

9/24/14

Your medical information is worth 10 times more than your credit card number on the black market.Last month, the FBI warned healthcare providers to guard against cyber attacks after one of the largest U.S hospital operators, Community Health Systems Inc, said Chinese hackers had broken into its computer network and stolen the personal information of 4.5 million patients...



Chinese Hackers Pull Largest Cyberattack

8/18/14

Data breaches at health care systems are on the rise, experts say, and these will become more common in the coming years as more patient data goes digital. Community Health Systems, a large health care group that has 206 hospitals in 29 states, said Monday that a cyberattack originating in China resulted in the theft of Social Security numbers and other personal data belonging to 4.5 million patients

Chinese Hackers Pull Largest Cyberattack



An Interesting Case of Fraud at the Hospital

5/6/14

After taking nearly two months to flesh out a patient data breach involving inappropriate internal access, UMass Memorial Medical Center (UMMMC) of Worcester, Mass announced this week that it had alerted more than 2,400 affected patients of the breach...



SQL Saturday Orange County: Testing with SSIS

4/26/14

Often times, a database developer needs to test the data under different scenarios There are many ways to do that, and some of them involve using TFS and other expensive tools.....



Security Experts warn of lack of privacy at web giants

4/13/14

Image Credit: Wikipedia / VentureBeatTech giants are struggling to protect your privacy More to the point, they’re struggling to protect themselves from public criticism...



Hush Hush is at ISACA LA

4/3/14

Mark April 9th – April 13th, 2016 on your calendar and join us at the 2016 Spring Conference, the leading Information Systems IT governance, control, security and assurance event for the Southern California area The ISACA Los Angeles Chapter provides affordable quality training on fundamental information systems auditing concepts and emerging technology risks, and an opportunity to network with other auditing and security professionals.....



Debate on privacy is heating up: Facebook is frustrated

3/13/14

Facebook Co-Founder Mark Zuckerberg made a rare posting on his Facebook page to assure his followers that he takes government threats to Internet security seriously “I’ve called President Obama to express my frustration over the damage the government is creating for all of our future,” he wrote in the note, most likely in relation to recent revelations that the National Security Agency has been hacking into computers and weakening security standards...Debate on privacy is heating up: Facebook is frustrated...



When is anonymization not a good thing?

3/13/14

Anonymous communication platforms and the pre-teen-to-teenage brain are two things that don’t mix all that well Just look at Ask.fm, for example, the social Q&A platform whose shield of anonymity led to cyberbullying that was later cited as a contributing factor in well over half a dozen suicides...



Hush Hush Provides Free Education Session at SQL Malibu

3/6/14

oin us every 2nd or 3rd weekday of every month between 6:00 pm and 7:30PM, where we network and discuss SQL Server topics We will have swag giveaways at the end of the each presentation too...



Feds Look To Big Data On Security Questions

3/5/14

Government IT leaders believe continuous monitoring and advanced analytics can help agencies better understand their networks and security Government IT leaders believe the growth of big data analytics may provide new tools in combating cyber security threats, according to a new report...



Hush Hush Sponsors SQL Saturday Silicon Valley

3/5/14

SQLSaturday was a free, one-day learning event about SQL Server, Microsoft Business Intelligence, and Big Data Hush Hush Sponsors SQL Saturday Silicon Valley...



Microsoft Heads to Global Privacy Summit

3/5/14

This week is particularly exciting for the many people at Microsoft who focus on data privacy Several of us will attend the annual Global Privacy Summit in Washington, D.C., hosted by the International Association of Privacy Professionals (IAPP)...



Neiman Marcus confirms customer payment card data breach

1/13/14

Neiman Marcus Group Ltd is the latest high-profile retailer to confirm that customers' payment card information was stolen and unauthorized charges were made over the holidays...



Shadow IT: Why companies are exposing your data - and what to do about it

12/23/13

The race to cloud computing is exposing private customer information and sensitive corporate data on an unprecedented scale The demand for quicker and cheaper application development is driving this trend.Shadow IT: Why companies are exposing your data - and what to do about it...



Liberty and security in a changing world

12/12/13

The Review Group would like to thank the many people who supported our efforts in preparing this Report A number of people were formally assigned to assist the Group, and all performed with professionalism, hard work, and good cheer...



BuildNumber = Release-18.0_20201120.1