Blog, Document and Security - Information Management Today

GUEST ESSAY: Going beyond watermarks to protect sensitive documents from illegal access

The Last Watchdog

JANUARY 6, 2022

They also enrich documents with metadata and place them in crypto-containers, access to which is only granted by permission. However, all of these solutions are powerless when it comes to photographing a document with a smartphone and compromising printed copies of documents. There are more exotic ways of protecting documents.

Access

Access Marketing Metadata Information Security

Fulton County, Security Experts Call LockBit’s Bluff

Krebs on Security

FEBRUARY 29, 2024

they could expect to see their internal documents published online this morning unless the county paid a ransom demand. Security experts say LockBit was likely bluffing and probably lost most of the data when the gang’s servers were seized this month by U.S. The ransomware group LockBit told officials with Fulton County, Ga.

Security

Security Ransomware IT Access

Updating your data protection documentation following Brexit

IT Governance

APRIL 16, 2021

The UK version was born out of the EU GDPR, so you might think that there are only cosmetic differences and that minor actions are required to adjust your documentation and compliance practices. In this blog, we look at some of the things you must consider. Do you have appropriate security mechanisms for data transfers?

GDPR

GDPR Personal data Compliance Encryption

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

Leaked documents from Russian firm NTC Vulkan show Sandworm cyberwarfare arsenal

Security Affairs

APRIL 2, 2023

Documents leaked from Russian IT contractor NTC Vulkan show it was likely involved in the development of offensive tools. The documents demonstrate that it also developed hacking tools for the Russia-linked APT group Sandworm. The documents include details for three projects named Scan, Amesit, and Krystal-2B.

Energy and Utilities

Energy and Utilities Education Ransomware IT

OpenAI Is Not Training on Your Dropbox Documents—Today

Schneier on Security

DECEMBER 19, 2023

There’s a rumor flying around the Internet that OpenAI is training foundation models on your Dropbox documents. Dropbox isn’t sharing all of your documents with OpenAI. ” Willison expands this in a blog post , which I strongly recommend reading in its entirety. Here’s CNBC. Here’s Boing Boing.

Privacy

Privacy GDPR Risk Government

April’s Patch Tuesday Brings Record Number of Fixes

Krebs on Security

APRIL 9, 2024

Microsoft today released updates to address 147 security holes in Windows, Office , Azure ,NET Framework , Visual Studio , SQL Server , DNS Server , Windows Defender , Bitlocker , and Windows Secure Boot. Yes, you read that right. “As far as I can tell, it’s the largest Patch Tuesday release from Microsoft of all time.”

Security

Security Phishing Passwords Authentication

The False Economy of Deprioritising Security

IT Governance

MARCH 20, 2024

In the UK, cyber security has been dropping down the board’s list of priorities. The UK government’s Cyber Security Breaches Survey 2023 confirms this trend. Fewer directors, trustees and other senior managers of both UK businesses and charities see cyber security as a high priority in 2023 compared to 2022. Specifically, a 13.4%

Security

Security Data breaches Government Insurance

Attackers Increasingly Adopting Regsvr32 Utility Execution Via Office Documents

Security Affairs

FEBRUARY 10, 2022

exe heavily via various types of Microsoft Office documents. This blog details the use of regsvr32.exe 97% of these samples belonged to malicious Microsoft Office documents such as Excel spreadsheet files carrying.xlsb or.xlsm extensions (see Figure 3). Microsoft Word/Rich Text Format data/Composite Document —.

Libraries

Libraries Ransomware Security IT

Documentation required by ISO 27001

IT Governance

JULY 8, 2019

Organisations seeking ISO 27001 compliance must prove their compliance with the Standard by completing appropriate documents. List of documents required for ISO 27001 compliance. Information security policy. Information security risk assessment process. Information security risk treatment plan.

Information Security

Information Security Compliance Risk Security

How to document the scope of your ISMS

IT Governance

DECEMBER 2, 2019

If you’re planning to implement an ISMS (information security management system), you’ll need to document the scope of your project – or, in other words, define what information needs to be protected. You should instead document the organisation and its processing under Annex A control A.15 15 – supplier relationships.

Information Security

Information Security Compliance Cloud Access

Document access control

OpenText Information Management

APRIL 20, 2021

This makes it challenging to protect data stored in IT systems against unwanted access, and to prevent data theft by … The post Document access control appeared first on OpenText Blogs. Think, for example, about all those millions of additional people who are now working from home offices.

Access

Access IT Security

GUEST ESSAY: A primer on content management systems (CMS) — and how to secure them

The Last Watchdog

MAY 19, 2022

Wikipedia uses a CMS for textual entries, blog posts, images, photographs, videos, charts, graphics, and “ talk pages ” that help its many contributors collaborate. Chances are strong that your corporate website uses a CMS, and perhaps you have a separate CMS for documents and other files shared by your employees, partners, and suppliers.

CMS

CMS Security Encryption Data breaches

Tame eDiscovery document review costs without increasing risk

OpenText Information Management

FEBRUARY 21, 2020

Demands on legal services within the enterprise have never been greater, extending beyond litigation and regulatory compliance to privacy, data security, and risk and crisis management. At the same time, budgets are being squeezed and legal departments are being asked to do more with less.

Risk

Risk Compliance Privacy Security

How to document your information security policy

IT Governance

NOVEMBER 20, 2018

With cyber security affecting businesses worldwide, it is important that all organisations have a policy in place to state and record their commitment to protecting the information that they handle. First, what is an information security policy? Compiling your information security policy. Consider your shareholders.

Information Security

Information Security Security Risk Government

Fully Undetectable PowerShell Backdoor Found by Security Researchers

eSecurity Planet

OCTOBER 18, 2022

. “The covert self-developed tool and the associated C2 commands seem to be the work of a sophisticated, unknown threat actor who has targeted approximately 100 victims,” SafeBreach director of security research Tomer Bar wrote in a blog post today detailing the findings. Phishing on LinkedIn. A Critical Mistake.

Security

Security Phishing Metadata Encryption

The Financial Service and Insurance Industries Need Intelligent Document Processing; Here’s Why

Rocket Software

MARCH 14, 2022

Steve Charbonnier, research manager for IDC’s Enterprise Content Strategies program, shares data-backed insights in the report that explore the trends, challenges and benefits around adopting intelligent document processing (IDP) applications. IDP Trends in the Financial and Insurance Industries. Challenges to Effective IDP.

Financial Services

Financial Services Insurance Digital transformation Paper

How to Send Documents Securely Over the Internet | Onehub

OneHub

NOVEMBER 22, 2019

There are plenty of ways to send documents over the internet. The problem is that they’re not all secure methods. Email passwords and document privacy settings aren’t always enough. If you handle sensitive data, be it your own or that of your clients or business partners, here’s how to send documents securely over the internet.

Security

Security Passwords Access Data breaches

GUEST ESSAY: Addressing data leaks and other privacy, security exposures attendant to M&As

The Last Watchdog

JANUARY 27, 2022

Such consolidation across markets is good news for customers and vendors alike in terms of market growth and maximizing security investments. Throughout this period, the risk level of the acquirer is much higher than the acquired company, creating a major cybersecurity gap as they merge their tech stack and security tools together.

Privacy

Privacy Security Risk Marketing

Online Collaboration and Document Sharing: Best Practices

OneHub

AUGUST 5, 2022

Organizations need to make sure the software they select supports a set of best practices in online document storage and sharing that, together, yield the best benefits to users and the businesses they work for. Best practice #1: Strong security and targeted permissions. Security comes first. Managing Director. David Pashman.

Communications

Communications Sales Risk Access

Document Scanning or Document Storage: Points to consider

Shoreline Records Management

FEBRUARY 27, 2023

With 25 years of experience in the document management industry, projects often come down to a simple question – Should we scan our documents or securely store them and retrieve them on an as-needed basis? What is document scanning? How does document scanning work? Why is document scanning important?

Paper

Paper Records Management Access Compliance

What everyone should know about moving 5 million documents – fast

OpenText Information Management

JULY 14, 2020

This endeavor demands a constant stream of secure data and informed decisions – outcomes that were elusive with an ill-fitting content management system. As part of its digital transformation, NAL – a company of 300 … The post What everyone should know about moving 5 million documents – fast appeared first on OpenText Blogs.

Digital transformation

Digital transformation Security IT

Streamlining Document Approvals for Better Project Management

OneHub

MAY 13, 2021

Project managers are the unsung superheroes of the professional world, but document approvals are their kryptonite. So, how do you get a document approved on time without harassing your client? Create a secure, standardized system for document approvals. Business files are too valuable to risk a security breach.

Education

Education Communications Access Security

5 Best Practices for Successful Internal Documentation

OneHub

AUGUST 12, 2021

Last week we covered how investing in internal documentation can save your organization significant time and money, not to mention hassle and stress. How do you keep internal documents accurate? What’s the easiest way to make this documentation accessible? Determine what information needs to be documented.

Access

Access Retail Encryption Communications

One, two, three…steps to improve your eDiscovery review database security

OpenText Information Management

JUNE 12, 2023

There are many good reasons to be proactive when it comes to securing our data everywhere it lives. In legal matters, we go from legal hold, collection, processing, publishing, to an eDiscovery review platform, and then to document review and production. Each step in this transition poses potential security risks.

Security

Security Risk IT Compliance

Google researchers found multiple security issues in Intel TDX

Security Affairs

APRIL 25, 2023

Google Cloud Security and Project Zero researchers found multiple vulnerabilities in the Intel Trust Domain Extensions (TDX). Google Cloud Security and Project Zero researchers, working with Intel experts, discovered multiple vulnerabilities in the Intel Trust Domain Extensions (TDX). ” reads the report released by Google.

Security

Security Cloud Education Cybersecurity

So, you want to search your own documents for eDiscovery?

OpenText Information Management

MAY 4, 2020

When organizations ask, “Can’t we collect our documents ourselves?” Even with the availability of off-the-shelf collection … The post So, you want to search your own documents for eDiscovery? appeared first on OpenText Blogs. ” the answer is simple.

IT

IT Security

Calendar Meeting Links Used to Spread Mac Malware

Krebs on Security

FEBRUARY 28, 2024

Unfortunately for us, Doug freaked out after deciding he’d been tricked — backing up his important documents, changing his passwords, and then reinstalling macOS on his computer. While this a perfectly sane response, it means we don’t have the actual malware that was pushed to his Mac by the script.

Phishing

Phishing Blockchain Military Passwords

Documenting and Managing Governance, Risk and Compliance with Business Process

erwin

FEBRUARY 12, 2021

Shockingly, a lot of organizations, even today, manage this through, either homemade tools or documents, checklists, Excel files, custom-made databases and so on and so forth. Traditionally, these are manually documented, monitored and managed. Everything needs to be clearly documented, covering all important and relevant aspects.

Compliance

Compliance Risk Government Data breaches

Can We Stop Pretending SMS Is Secure Now?

Krebs on Security

MARCH 16, 2021

SMS text messages were already the weakest link securing just about anything online, mainly because there are tens of thousands of employees at mobile stores who can be tricked or bribed into swapping control over a mobile phone number to someone else. “And the ‘fix’ put in seems to be temporary in nature.”

Security

Security Passwords Authentication Communications

The Benefits of Combining Secure Offsite Storage with Professional Document Scanning

Archive Document Data Storage

SEPTEMBER 13, 2019

Do you dread searching through disorganised file rooms to find a hard copy document? Are you fed up of wasting time removing staples from documents and then wrestling with the office scanner to make a digital copy? Investing in secure offsite storage and combining this with a professional scanning service could be the solution for you.

Security

Security Paper Archiving Encryption

The Week in Cyber Security and Data Privacy: 30 October – 5 November 2023

IT Governance

NOVEMBER 6, 2023

According to the security company Resecurity , which discovered the listing, the data included victims’ name, age, gender, address, passport number and Aadhaar number (a 12-digit government identification number). It secured its systems, notified law enforcement and began investigating the incident. Boeing is “assessing the claim”.

Data Privacy

Data Privacy Privacy Libraries Security

How to document PCI DSS-compliant policies and procedures – with template example

IT Governance

OCTOBER 24, 2019

That’s why Requirement 12 of the PCI DSS (Payment Card Industry Data Security Standard) instructs organisations to implement policies and procedures to help staff manage risks. It provides a detailed outline of information security responsibilities for all staff, contractors, partners and third parties that access the CDE.

Security awareness

Security awareness Information Security Risk Data breaches

Questions to ask a document imaging provider – Part 2

TAB OnRecord

MARCH 13, 2019

Last week we explored some initial questions to ask a prospective document imaging provider. As we pointed out, you need to get some up-front clarity on the quote; find out who will be working on the project; and enquire about their methodologies for planning, document access and security.

Records Management

Records Management Access Security

Improve Business File Organization and Collaboration With Document Control

OneHub

JULY 5, 2021

What is document control? Document control is a standardized system of file management within a business. Document control sets protocols for the lifecycle and use of documents, from creation to deletion and everything in between. Document control helps businesses stay compliant with legal requirements and reduces errors.

File names

File names Access Government Risk

Security Affairs newsletter Round 414 by Pierluigi Paganini – International edition

Security Affairs

APRIL 9, 2023

Every week the best security articles from Security Affairs are free for you in your email box. A new round of the weekly SecurityAffairs newsletter arrived! billion rubles.

Security

Security Computer and Electronics Ransomware Marketing

Multiple Microsoft Office versions impacted by an actively exploited zero-day

Security Affairs

MAY 30, 2022

The cybersecurity researcher nao_sec discovered a malicious Word document (“05-2022-0438.doc”) The document uses the remote template feature to fetch an HTML and then uses the “ms-msdt” scheme to execute PowerShell code. doc”) that was uploaded to VirusTotal from Belarus. To nominate, please visit:?.

Cybersecurity

Cybersecurity Security IT Information Security

Security Affairs newsletter Round 417 by Pierluigi Paganini – International edition

Security Affairs

APRIL 30, 2023

Every week the best security articles from Security Affairs are free for you in your email box. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Security

Security Ransomware Cybersecurity Authentication

Experts warn of mass exploitation of Ivanti Connect Secure VPN flaws

Security Affairs

JANUARY 16, 2024

Experts warn that recently disclosed Ivanti Connect Secure VPN and Policy Secure vulnerabilities are massively exploited in the wild. x and Ivanti Policy Secure. is a command injection vulnerability in web components of Ivanti Connect Secure (9.x, x) and Ivanti Policy Secure. reads the advisory published by Ivanti.

Security

Security Authentication Military Government

Top 5 Cloud security challenges, risks and threats

IT Governance

NOVEMBER 24, 2021

But as is often the case with technological solutions, the benefits of convenience comes with security risks. In this blog, we look at the top five Cloud security challenges that organisations face, and provide tips on how to overcome them. As such, organisations must be sure that effective security measures are in place.

Cloud

Cloud Risk Security Data breaches

Many Public Salesforce Sites are Leaking Private Data

Krebs on Security

APRIL 27, 2023

Until being contacted by this reporter on Monday, the state of Vermont had at least five separate Salesforce Community sites that allowed guest access to sensitive data, including a Pandemic Unemployment Assistance program that exposed the applicant’s full name, Social Security number, address, phone number, email, and bank account number.

Access

Access Authentication Information Security Communications

Jacksonville law firm brings order to its content with cloud-based document management

OpenText Information Management

JANUARY 9, 2020

Legal professionals need to be able to easily access critical documents at a moment’s notice, but the ever-growing volumes of information makes the challenge of managing it seemingly insurmountable. The Office of General Counsel (OGC) for the City of Jacksonville, Florida was no exception.

Cloud

Cloud IT Access Security

Fox Entertainment Group puts document management in the spotlight

OpenText Information Management

JUNE 26, 2019

As the legal community steps up to meet the needs of a digital world, law firms and legal departments are recognizing the need to ensure that information is managed and secure, yet easily accessible. … The post Fox Entertainment Group puts document management in the spotlight appeared first on OpenText Blogs.

Access

Access Security Digital transformation IT

GUEST ESSAY: ‘Identity Management Day’ highlights the importance of securing digital IDs

The Last Watchdog

APRIL 13, 2021

The second Tuesday of April has been christened “ Identity Management Day ” by the Identity Defined Security Alliance, a trade group that provides free, vendor-neutral cybersecurity resources to businesses. Here are five tips for securely managing identities across the new, hybrid work environment: •Think granularly.

Security

Security Authentication IoT Phishing

Your cyber security risk mitigation checklist

IT Governance

OCTOBER 5, 2020

It can be tricky to know where to begin, which is why our Cyber Security Risk Scorecard contains a simple guide to help you secure your systems. We’ve run through some of the essential steps in this blog, or download the full, free checklist from our website. Conduct a cyber security risk assessment. Install firewalls.

Risk

Risk Security Encryption Information Security

GUEST ESSAY: Going beyond watermarks to protect sensitive documents from illegal access

Fulton County, Security Experts Call LockBit’s Bluff

Webinars

Trending Sources

Updating your data protection documentation following Brexit

Webinars

Leaked documents from Russian firm NTC Vulkan show Sandworm cyberwarfare arsenal

OpenAI Is Not Training on Your Dropbox Documents—Today

April’s Patch Tuesday Brings Record Number of Fixes

The False Economy of Deprioritising Security

Attackers Increasingly Adopting Regsvr32 Utility Execution Via Office Documents

Documentation required by ISO 27001

How to document the scope of your ISMS

Document access control

GUEST ESSAY: A primer on content management systems (CMS) — and how to secure them

Tame eDiscovery document review costs without increasing risk

How to document your information security policy

Fully Undetectable PowerShell Backdoor Found by Security Researchers

The Financial Service and Insurance Industries Need Intelligent Document Processing; Here’s Why

How to Send Documents Securely Over the Internet | Onehub

GUEST ESSAY: Addressing data leaks and other privacy, security exposures attendant to M&As

Online Collaboration and Document Sharing: Best Practices

Document Scanning or Document Storage: Points to consider

What everyone should know about moving 5 million documents – fast

Streamlining Document Approvals for Better Project Management

5 Best Practices for Successful Internal Documentation

One, two, three…steps to improve your eDiscovery review database security

Google researchers found multiple security issues in Intel TDX

So, you want to search your own documents for eDiscovery?

Calendar Meeting Links Used to Spread Mac Malware

Documenting and Managing Governance, Risk and Compliance with Business Process

Can We Stop Pretending SMS Is Secure Now?

The Benefits of Combining Secure Offsite Storage with Professional Document Scanning

The Week in Cyber Security and Data Privacy: 30 October – 5 November 2023

How to document PCI DSS-compliant policies and procedures – with template example

Questions to ask a document imaging provider – Part 2

Improve Business File Organization and Collaboration With Document Control

Security Affairs newsletter Round 414 by Pierluigi Paganini – International edition

Multiple Microsoft Office versions impacted by an actively exploited zero-day

Security Affairs newsletter Round 417 by Pierluigi Paganini – International edition

Experts warn of mass exploitation of Ivanti Connect Secure VPN flaws

Top 5 Cloud security challenges, risks and threats

Many Public Salesforce Sites are Leaking Private Data

Jacksonville law firm brings order to its content with cloud-based document management

Fox Entertainment Group puts document management in the spotlight

GUEST ESSAY: ‘Identity Management Day’ highlights the importance of securing digital IDs

Your cyber security risk mitigation checklist

Stay Connected