Archive for the ‘Classification’ Category

What is “Suggested Classification”?

Wednesday, November 25th, 2015

Last week my colleague Libby Robinson wrote about the enhanced automated classification capabilities of the new TITUS Classification Suite 4.4. While TITUS can automate classification better than ever, Libby nonetheless concluded that: “it is best practice to deploy a combination of user-driven, system suggested and automated classification.” If you read the TITUS blog regularly, I’m sure you are familiar with user-driven classification and its importance to the organization. But what is “system suggested classification” and when would an organization use it?

With “system suggested classification,” the TITUS policy engine runs the same evaluation policies as are performed during the automated classification process (based on content, context, the user, the recipient, etc.). The key difference is that a user is prompted to confirm the automated classification results and is able to quickly adjust the classification if the automated process was deemed incorrect.


Secure Cloud Sharing with the New TITUS Classification for Mobile

Thursday, November 19th, 2015

While they offer incredible advantages, cloud sync and share services like Box and Dropbox also come with risks. As usual, one of the top risks isn’t from the technology itself, but the user. What guarantees do you have that your users are safely sharing information in the cloud? Unlike folders on the network, cloud folders are easily shared with users outside of your organization, and it is not always easy to tell which folder was created for sensitive content and which was not. As a result, users are more likely to make a mistake and overshare information.

While you can drill down to see with whom a folder is shared or examine the content of the folder to determine its sensitivity, this is time consuming and slows the speed of business. This inevitably means some users will fail to take those extra steps. It is also easy for a user to simply create a new folder on the run, forget the access details over time, and assume it is safe to use for another document at a later date. Folder names rarely convey the sensitivity or collaborative nature of the folder. So, when users share via the cloud do they know if the folder is shared externally? Can they easily tell if the folder is meant for public or internally facing documents? And, are your users always going to double check to make sure they know the answers before they upload a file? Unfortunately, when it comes to using a cloud service mobile app, ease of sharing information often takes priority over security. TITUS Classification for Mobile considers user experience, ease of use, and data protection all as equally important.


Enhance Your Automated Classification Capabilities with TITUS Classification Suite 4.4

Wednesday, November 18th, 2015

The global data footprint is growing at an unprecedented rate, with business users creating and sharing information in new ways. Identifying your sensitive data within this vast cauldron of information is imperative, but relying solely on your users to do so might not be enough. The question is: how can you effectively balance involving your users in data identification with automation?

Sensitive information such as PII, PHI, PCI and ITAR data doesn’t always require user involvement to be identified and classified. Additionally, if your organization has defined terminology which refers to your Intellectual Property, you may not require user-driven classification to identify it. The enhanced automated classification capabilities of TITUS Classification Suite 4.4 – available now – will enable your policies to be applied behind the scenes.

Corporate Security and the 2-in-1 Device

Friday, November 13th, 2015

Microsoft seems to have fallen into a pattern where one release of Windows struggles in the market but then the next one succeeds, and back and forth. Windows 8 was one that struggled. Windows 8 came with a new class of Apps, and a new UI called Metro. Unfortunately, people didn’t like it much and they switched to desktop mode fast. True to form, Windows 10 seems to be much more successful. But before we completely dismiss Windows 8, it’s worth thinking about what Microsoft was trying to do with that release and why.

Like a lot of office workers I had a Windows laptop when Windows 8 came out, and I also had an iPad. I was experimenting with leaving the laptop at my desk and only taking the iPad with me when going to meetings or was otherwise away from my desk. After all, it seemed silly to carry two devices when I could present from the iPad, takes note on the iPad, and answer email on the iPad, right?


The New Asset on Your Balance Sheet

Wednesday, October 28th, 2015

With so many metrics focused on the “cost of a data breach” as well as how much money is spent on data security, is it crazy to think that boards of directors will begin asking for financial statements around data value in the next couple of years?

The concept of placing value on your data is not new – analysts have been talking about infonomics and information valuation for a while now. In fact, it just appeared on a recent Gartner hype cycle which suggested infonomics will take 5 to 10 years to plateau. However, with the pressure on organizations to build a strong culture around data security, I would argue we are going to see the need for data value statements within the next 2-3 years.


When the Privileged Insider Goes Bad – 5 More Ways to Tackle Insider Threat

Wednesday, October 21st, 2015

Last week Stephane Charbonneau, TITUS CTO, laid out 5 steps to help tackle insider threats. These tips focused on user training, user involvement and fostering a culture of security in order to prevent accidental user leaks and to [hopefully] prevent users from crossing the line into malicious behaviors. But what if the user is committed to abusing their internal access privileges for their personal gain?

Undoubtedly there are departments or data within your organization where a zero trust model might need to be enforced because the risks posed by a rogue employee are too high. There are likely areas where users have access to data so important and valuable that they are motivated to steal, sell, or otherwise leak data. For those who have access to this data stronger measures need to be in place.


Cyber Security Awareness Month

Thursday, October 8th, 2015

October is National Cyber Security Awareness Month. This week, the focus is on creating a culture of cyber security at work. For TITUS, helping to create a culture of security is a cornerstone for our solutions.

Implementing digital and technology security solutions within an organization usually involves several components, including secure network gateways, data loss prevention systems, and encryption. But with the rapid explosion of mobile devices that can store gigabytes of data and the easy access to cloud sync and share services, it is difficult for technology and IT teams to keep up and ensure that users are not accidentally leaking sensitive information. It is essential, therefore, that your users understand digital security risks and correct policies for sharing information.

To foster a culture of security, organizations need a solution that will:

Netskope and TITUS

Monday, September 28th, 2015

We at Netskope are excited about our partnership with TITUS and the many things we are doing together to help our customers safely enable cloud while also classifying and protecting sensitive data. One important thing we’ve done is collaborate on a best practice for classifying, e-discovering, and securing private, regulated, and other confidential business content en route to or at rest in cloud services with a recommended deployment.

The Gartner Hype Cycle and Classification

Wednesday, September 23rd, 2015

I love the Gartner Hype Cycle, it’s one of my favorite things about working in the software industry. For anyone who hasn’t seen a Gartner Hype Cycle it looks like this:

Gartner Hype Cycle diagram

Now I’ve never seen any statistical proof that new technologies progress from a “Innovation Trigger” through the “Peak of Inflated Expectations” and the “Trough of Disillusionment” before climbing the “Slope of Enlightenment’ and arriving at the “Plateau of Productivity”. But if you’ve been around a while, and seen technologies come and go, it seems true. Stephen Colbert might claim it has “truthiness”. It’s a lot like that old joke about the 7 stages of a software project: