Archive for ‘Compliance’

CUI Compliance – What You Need To Know (Part 2)

Friday, October 6th, 2017

Established by Executive Order 13556, the Controlled Unclassified Information (CUI) program defines a uniform policy for the treatment of unclassified information that requires safeguarding or dissemination controls. As of December 31, 2017, all federal contracts will require contractors to comply with the Federal CUI Rule (32 CFR Part 2002) that governs the treatment of CUI.

In the second installment of this two-part blog series, Patricia Hammar, founder of PKH Enterprises and a recognized expert in the areas of government policy and privacy, answers some additional questions on Controlled Unclassified Information (CUI) compliance.

(more…)

 

 

CUI Compliance – What You Need To Know

Monday, October 2nd, 2017

Established by Executive Order 13556, the Controlled Unclassified Information (CUI) program defines a uniform policy for the treatment of unclassified information that requires safeguarding or dissemination controls. This framework standardizes practices around the sharing of controlled unclassified information, with the goal of improving the sharing of information across Federal executive branch agencies.

In this two-part blog series, Patricia Hammar, founder of PKH Enterprises and a recognized expert in the areas of government policy and privacy, answers some key questions on CUI compliance.

  (more…)

 

 

The First Step Toward GDPR Compliance

Thursday, May 11th, 2017

Last week my colleague Mark Cassetta described how data categorization could be used as a means to simplify information classification and protection. This week I would like to expand on this concept to show how categorization can be put into practice. The European General Data Protection Regulation (GDPR) only 12 months away. Yet, only 10 percent of organizations impacted by the GDPR report that they are “completely ready” to comply with the regulation (Osterman Research), it seems like this would be a great example for highlighting the use of categorization.

The key goal of the GDPR is to ensure that any organization that controls or processes sensitive personal information about EU residents also properly protects the data. In fact, organizations must show that data protection is a fundamental design aspect to their data workflow and processes.

So, where does an organization start?


(more…)

 

 

Data Categorization or Data Classification?

Wednesday, May 3rd, 2017

In the last few years there has been a dramatic shift from data classification being “nice to have” to becoming a “need to have”. Behind this momentum, private companies and organizations are implementing data classification using “traditional” taxonomies and schemas that worked for governments and militaries, but don’t necessarily translate well into the workflow or culture of commercial enterprises.

When TITUS started over a decade ago, many of our first customers were large government and military organizations who were familiar with the concept of classification. We all  remember the “secret” and “top secret” rubber stamp with red ink used to classify paper documents and files before the dawn of digital productivity tools. As a result, when government and military customers began to deploy classification, their users were already well educated on the meanings and appropriate use of their classification taxonomies. As classification has moved into commercial enterprises, the template for classification has remained unchanged. As a result, many enterprises have struggled to find a way to align classification labels and policies to meet their own unique needs.


(more…)

 

 

Turn Your Users Around

Wednesday, March 29th, 2017

It’s been a long time coming, but the mandatory breach notification laws will be in force in Australia next February (Privacy Amendment (Notifiable Data Breaches) Act 2017). Having seen similar regulations in effect in North America, and with the knowledge that they’re also coming to Europe next year in the form of the EU GDPR, it is impossible for any business to ignore the issue of data security. Organizational change is necessary across the globe.

I was recently in Australia, and the new legislation was a very hot topic in meetings with both existing partners and new customers, bringing up a multitude of questions. From a general perspective, it’s fantastic that more and more organizations are wising up to security (and there are countless surveys to back this up), but from our experience, most seem to be struggling with the myriad of different ways to protect their data and the persistent threat of breaches.


(more…)

 

 

TITUS to Provide Solutions to NATO Agencies around the World

Tuesday, February 28th, 2017

TITUS and the NATO Communications and Information Agency (NCIA) recently signed a joint Master Service Agreement (MSA) that enables TITUS to supply our solutions to NCI Agency, NATO Member Nations and other NATO entities.

Cybersecurity is a major area of concern for NATO, and is considered the fourth domain of operations after air, land and water. NATO and its member agencies know that they need to be prepared to defend networks and operations against the increasingly sophisticated cyber threats and attacks.


(more…)

 

 

Protecting Information in a Multi-Cloud World

Wednesday, January 11th, 2017

bergen_wilde-ns

Around our office there is a lot of talk about “hybrid Cloud” as we help our customers create strategies to safely migrate from on-premise to cloud storage and applications. A hybrid cloud strategy provides both flexibility and peace of mind, enabling organizations to ease into utilizing the Cloud at their pace. The actual challenge however is not finding the right balance between on-premise and the Cloud, but coping with the multitude of cloud options.

titus-cloud-blog
(more…)

 

 

Introducing Classification for Mac, offering the broadest Outlook coverage on the market

Wednesday, September 14th, 2016

libby_robinson-ns

TITUS is excited to announce the addition of Outlook for Mac to our Classification for Outlook offering!

Email is everywhere.  It’s across various platforms and devices, even within a single organization.  While the majority of users may still be on Windows based computers, more and more are beginning to choose Macs.

According to Aberdeen Research, 20% of organizations have enterprise email installations that include both Windows and Mac. In isolation, this number may not seem particularly large, but often these Mac deployments are on desktops where the most sensitive information resides – primarily executive offices, as well as designers and developers.

If your efforts to secure the information transmitted via email is limited only to certain members of your organization, you are risking breaches of either your own intellectual property (IP), or of PII, PCI or PHI.  You don’t want to spill your secret sauce, or face the possibility of loss of consumer trust, market share, or substantial fines.
(more…)

 

 

The TITUS Experience

Friday, August 26th, 2016

bergen_wilde-ns

During a recent TITUS event, I had the opportunity to listen to a conversation between a deployed customer and another still in the planning phase that highlighted the classification challenges many organizations are facing. The questions being asked of the deployed customer weren’t technical ones, but focused on business transformation, such as:

  • How did you train your users on the meaning of the classification levels?
  • Would you recommend a full-fledged, single phase implementation or break it into several smaller phases?
  • How much did you choose to involve the workers in the application of classification at first?

meeting-blog

(more…)

 

 

Preparing for EU GDPR

Thursday, August 18th, 2016

sandra_catana-ns

On 28th May 2018, the European Union (EU) General Data Protection Regulation (GDPR) will come into force with harsh fines and onerous implications. The primary goal of GDPR is to harmonize the protection of personal data across all EU member states. It will have an impact in the EU and around the world, affecting any organization that handles the personal data of EU residents. Don’t let that seemingly distant date delay you from starting to prepare.

TITUS-EU-GDPR-blog
(more…)