Skip to main content

Data Privacy Week with Sugar Security and OkieTech!

 


Data Privacy week is here!

You have probably heard of data privacy, but why is there a whole week of it? Data Privacy Week was created as an international effort to empower individuals and encourage businesses to respect privacy, safeguard data, and enable trust.

Here are the 7 Principles that are recognized most:

Principle 1: Lawfulness, Fairness, transparency
Principle 2: Purpose Limitation
Principle 3: Data Minimization
Principle 4: Accuracy
Principle 5: Storage Limit
Principle 6: Integrity & Confidentiality (Security)
Principle 7: Accountability

We highly recommend checking out: Here
It's a great reminder to check in on how you're handling customer data and maybe see ways to better it! Data privacy has been getting more traction as we go further into tech and is a necessary step to ensure customer data is in the right hands. Not only that, your customers trust you with their data, so how are you staying up to date with all these changes?

Stay Informed with your state

We recently met with Oklahoma Representatives behind the 2022 Computer Data Privacy Act that should be moving forward on February 7th, 2022.  It's refreshing to see Oklahoma taking step towards this, and we loved what they proposed. If you're in Oklahoma, I highly recommend you give this bill a read: 
Here

 Find local tech scenes in your area -

One of the best decisions we made was finding a tech group here in Oklahoma City called OkieTech. It's a great way to see what other tech leaders are doing in different industries and learn from them. Not only that, it's an awesome way to join a tech community with techy individuals. If you're in or ever visiting Oklahoma City, Check out our friends at OkieTech! They usually host a monthly talk with drinks and food. It's a great place to learn something and meet awesome people in the tech business.

Check them out here: Website & Linkedin

Staying informed is one thing, but how do you know if your Data Security is up to Scratch? 

It's simple, Test it. 

All those changes you implemented and the security team trained are never really ready until it's put in action. This is why we recommend hiring a Red Team, this puts your team in a scenario where it's a simulated attack and is the best way to see how your defenses hold up. Afterward, they report on the vulnerabilities and recommendations on fixing them before a real scenario. These can be pricey and may be hard to obtain. But we're helping businesses, small to large, with their security posture without that big price tag. We're experts in the field and want to make this service obtainable by any sized business. Feel free to contact us with questions or inquiries, we would be happy to help! 



Labels:

Comments

Post a Comment

Popular posts from this blog

Adapting from Pentesting to Real-Time Vulnerability Scanning

Organizations should make the upgrade from disjointed penetration tests and MSSP services to a centralized and real-time solution. In the first half of 2020,  27 billion data records were exposed , including personal information, login credentials, financial data, PHI health records, and more. Covid-19 added to this, with  Trend Micro finding 9 million Covid-19-related threats  between January to June 2020. Many cyber-criminals specifically target smaller businesses, which are seen as ‘low hanging fruit’ with fewer resources available to prevent a cyber-attack. When we look at the cyber-threat situation, it feels as if cybersecurity is out of control. Just as one vulnerability or entry point is closed, another opens. The SMB is always on the run, playing catch-up as cybercriminals forge ahead, innovating around cybercrime. But help is here. Real-Time Vulnerability Detection is a technique that is managed on behalf of an SMB, giving them the tools to turn the tables on cyb...
Post a Comment
Read more

Want to use Serverless Python APIs with AWS Chalice? Well here you go!

Serverless Python APIs with AWS Chalice Get started in 4 steps: Get an AWS Account Set up API Keys for your AWS Account Configure the AWS CLI Install Chalice and say “Hello World!” Get an AWS Account https://aws.amazon.com/premiumsupport/knowledge-center/create-and-activate-aws-account/ If you’ve signed up for  any  website before, you can sign up for AWS. It will ask for a credit card, but you can do a lot of crazy stuff with it  for free Set up API Keys for your AWS Account https://youtu.be/665RYobRJDY When choosing permissions for the keys, you get to weigh the risk vs. the amount of research you need to do. It’s the easiest upfront to add the user to the Admins group. Configure the AWS CLI Windows Download and run the MSI installer from https://awscli.amazonaws.com/AWSCLIV2.msi Linux curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip" unzip awscliv2.zip sudo ./aws/install Testing your Installation aws --version Configuring with y...
Post a Comment
Read more

Sugar Security – Using Red Teams To Ensure Data Security

The issue with data privacy is not just a matter of users’ privacy but also to the business itself - A compromised customer database may cost you customers and future revenue. It’s a giant pain point for  both your customers and business alike.  Data breaches and privacy violations have become routine news, a great example being the Facebook/Cambridge Analytica debacle. The latter incident has raised a number of questions about how the social network handled the personal information of 50 million users. Suffice to say, there is a growing need to keep sensitive data safe. After all, this is not just about protecting your company's brand. At stake is the trust that customers place in organizations they engage with and entrust their private information to. By failing to protect their data, businesses can face penalties as well as lose customers. Data breach insurance, once considered a distant possibility, has now become an urgent priority for many businesses. Some companies...
Post a Comment
Read more