Security News
Publications
Evaluations
Headquarters
Fortressware, Inc.
2672 Bayshore Pkwy
Mountain View
CA 94043
P: +1.650.472.3886
F: +1.650.472.3966
e-mail us
map & directions
|
2008-05-01
6,000 UCSF patients' data got put online
May 1, 2008 ( San Francisco Chronicle) -- Information on thousands of UCSF patients was
accessible on the Internet for more than three months last year,
a possible violation of federal privacy regulations that might have exposed the
patients to medical identity theft, The Chronicle has learned.
A healthcare organization had shared information on its patients with a vendor
to assist in its fundraising efforts.
But somehow at least a portion of the data was published on the Internet.
This highlights the practice of firms engaging service providers to provide sales,
marketing, and other support. In the process, millions of electronic records may
be transferred, controlled only by a contractual commitment that the data will be
protected. Frequently, no substantive enforcement mechanism is included.
Fortressware enforces a firm¡¯s data security policies, even if its data moves
outside its firewall to a third party.
It ensures that patient information is kept encrypted in a secure space and can\t
be copied or moved outside this space.
Additionally, through Fortressware\s data masking capabilities,
3rd parties are able to mine patient data for the information they are authorized to use,
but all other data remains hidden and inaccessible. ( hide)
2008-04-24
Missing laptop raises fear of identity theft
NORTH BEND - The theft of a laptop computer owned by a local accounting firm has made
nearly 500 employees of Coos County and private organizations concerned about identity
theft.
"During the night of Tuesday, March 4, 2008, a notebook computer was stolen
from a locked vehicle.
The notebook's hard drive may have contained your name,
Social Security number, and other personal information," the letter stated.
"We have notified law enforcement about this incident.
This notification included a general report alerting them to the fact that the incident
occurred.
However, we have not notified them about the presence of your specific information
in the data breach."
With Fortressware, all sensitive data is continuously protected from the point it is
created to when it is used.
This includes portable devices, including laptop computers.
In this case, the thief would not be able to see, let alone access,
the personal information on the laptop.
Regardless of which applications create or utilize sensitive information,
Fortressware always stores the data on disk encrypted.
Additionally, the story points out that old audit information was on the lost machines.
Through Fortressware, access to encrypted data can be further limited by setting
an expiration date, after which no one, not even previously authorized users,
have access to it.
Financial dated March 27 didn't arrive in his mailbox until Monday. ( hide)
2008-01-29
New data security breaches come in fours
January 29, 2008 (Computerworld) -- What do Fallon Community Health Plan,
Pennsylvania State University, OmniAmerican Bank and T. Rowe Price Group Inc.
all have in common?
Each of them recently joined the seemingly never-ending parade of organizations
that have disclosed security breaches resulting in the potential compromise
of personal data.
Companies develop a web of relationships with suppliers, partners, consultants,
and service providers. In the process, these businesses are entrusted with personal
client information, including individual financial and health data.
Unfortunately, the task of securely managing this information frequently is
ill defined or unenforced. Fortressware provides a complete solution by
- Securing sensitive content as it is flows to and from 3rd parties
- Keeping content encrypted and enforcing access policies on 3rd
party desktops and laptops
- Keeping a log of any attempts to leak content inside or outside of a 3rd party's facilities
- Terminating all access by 3rd party users automatically at the expiration of a project's
completion date (hide)
2007-12-18
Businesses Devise Ways to Guard, Manage Laptops That Have Left the Office
When consulting firm Booz Allen Hamilton Inc. started giving laptops to
most of its 20,000 employees three years ago, the company found itself facing
the challenge of teaching its computer network "to find Fred," said Booz Allen's chief
information officer, Fred Smith.
"I had no idea where and what my network's endpoints are,"
the chief information officer said.
"So I needed to do things a lot differently."
Fortressware's workgroup solution is designed for securing sensitive
information in such a dynamically distributed environment.
It
- Provides a secure, virtual workspace that secures files and information
across public networks, geographically-distributed teams,
especially for managing mobile workers
- Protects data at its point-of-creation and keeps it secure all the way to
its point-of-use, eliminating the need for monitoring data in motion
The underlying patent pending technology addresses the new global environment
where "networks are without boundaries".
( hide)
2007-11-24
Security probe focuses on patients' data
ST. JOHNS , Newfoundland , Nov. 24 (UPI) -- Police in Newfoundland are
investigating the possible theft of hospital patients' personal data during a computer
security breach.
Fortressware actively incorporates offline and remote users securely.
In this story, though the details of how the information leaked are unclear,
it seems apparent that the patient data was not encrypted.
And it may well have leaked over a peer-to-peer connection.
Fortressware keeps all project data encrypted and blocks its unauthorized
transmission.
( hide)
2007-11-23
McLaren believe Renault gained unfair advantage, by Alan Baldwin
LONDON , Nov 23 (Reuters) - McLaren believe Formula One rivals Renault gained
a "clear benefit and unfair advantage" from technical information taken
to them by a former employee, according to a memo leaked to the media on Friday.
In Fortressware, McLarren manager could have defined a secure project workspace
for each of their employees who needs to work on sensitive projects.
These users can access all information they need to work inside the secure workspace
but cannot copy decrypted information to network locations,
local storage devices, or attach to a mail message.
Additionally, there is full audit trail for all the acitivities conducted
in the secure worskpace.
( hide)
2007-11-20
U.K. agency loses sensitive data on 25m people
The head of HM Revenue & Customs, the United Kingdom's tax agency, resigned
on Tuesday, taking responsibility for a massive data leak that potentially put the
sensitive personal details of 25 million people at risk.
In Fortressware, managers define a security policy that defines who has access to
sensitive information and what they may do with it. In this case,
a Fortressware policy could have:
- Done away with entrusting these records to physical media -
all files could have been placed inside an encrypted Fortressware
capsule when transferred electronically and stay encrypted when stored locally.
- Restricted the ability to copy unencrypted files to a CD
- Provide different levels of visibility to the encrypted record for users of
different resposbilities
( hide)
|
|
