“Security is always excessive until it’s not enough.”
– Robbie Sinclair
Cybersecurity Protection for Commercial, Non-Profits, and You
A secured digital enclave and remote vault for PII and other sensitive data.
Protecting the PII – Understand What Needs Protecting
What is Personal Identification Information (PII)?
PII is information that can be used to determine an individual’s identity. In a way, it is similar to HIPPA, which came around in the early 90s. One aspect was set in place to safeguard patients’ medical documents, and another emphasized the healthcare worker’s responsibility not to discuss the patient’s details that would lead someone to determine the person’s identity. Today, PII is collected in all forms (passports, driver’s licenses, financial information, social security numbers) and is considered sensitive in nature.
If your individuality were a completed puzzle, PII is every piece of the puzzle that would make up your identity. Each piece must be safeguarded, even if you do not hold the entire puzzle. Oftentimes, sensitive PII is stored in unsecured locations, even with off-premise options such as cloud storage.
What is not Personal Identification Information (PII)?
Certain information is deemed non-sensitive because of its ability to be easily accessed through public sources. This would include zip code, race, gender, and date of birth. Remember that if you post it on social media or have it on a social media profile, it is most likely a non-sensitive PII.
What does this have to do with my organization?
Certain organizations are required to safeguard sensitive PII under the Gramm-Leach-Bliley Acts and face extensive fines per violation. Cybersecurity breaches can be costly, not just in lawsuits or fines but also in reputation. A company’s ability to protect the PII of its current and future clients can capture the confidence of potential clients. In a day where reviews mean everything, no company can be safe from the internet microscope that magnifies a problem as big as a cybersecurity breach.
What is it, and what does it actually do?
It is a digital vault built into a rugged USB drive containing a completely hardened and modified Windows operating system that allows you access to various secure cloud spaces with defined parameters that control user access, all while utilizing the computer already in your network environment.
The Description Defined
Digital Vault – A standalone enclave that is completely independent and does not interact with other systems or networks.
Hardened & Modified Windows Operating System – A fully configured operating system that removes unnecessary applications and eliminates Windows vulnerabilities.
Secure Cloud Spaces – Direct and encrypted path to off-site storage.
Defined Parameters – Secured access requirements that work with your needs.
Control User Access – Assigned credentials to allow access and monitor for unwanted access.
Network Environment – Computer equipment that works with a Windows O/S and has a USB drive.
Interested in a solution?
Contact us with your questions or for additional information and pricing about how we can serve you and your needs.
Securing Data Through the Lifecycle
Data requires protection when stored on your system, entering the business, or being used to deliver information. This requires tracking, monitoring, and backing up the information, managing access, and securely managing encryption keys.
Unified Policies and Procedures
Cybersecurity requires more than just encryption or anti-virus tools – it needs policies and procedures. Our policies and procedures start with a foundation from the Department of Defense standard NIST 800-53 Rev 5, providing a key stepping stone to future compliance needs.
Access Control and Tracking
Limit the access to each piece of information in the vault by user or group. We track when data is added, removed, or accessed to ensure you have the necessary information for auditors or during incident responses.
“If you spend more on coffee than on IT security, you will be hacked.
What’s more, you deserve to be hacked.”
– Richard Clarke
(Former US National Coordinator for Security, Infrastructure Protection, and Counter-terrorism)