Welcome!

Gerry Grealish

Subscribe to Gerry Grealish: eMailAlertsEmail Alerts
Get Gerry Grealish via: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Top Stories by Gerry Grealish

By Gerry Grealish PerspecSys Vice President of Marketing & Products Earlier this week, the Massachusetts Eye and Ear Infirmary and Massachusetts Ear and Eye, Inc. (MEEI) agreed to pay a hefty $1.5 million settlement to the U.S. Department of Health & Human Services for alleged HIPAA violations. According to MEEI, a personal laptop that contained unencrypted electronic protected health information (ePHI) was stolen, exposing a large amount of personal, clinical, and patient prescription data. The government's investigation found that MEEI failed to take steps necessary to comply with several HIPAA Security Rule requirements regarding data protection, and that the failures occurred over an extended period of time. And while this healthcare data breach involved a laptop, data security risks like this extend to larger "secure" IT environments as well. Just take a look a... (more)

Australia Introduces New Updates to Policies on Cloud Security

Australian Government agencies have some new regulations to consider when they are contemplating moves to the cloud, particularly clouds hosted outside of Australian borders. These guidelines, known as "The Australian Government policy and risk management guidelines for the processing and storage of Australian Government information in outsourced or offshore ICT arrangements", are part of the broader Protective Security Policy Framework announced earlier this year and are aimed at protecting data being stored and processed in cloud environments. The Framework document clearly ac... (more)

NIST Weighs In on the Cloud

NIST released a new publication entitled Cloud Computing Synopsis & Recommendations (Special Publication 800-146) that describes in detail the current cloud computing environment, explains the economic opportunities and risks associated with cloud adoption, and openly addresses the security and data privacy challenges. NIST makes numerous recommendations for companies or agencies considering the move to the cloud (including delivering a strong case for uniform management practices in the data security and governance arenas). The report highlights several reasons why cloud-based... (more)

Gartner Highlights the Importance of Third-Party Validation

By Gerry Grealish PerspecSys Vice President of Marketing & Products Gartner recently published a report that highlights the growing importance of Cloud Access Security Brokers - solution providers that offer unified cloud computing security platforms. This solution category includes a new class of products that Gartner terms Cloud Encryption Gateways, which encrypt or tokenize sensitive information before it leaves an organization's firewall. These solutions, if designed properly, allow organizations to maintain control of sensitive data since they replace the original "clear-text... (more)

Living Social’s Data Breach

Living Social, the popular online discount site, recently experienced a cyber-attack affecting more than 50 million of their customers. Users with a Living Social account received an email explaining the data breach, which included hackers accessing customer user names, email addresses, birth dates and passwords. In the email to customers, Living Social asked many users to change their password immediately. While the passwords were encrypted, Living Social Chief Executive Tim O'Shaughnessy wrote "We also encourage you, for your own personal data security, to consider changing pa... (more)