Browsed by
Author: Chris Nieves

Chris studied Information Systems at Hofstra University before joining STEALTHbits where he took on the role as the Technical Product Manager of SharePoint, Dropbox and Box solution sets. His focus is primarily on SharePoint security, but data security, in general, is a passion. Aside from technical interests, he enjoys the outdoors and hopes to one day start an animal rescue and rehabilitation center for injured, disabled and orphaned animals.
Key Requirements of the NY SHIELD Act and How to be Compliant

Key Requirements of the NY SHIELD Act and How to be Compliant

As more and more attacks are occurring each year with a record 4.1 billion records breached in just the first half of 2019, according to Forbes– data security regulation is becoming more of a priority. Just as we suspected with the signing of the GDPR regulation in the EU, similar regulation has sprung up in the U.S with the CCPA on the west coast in California and most recently spreading to the east coast in New York with the signing…

Read More Read More

Microsoft Teams Quick Admin Guide to Collaborating Safely with External Users

Microsoft Teams Quick Admin Guide to Collaborating Safely with External Users

According to a study conducted by Mio, 91% of businesses use at least two messaging apps, of which slack and Microsoft Teams are present in 66% of the organizations surveyed. Teams adoption has been growing quickly due to its interoperability with the rest of the Office 365 suite which makes collaborating easier than ever. While collaboration is great, security is a major concern for organizations who are still considering the move to Teams from Slack, Skype, etc. The great double-edged…

Read More Read More

How to Protect Office 365 by Classifying Your Data with Microsoft’s AIP Labels

How to Protect Office 365 by Classifying Your Data with Microsoft’s AIP Labels

Azure Information Protection labels or AIP labels can be created and applied to documents and emails. These labels can be used to classify content based on what the data is and how sensitive it is. This approach is extremely powerful when properly implemented as it provides security on your data even after it leaves your environment (if the label allows it to). In this post, I’ll walk through setting up Azure Information protection to use labels to classify and protect…

Read More Read More

Open Access in SharePoint – What it is And How to Find it

Open Access in SharePoint – What it is And How to Find it

Within SharePoint, there are a few groups which can give ‘Open Access’ to a given resource that can leave the environment vulnerable depending on where these groups exist. With open access comes the increased risk of data being ‘lost’ and with data loss comes risks to sales and revenue, lawsuits, IP theft, and subsequently – compliance breaches. What is Open Access? An instance of open access exists whenever one of the large groups described below has access to a resource….

Read More Read More

SharePoint Activity Monitoring: How to do it And What to Look For

SharePoint Activity Monitoring: How to do it And What to Look For

SharePoint offers options for collecting activity which may prove useful for many different reasons. Whether that reason is for security auditing or fulfilling other compliance requirements, in order to make use of it – it must be turned on and you need to know what you are looking for. The purpose of this blog is to show you what kind of activity is available, how to enable activity auditing and how to make use of that data. Events Available for…

Read More Read More

ProTip: Create PII Retention Policies in O365 to Help Abide with GDPR Guidelines

ProTip: Create PII Retention Policies in O365 to Help Abide with GDPR Guidelines

Automate the Process of Disposing of Data With GDPR now in effect, organizations are legally required to remove personal data once its purpose for processing has been met. In March of 2019 a Danish Taxi company, Taxa 4×35, was fined $180,000 for failing to properly dispose of its customer’s personally identifiable data (PII). An audit found that the company was only removing the customer’s name from the documents, however other personally identifiable information such as telephone numbers and address’ remained….

Read More Read More

GDPR – One Year Later…

GDPR – One Year Later…

The penalty for failure to comply with the General Data Protection Regulation (GDPR) is up to $22 million or 4% of annual global turnover (whichever is greater). By now most organizations around the globe know that regardless of where they are based, this regulation affects them if they are doing business with EU citizens. Aside from having a responsibility to properly handling personal data, that amount of money can really hurt your business. For example, under the Data Protection Act of…

Read More Read More

Office 365 Security and Compliance: Guide to Creating Custom Sensitive Info Types and DLP Policies

Office 365 Security and Compliance: Guide to Creating Custom Sensitive Info Types and DLP Policies

In my last blog post, I covered configuring some of the out of the box data loss prevention policies that Microsoft’s security & compliance center offers. Yet in order to meet the specific needs of your organization, custom information types and DLP policies can be created. In this guide, I will show you how to use Microsoft Office 365’s Security and Compliance center to categorize sensitive content with custom sensitive information types and create custom data loss prevention (DLP) policies….

Read More Read More

Office 365 Security and Compliance: Admin Guide to Creating Labels and DLP Policies

Office 365 Security and Compliance: Admin Guide to Creating Labels and DLP Policies

Data loss is defined as data that gets misplaced, removed without authorization, leaked outside of the organization or otherwise corrupted perhaps due to malware. Failure to prevent data from being ‘lost’ can result in hefty fines, especially for organizations that have to comply with the General Data Protection Regulations (GDPR) where they can be fined up to 20 million Euros, or 4% of annual, worldwide turnover. In this guide, I will show you how you can leverage Microsoft Office 365…

Read More Read More

External Sharing Best Practices for SharePoint Online & O365

External Sharing Best Practices for SharePoint Online & O365

The policy of ‘Data protection by design and by default’ in article 25 of the GDPR is driving vendors like Microsoft to align data security with innovation to not only develop better products but also more secure products. Along these lines organizations should adopt the policy of Privacy by Design, that is, organizational processes that are designed with protecting privacy in mind. Just as external sharing is a critical and unavoidable piece of business success, so too is achieving compliance…

Read More Read More

Start a Free StealthAUDIT® Trial!

No risk. No obligation.

Privacy Preference Center

      Necessary

      Advertising

      Analytics

      Other