Categories
Data Privacy

Cryptography Explained: Encryption vs. Tokenization vs. Hashing

Cryptography is the art of disguising data to keep it secure. I’m intentionally calling it an art because, when implemented correctly, it does a beautiful job of protecting valuable information. The alternative is to store data in plaintext – a reckless and negligent strategy. Take, for example, the time Marriott exposed 5 million unencrypted passport […]

Categories
Data Privacy

4 Application Data Security Challenges and How Bionic Can Help

Data is information. So a Chief Information Security Officer should be responsible for securing data, right? And while securing data is definitely a team sport that spans across engineering, DevOps, product, security, GRC, and other departments, it’s often the CISO who is up at night, worrying about potential data breaches, exorbitant fines, legal implications, and […]

Categories
Data Privacy

Demystifying Data Protection Laws

Protecting sensitive or personal data of employees and customers is one of – if not the – most important responsibility of any business. While most of the world is adopting data protection laws, there are misconceptions about who needs to comply with which regulations and what information or data is actually covered.  The first step […]

Categories
Data Privacy

Twitter Hack: How to Scrape Sensitive Data

Many past social media breaches resulted from scraping. Most recently, a hacker scraped over 400 million records from Twitter. And it’s only a matter of time before another data breach occurs using the same technique. In this blog, I’ll explain how hackers scraped those user records from Twitter and how to mitigate these attacks. Data […]

Categories
Data Privacy Security

WhatsApp Data Breach

Meta is a technology behemoth that’s constantly under attack. And unfortunately, it has a long list of security events resulting in the loss of user data. Keep in mind Meta attracts top-caliber software engineers. As the first letter of the envied FAANG / MAANG acronym, it’s an institution employing the best of the best. So, […]

Categories
Data Privacy

Data Flows are the Information Highway for Data Privacy

Data Privacy is one of the major driving forces behind application and information security. Organizations are constantly trying to ensure that the private data of their customers, employees, and partners are secure; but what exactly is private data? To be simplistic, private data is information that relates to a person or entity that should not […]

Categories
Data Privacy

How to Approach Data Privacy at the Application Layer

Bionic helps teams rapidly understand which applications and services are accessing PII, PCI, and other sensitive data sources. Visualize with Business Context For example, below we can see six business applications that Bionic has discovered along with 68 unique services, which are mapped showing their dependencies to databases. In seconds, we can filter this map to […]

Categories
Data Privacy

How to Detect PII Data Flows

Think of Personal Identifiable Information (PII) as gold that companies store about their customers. Gold must be kept in a safe place at all times, with restricted access, effective governance, and auditing to secure it. However, we live in a world today where everything is code. Meaning more things touch corporate gold than ever before. […]

Categories
Data Privacy

How to Automate Data Flow Mapping for GDPR Compliance

In order to comply with EU GDPR compliance, you must be able to understand and map out your data flows to identify potential risks. Specifically, you are required to map data flows relating to PII (Personal Identifiable Information) and identify which applications are accessing PII data. Data maps allow companies to visualize and understand how […]