The Australian Privacy Act 1988 has been a cornerstone in protecting Australians’ privacy rights and governing how personal information is collected, used, and managed by organizations. Here you’ll find more about what the Privacy Act is and how it could impact you or your organization.

Hacks, social engineering, and phishing dominated this week’s headlines, but cloud security is at the forefront of government officials’ minds. Catch up on all the latest in this week’s Friday Five!

The concepts of data protection and data sovereignty have become even more intertwined and crucial of late, especially in cloud computing environments.

Bad bots, malicious programs and applications designed to deface websites and carry out DDoS attacks, can negatively impact a company's business.

With an uptick of cyberattacks against government agencies comes a wave of new cyber frameworks, guidance, and regulations. Catch up on all the latest in this week’s Friday Five!

While the romanticized image of the genius toiling alone in his garage with a breakthrough idea is woven into tech mythology, it doesn’t survive contact with reality. The complexity of modern business demands orchestrated effort and cross-pollination of ideas. Secure collaboration tools promote safe information exchange among employees, business partners, and contractors. What Is Secure Collaboration? Secure collaboration is the ability of teams to work seamlessly, often across geographic boundaries and limitations, in a secure manner that protects the information stored or transmitted. Secure collaboration tools facilitate this interaction, allowing groups, whether in remote, onsite, or hybrid working models, to work safely with data. What Are the Benefits of Using Secure Collaboration Secure collaboration tools are crucial assets for businesses, especially those that handle sensitive information because they offer the following benefits: Secure file sharing and exchange: Allowing employees and team members to share information that is pertinent to a project without compromising intellectual property or proprietary information. Hence, you have the confidence to share files without fear of their contents being seen by prying eyes. Productivity and communication: Emailing back and forth can be cumbersome. Collaboration tools save time and resources — no need to gather people inside a physical conference room — by serving as a virtual meeting room. Speed: It facilitates quick communication across geographic locations, allowing participants to seek feedback and respond promptly with tasks actioned immediately. Organization: Secure collaboration tools allow you to track the progress of tasks and files. The Core Features to Look for In a Secure Collaboration Software Secure collaboration fortifies the security perimeter around applications by implementing the following features: End-to-End Encryption Secure collaboration tools implement robust, end-to-end encryption to protect data used in the application. This prevents hacking and man-in-the-middle attacks launched to compromise its data. Data Loss Prevention Secure collaboration tools integrate data loss prevention mechanisms to ensure data on its platform isn’t misused, lost, or otherwise accessed by unauthorized users. Multi-factor Authentication In addition to using password credentials, secure collaboration tools typically implement multi-factor authentication. These additional layers of security are used to verify identities and their associated roles. This is typically implemented by converting the password credentials into an authorization token that is subsequently used to navigate the user from one application to another. Secure Data Collaboration and Dissemination One of the primary use cases of collaboration tools is to ensure people can work with data in a collaborative yet secure manner. Therefore, in addition to disseminating information securely, these tools typically provide backup and project management capabilities. Top 5 Secure Collaboration Tools for Your Business Here is a rundown of the top five platforms for secure collaboration: 1. Digital Guardian Secure Collaboration Use case and audience Fortra’s Digital Guardian Secure Collaboration is a secure collaboration platform that provides a seamless, worry-free environment, enabling organizations to confidently collaborate and track their intellectual property wherever it goes. Features Digital rights management to secure personal information and intellectual property. The nimble ability to track where files are opened in real-time, regardless of whether they were copied, moved, or downloaded onto an untrusted device. Robust data encryption ensures document security, whether at rest, in use, or in transit. Zero trust file security with the ability to dynamically alter file permissions. Pros Gives businesses the ability to limit what people can do with their files.Easy adoption since no software installation is required.Reduces the possibility of unintentionally sharing privileged content with unauthorized third parties. The ability to establish how long collaborators like contractors and third-party can access assets. Cons It doesn’t provide tiered pricing, thereby placing it outside the reach of most small businesses. 2. Microsoft Teams Use case and audience Microsoft Teams is suited for corporate workspaces. It helps facilitate real-time communication and collaboration among a group of people working on projects or common interests. Moreover, it is backed by Microsoft’s deep expertise in security products. Features Video conference for online meetings. Unlimited chat with coworkers and customers. Project management and collaboration features are all in one place. Ability to record team meetings and produce transcripts. Provide live captions in meetings for over 30 languages. Pros Boosts team productivity Enables users to apply increased focus on work Unlike most enterprise applications, Microsoft Teams is easy to implement Cons Confusing and difficult-to-search file structures Less intuitive to use than Slack. It is constrained with limited flexibility. 3. Slack Use case and audience Slack is among the foremost and most popular collaboration tools for teams in the market. It transforms how you work by providing a central place for your team to collaborate effectively. Features Custom retention policies concerning files and messages. Workflow builder to automate actions and communications Enterprise key management to control access to data. Collaborative file sharing along with conversations around them. Ability to collaborate with teams from other organizations with Channels, Huddles, etc. Pros It can be adopted by enterprises and small businesses alike Seamless integrations with popular productivity apps like Google Docs, Office 365, Google Drive, etc. Simplifies teamwork by seamlessly organizing your work life. Vital substitute for email. Cons For some people, it can easily become a distraction. 4. Basecamp Use case and audience Basecamp is used for collaboration, remote team communications, and project management. Features The Hill Charts feature The ability to create and upload files and documents Attractive and intuitive user interface Pros Simplified pricing system. Good document storage A great tool for project management. Cons It lacks a free plan. It lacks a time-tracking feature Topic lists get crowded because of the inability to archive unused topics. 5. Trello Use case and audience Trello is a visual collaboration tool that enables organizations intuitively manage their workflows, issue/task tracking, and projects. It provides a kanban-style, list-making interface to facilitate collaboration. Features Boards to keep tasks organized and view projects from every angle. The ability to execute weekly vulnerability scans, including annual data breach tests Built-in workflow automation with its Butler automation.Product management leveraging its roadmap capabilities to simplify projects. Pros Trello is simple, flexible, and powerful. It can be accessed and used from the web, desktop, and mobile. Provides encrypted full backup every 24 hours. Cons Due to scalability issues, it may not be ideal for large enterprises. Learn How Fortra’s Digital Guardian Secure Collaboration Facilitates Secure Collaboration While unsecured collaboration tools expose you to risks, Fortra’s Digital Guardian Secure Collaboration is on a quest to simplify the complexity of today’s cybersecurity landscape. Digital Guardian Secure Collaboration understands how collaboration drives modern workplaces. Therefore, it seamlessly integrates with cloud platforms while automatically protecting your account. Contact us to book a demo today.

Graeme Batsman, a Senior Security Consultant with Fortra’s Professional Services team, gives a primer on all things USB: How to limit data ingress, egress, and other technical controls that can be implemented to mitigate risk.

Data classification and DLP tools can certainly serve as standalone solutions, but when paired together, organizations can truly benefit from what the solutions have to offer.

The cost of the average data breach is on the rise, the SEC recently approved new data breach regulations, and four AI powerhouses have come to an agreement on a new joint initiative. Catch up on these stories and more in this week’s Friday Five!

Data fulfills its purpose and potential when deployed for the right uses. This often requires moving data across systems, platforms, and networks to the target endpoints where it is utilized.

Considering DLP? In this blog, we look at a handful of factors to consider when selecting a solution.

A rise in cyberattacks’ volume and sophistication, lawmakers cracking down on privacy, the rising threats to critical infrastructure, and more. Catch up on these stories and more in this week’s Friday Five!

This past week, the White House released the first version of their National Cybersecurity Strategy implementation plan, Signal's President voiced her concerns over encryption and data privacy, BreachForums made its return, and more. Catch up on these stories and more in this week’s Friday Five!

Most companies understand the importance of data protection but don't always know how to implement an effective data loss prevention program. Here's a quick primer.

The most secure document collaboration software for businesses prevent data loss, theft, and misuse while preserving their organization’s competitive advantage. Let's look at five secure document collaboration solutions.

Read about the rise in cyberattacks against Android users, Chinese cyberattacks in Europe, a new ransomware decryptor, and more—all in this week’s Friday Five!

CISA’s fight against supply chain attacks, possible AI regulations, a malicious Super Mario game, and more—catch up on all the latest in this week’s Friday Five!

The International Traffic in Arms Regulations (ITAR) controls the sale, manufacture, import, and export of defense-related services, articles, and technical data on the United States Munitions List (USML). ITAR is a set of US regulations overseen and administered by the State Department designed to protect the national security interests of the United States. ITAR applies to defense companies that handle military and defense-related information, including universities and research centers. Due to its security implications and foreign relations interests, the United States highly regulates information relating to its defense industry. Therefore, there are stiff penalties for violating or mishandling the sensitive data specified by USML. ITAR Regulations The overall thrust of ITAR regulations is to ensure military technology, both physical materials and technical data related to defense, are restricted to only United States citizens or those otherwise authorized, with access provided on a compliant network. The overriding objective of ITAR is to safeguard defense-related goods, especially defense technologies and information, to ensure they don’t fall into the wrong hands, such as unauthorized parties. Below are the items subject to ITAR control, organized by their 21 USML categories based on the Electronic Code of Federal Regulations (e-CFR): Category I—Firearms and related articles Category II—Guns and Armament Category III—Ammunition and ordnance Category IV—Launch vehicles, guided missiles, ballistic missiles, rockets, torpedoes, bombs, and mines. Category VI—Surface vessels of war and special naval equipment Category VII—Ground vehicles Category VIII—Aircraft and related articles Category IX—Military training equipment and training Category X—Personal protective equipment Category XI—Military electronics Category XII — Fire control, laser, imaging, and guidance equipment Category XIII — Materials and miscellaneous articles Category XIV—Toxicological agents, including chemical agents, biological agents, and associated equipment. Category XV— Spacecraft and related articles. Category XVI—Nuclear weapons-related articles. Category XVII—Classified articles, technical data, and defense services not otherwise enumerated. Category XVIII — Directed energy weapons. Category XIX — Gas turbine engines and associated equipment. Category XX — Submersible vessels and related articles. Category XXI — Articles, technical data, and defense services not otherwise enumerated. In addition to weaponry and equipment, the defense-related articles profusely mentioned in the list include military gear, technical documentation, software, and instruments. What Does It Mean to be ITAR-Compliant? To be ITAR-compliant means to dutifully abide by its regulations. First and foremost, ITAR applies to any company that conducts business with the US military. Secondly, it involves any organization, whether third-party or otherwise, that deals with defense services, articles, or data specified in USML. This applies to various types of organizations, such as contractors, manufacturers, wholesalers, technology/hardware/software vendors, and third-party suppliers involved in manufacturing, distributing, and selling ITAR services or products. If you are among these companies or work with companies in your supply chain that handle ITAR-controlled items, then you must remain ITAR-compliant. All of the following are the necessary steps to become or remain ITAR-compliant: Step 1: Register with the Directorate of Defense Trade Controls (DDTC) of the Bureau of Political-Military Affairs under the State Department's auspices. First-time entrants pay the $2,250 application fee. ITAR registration must be renewed every 12 months with a renewal fee of between $2,250 and $2,750 per year. However, your registration renewal documents must be submitted 60 days before the registration expiration date. Step 2: Setting up formal ITAR compliance programs inside the business. There are procedures necessary for the protection of ITAR-related technical data. Implementing this requires understanding how ITAR regulations apply to the company’s USML goods, services, or data. This understanding equips the organization to define and implement the processes and programs needed to demonstrate and strengthen a commitment to ITAR compliance. Step 3: Utilizing cloud-compliant storage A secure data center to protect technical data is cardinal to ITAR compliance. This cloud storage should have sufficient controls to prevent access to unauthorized foreigners, individuals, or governments. This demands implementing data security controls to ensure technical data that travels through the cloud and endpoints with end-to-end encryption. Moreover, strict key management protocols must be applied such that the decryption keys aren’t accessible by a third party. Step 4: Keeping a comprehensive record of defense goods This includes the recipients' identity and their country, including the end-use and end-users of the defense item. While the steps enumerated above should be followed, the best practice for companies handling ITAR-regulated materials is to adhere to the data security guidelines specified in NIST SP 800-53, which defines the standards for safeguarding information systems that federal agencies should comply with. ITAR Penalties and Violations Due to the high-security stakes involved, there are severe penalties for violating ITAR:

We provide a high-level overview of India's Digital Personal Data Protection Act or DPDP Act, including how data privacy law in India has evolved over the years and outline the rights and responsibilities of the recently passed bill.