HighSide Blog

Cryptography & Cybersecurity Did You Know that 17% of Your Workforce Has Access to 100% of Your data? The biggest risk to modern organisations isn’t always a fraudster or cyber criminal halfway across the world; in many cases, it’s an employee. Research shows that between 2018 and 2020, there was a 47% increase in the frequency of incidents involving insider threats, and 66% of organisations consider Evan Blair • 4 min read

Compliance Facebook's whistleblower and what it means for your data security & GDPR program With the recent testimony in Congress on October 5 by former Facebook employee and now whistleblower, Frances Haugen, has drawn the curtain back on management’s priorities at the company, and it isn’t good. Basically, she claims profits are the top priority among Facebook’s leaders. As a result Evan Blair • 3 min read

Compliance GDPR & Collaboration: Are You Really Compliant using Slack, Box, Teams, etc...? Before we can answer that question, we need to better understand GDPR (there are a lot of false narratives out there) and what your responsibilities are, and what your providers responsibilities are. Once we understand those, we can look at some specific articles of the GDPR that will highlight (and Evan Blair • 7 min read

Compliance What you need to know about HIPAA; email, collaboration, messaging, and data sharing The need for improved HIPAA compliant technologies is becoming more apparent. The number of data breaches in the healthcare industry has increased steadily for the past four years. From 2015 to 2018 alone, healthcare breaches increased by more than 26%. And while cyber attacks are growing across all sectors, the Andy Johnson • 7 min read

Cryptography & Cybersecurity [3 Minute Video] HighSide CSO dishes on “Dark Halo”, The First Global Microsoft 365 Breach Listen to HighSide CSO Aaron Turner give a 3 minute “deep-dive” on the Dark Halo attack, detailing how adversaries exploited vulnerabilities in Microsoft Teams to gain access to sensitive, proprietary and regulated data. Evan Blair • 1 min read

Cryptography & Cybersecurity Why can’t I use SFTP for secure file transfer? With most businesses still adapting to the new normal of remote and decentralized work, we wanted to take a quick look at two of the tools / techniques some businesses have dusted the cobwebs off of to share data with their employees and partners around the world – FTP, SFTP, and FTPS. Evan Blair • 4 min read

Compliance Understanding & Meeting UK MOD’s DEFCON 658 Regulatory Framework Like CMMC in the United States, The UK Ministry of Defence’s (MOD) DEFCON 658 is a cybersecurity regulatory framework that applies to any organisation doing business with the MOD. The goal of DEFCON 658 is to protect MOD Identifiable Information (MODII) across the whole of the defence supply chain Evan Blair • 2 min read

Compliance People, Process & Technology: Understanding What CMMC Means For Your Organization In Monty Python and the Holy Grail, Sir Lancelot charges guards at a castle’s gates, but abnormally. There is repeated footage of a distant charging Sir Lancelot alternated in with footage of the peaceful guards. Each time the camera cuts back to Sir Lancelot, he is charging from the Evan Blair • 4 min read

Engineering HighSide’s Distributed Private Root of Trust Cryptography Explained Last updated 1/13/21 This is a technical overview of how HighSide’s encrypted messaging & file sharing works for those who are interested in specifics. You do not need to read or understand any of this to use HighSide correctly unless you are the admin for your team Jonathan Warren • 11 min read

Cryptography & Cybersecurity The State of in-Security in Collaboration & Cloud File Sharing Applications Data security, privacy and access integrity has never been more at risk.In this post we’re going to talk about how the communication, file sharing and file storage layers have become a huge security vulnerability for organizations of all sizes, why, and what you can do about it. Your Brendan Diaz • 16 min read