Blog Posts Tagged with "Data Loss Prevention"

959779642e6e758563e80b5d83150a9f

Healthcare Data and the (Private) Social Network

May 09, 2012 Added by:Danny Lieberman

Previously, we talked about the roles that trust, security and privacy play in online healthcare interactions. In this post we look at privacy challenges in social networks and describes how you can implement a private healthcare social network for without government regulation...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Logging: Opening Pandora's Box - Part 1 - Anxiety

May 09, 2012 Added by:Rafal Los

You're probably worried that log analysis is going to consume all of your time, or you'll find out that your organization has been pwn3d for years and all your data has been exfiltrated in real-time and your latest database is being copied off to China... aren't you?

Comments  (0)

3e35900ae6facc6c146a85c435c71d82

The CERT Guide to Insider Threats

May 07, 2012 Added by:Ben Rothke

While there are many books on important security topics such as firewalls, encryption, identity management and more, The CERT Guide to Insider Threats is the one of the first to formally tackle the devastating problem of trusted insiders who misappropriate data...

Comments  (0)

959779642e6e758563e80b5d83150a9f

Healthcare Data: I Trust You to Keep this Private

May 03, 2012 Added by:Danny Lieberman

In this article, Danny Lieberman talks about the roles that trust, security and privacy play in online healthcare interactions. At the end of the article, he introduces the idea of private social networking for healthcare – leaving the piece open for a sequel...

Comments  (2)

8fcd3af85e00d8db661be6a882c6442b

What Good is PCI-DSS?

May 02, 2012 Added by:david barton

Credit card processors have valuable information that bad guys would love to get their hands on. So processors are the Fort Knox of the modern world. When bad guys are motivated, no amount of security can keep them out. Does that mean PCI-DSS standards are worthless?

Comments  (9)

A88973e7d0943d295c99820ab9aeed27

Protecting Data in Use

April 26, 2012 Added by:Simon Heron

The security of data in use is about risk mitigation. However, with the current targeted attacks and the proliferation of zero day threats, the risk level is high. It is necessary that action is taken to implement the required precautions that reduce the risk to an acceptable level...

Comments  (0)

9f19bdb2d175ba86949c352b0cb85572

From Fraud to Infosec and Vice Versa... Part 2

April 23, 2012 Added by:Neira Jones

In my previous post I summarized fraud and how it relates to infosec. Key enablers used to defraud victims of all types cut across the landscape and often overlap, posing further challenges for quantifying their impact, but the classifications are nonetheless helpful...

Comments  (0)

Fc152e73692bc3c934d248f639d9e963

The Fort Knox Approach to Security

April 23, 2012 Added by:PCI Guru

Most of you are protecting everything with equal rigor. Does everything need to be protected with the same thoroughness? Probably not and that is what makes infosec a difficult occupation. We neglect to delineate what needs the most protection and what does not need as much or any...

Comments  (0)

9f19bdb2d175ba86949c352b0cb85572

From Fraud to Infosec and Vice Versa... Part 1

April 18, 2012 Added by:Neira Jones

To all of you infosec professionals out there: one way to show you add value is get closer to your fraud colleagues and try to understand what their big ticket items are. You can even ask them the right questions as the big ticket items are more than likely those detailed here...

Comments  (0)

Ebe141392ea3ebf96ba918c780ea1ebe

The Security Poverty Line and Junk Food

April 16, 2012 Added by:Wendy Nather

Organizations below the security poverty line tend to be inordinately dependent on third parties and have less direct control over the security of the systems they use. They end up ceding risk decisions to third parties that they ideally should be making themselves...

Comments  (2)

0a8cae998f9c51e3b3c0ccbaddf521aa

On Data Breach Containment

April 12, 2012 Added by:Rafal Los

You've heard us say for a while now that information security isn't about reaching some mythical state of 'secure' but rather a constant battle on the ever-changing front lines of your organization to minimize any damage that the evil hackers can do once they find an in...

Comments  (0)

65be44ae7088566069cc3bef454174a7

Encryption: Myths and Must Knows

April 11, 2012 Added by:Rebecca Herold

Small to medium sized businesses have legal obligations to protect sensitive information, such as personally identifiable information. Here are some of the common long-held myths related to encryption misconceptions...

Comments  (0)

959779642e6e758563e80b5d83150a9f

Beyond the Firewall – Data Loss Prevention

April 05, 2012 Added by:Danny Lieberman

It doesn’t matter how they break into your network or servers – if attackers can’t take out your data, you’ve mitigated the threat. This paper reviews the taxonomies of advanced content flow monitoring that is used to audit activity and protect data inside the network...

Comments  (0)

82ac4cd789b46af43c0cde730625317e

Data Classification: Why it is Important for Information Security

April 02, 2012 Added by:Christopher Rodgers

Once you know which data needs the most protection, you can properly allocate funds and resources to defend those assets. Employing a proper data classification scheme is cost effective, as it allows a business to focus on protecting its higher risk data assets...

Comments  (0)

924ce315203c17e05d9e04b59648a942

Cloud Services Strategy: Security First - Growth Second

March 30, 2012 Added by:Richard Stiennon

Cisco, Juniper, Oracle, and Microsoft might have security initiatives and even good sales of security products. But security takes a back seat to functionality too often. Why are there no secure switches? Secure apps for Windows? Or secure databases?

Comments  (0)

Bddc4983168ae96da4b83bdd01b51548

Shutting Front and Back Door Access to Your Mobile Devices

March 27, 2012 Added by:Kevin Doel

A lost or stolen phone constitutes a serious security threat to the information on the device because the attacker has unlimited time to gain access to the secrets that are stored therein. Important personal information should not be stored in any unsecured note application...

Comments  (0)

Page « < 3 - 4 - 5 - 6 - 7 > »