Blog Posts Tagged with "Data Management"
Finishing the Security Automation Job
September 06, 2012 Added by:Tripwire Inc
SACM needs to grow upward and outward from where the SCAP efforts have gotten – move from controls into control frameworks and support the policies, processes, and procedures derived from Operational Risk Management. We’ve got a lot of work ahead. It’s all worth it...
Comments (3)
Keeping Technology Staff Honest
June 05, 2012 Added by:Jayson Wylie
Technology staff, on occasion, have had an all-access pass to all data on Window’s networks. This creates an environment where the support staff has exposure in having access to sensitive and confidential stuff stored in the most private parts of the organization’s data stores...
Comments (0)
Communication is King in E-Discovery Matters
May 10, 2012 Added by:Bill Gerneglia
A common vocabulary is certainly emerging making dialog between counsel and technologists productive and effective. However, equally important is that lawyers engage their client’s technology team in dialog on e-discovery issues because when counsel fails, the fall out can be costly...
Comments (0)
Fifteen Unsafe Security Practices that Lead to Data Breaches
March 21, 2012 Added by:Kelly Colgan
Database security is an essential element of overall security maturity at enterprise level. Underestimating its value and not dedicating sufficient attention to developing a comprehensive data security plan can, in many instances, lead to data compromise...
Comments (0)
New EU Data Regulations – What Companies Need to Consider
February 23, 2012 Added by:Fergal Glynn
EU Data Protection Authorities will apply these rules even if this information is processed outside of Europe, it’s not clear today whether these new rules will have an impact on the existing Safe Harbor regulations – something to watch out for in the consultation period...
Comments (0)
The MPLS Privacy Debate Continues
December 21, 2011 Added by:PCI Guru
Given that at some point MPLS traffic has to technically co-mingle with other customers’ network traffic, how can the PCI SSC claim that MPLS is private? The answer is a bit disconcerting to some, but for those of us with an understanding of the engineering issues, it was expected...
Comments (1)
Modern Encryption – So Easy a Caveman Could Do It
December 19, 2011 Added by:Kanguru Solutions
Adding encryption is a relatively easy and cost effective way to secure your organizations data without adding significant cost or complexity. For organizations dealing with confidential information (healthcare, banking, government) it should be mandatory...
Comments (0)
To iTrust or Not?
October 31, 2011 Added by:Enno Rey
Recently Apple launched its new offering iCloud. At this point, most infosec people start to worry a little bit: The common cloud concept of centralized data storage on premise of a third party does not cope well with the usual control focused approach of most technical infosec guys...
Comments (0)
Why a Data Flow Map Will Make Your Life Easier
October 23, 2011 Added by:Brent Huston
It’s impossible to protect everything in your environment if you don’t know what’s there. All system components and their dependencies need to be identified. This isn’t a mere inventory listing. Adding the dependencies and trust relationships is where the effort pays off...
Comments (0)
Why Encryption Alone Isn’t Enough
September 16, 2011 Added by:Emmett Jorgensen
There are variables at work that often require security measures above and beyond encryption. The confidentiality of the data you are working with, state, federal and industry regulations, user habits, platforms and more all factor into the security measures needed to safeguard your data...
Comments (0)
Moving Your Data to the Cloud – Sense and Sensibility
March 10, 2011 Added by:Danny Lieberman
Using a cloud service provider for storing sensitive data may actually reduce the threat surface instead of increasing it and give you more control by centralizing and standardizing data storage as part of your overall data governance strategy...
Comments (0)
Data Remains on USB and SSDs After Secure Erase
March 01, 2011 Added by:Dan Dieterle
New research shows that secure erase programs used on standard hard drives to wipe important data do not completely erase solid-state (SSD) drives and USB thumb drives. As much as 75 percent of the data could remain after a successful secure wipe...
Comments (1)
You, Your Data and Its Data Center
December 30, 2010 Added by:Christopher Burgess
When the IT pros show up at your desk asking you to identify, forecast or project your needs, work with them. They are attempting to get ahead of your requirements. You see, in the end, it all boils down to you, your data, and the data center supporting you...
Comments (0)
- Managing My Company’s Security is a Nightmare
- Bridging the Cybersecurity Divide, Why Security Innovation Must Lead the Way
- The Evolution of Industrial Control System Information Sharing
- ATM Security (And Really Learning from the Past)
- Complimentary IT Security Resources [May 13, 2013]
- Steps Toward Weaponizing the Android Platform
- Mobile Security Processes Could Be Applied to Medical Devices: Bluebox
- The Emperor Is Naked!
- Infographic: Keeping Web Applications Safe
- Do You Have a Vendor Security Check List? You Should!