Blog Posts Tagged with "Data Management"


Finishing the Security Automation Job

September 06, 2012 Added by:Tripwire Inc

SACM needs to grow upward and outward from where the SCAP efforts have gotten – move from controls into control frameworks and support the policies, processes, and procedures derived from Operational Risk Management. We’ve got a lot of work ahead. It’s all worth it...

Comments  (3)


Keeping Technology Staff Honest

June 05, 2012 Added by:Jayson Wylie

Technology staff, on occasion, have had an all-access pass to all data on Window’s networks. This creates an environment where the support staff has exposure in having access to sensitive and confidential stuff stored in the most private parts of the organization’s data stores...

Comments  (0)


Communication is King in E-Discovery Matters

May 10, 2012 Added by:Bill Gerneglia

A common vocabulary is certainly emerging making dialog between counsel and technologists productive and effective. However, equally important is that lawyers engage their client’s technology team in dialog on e-discovery issues because when counsel fails, the fall out can be costly...

Comments  (0)


Fifteen Unsafe Security Practices that Lead to Data Breaches

March 21, 2012 Added by:Kelly Colgan

Database security is an essential element of overall security maturity at enterprise level. Underestimating its value and not dedicating sufficient attention to developing a comprehensive data security plan can, in many instances, lead to data compromise...

Comments  (1)


New EU Data Regulations – What Companies Need to Consider

February 23, 2012 Added by:Fergal Glynn

EU Data Protection Authorities will apply these rules even if this information is processed outside of Europe, it’s not clear today whether these new rules will have an impact on the existing Safe Harbor regulations – something to watch out for in the consultation period...

Comments  (0)


The MPLS Privacy Debate Continues

December 21, 2011 Added by:PCI Guru

Given that at some point MPLS traffic has to technically co-mingle with other customers’ network traffic, how can the PCI SSC claim that MPLS is private? The answer is a bit disconcerting to some, but for those of us with an understanding of the engineering issues, it was expected...

Comments  (1)


Modern Encryption – So Easy a Caveman Could Do It

December 19, 2011 Added by:Kanguru Solutions

Adding encryption is a relatively easy and cost effective way to secure your organizations data without adding significant cost or complexity. For organizations dealing with confidential information (healthcare, banking, government) it should be mandatory...

Comments  (0)


To iTrust or Not?

October 31, 2011 Added by:Enno Rey

Recently Apple launched its new offering iCloud. At this point, most infosec people start to worry a little bit: The common cloud concept of centralized data storage on premise of a third party does not cope well with the usual control focused approach of most technical infosec guys...

Comments  (0)


Why a Data Flow Map Will Make Your Life Easier

October 23, 2011 Added by:Brent Huston

It’s impossible to protect everything in your environment if you don’t know what’s there. All system components and their dependencies need to be identified. This isn’t a mere inventory listing. Adding the dependencies and trust relationships is where the effort pays off...

Comments  (0)


Why Encryption Alone Isn’t Enough

September 16, 2011 Added by:Emmett Jorgensen

There are variables at work that often require security measures above and beyond encryption. The confidentiality of the data you are working with, state, federal and industry regulations, user habits, platforms and more all factor into the security measures needed to safeguard your data...

Comments  (0)


Moving Your Data to the Cloud – Sense and Sensibility

March 10, 2011 Added by:Danny Lieberman

Using a cloud service provider for storing sensitive data may actually reduce the threat surface instead of increasing it and give you more control by centralizing and standardizing data storage as part of your overall data governance strategy...

Comments  (0)


Data Remains on USB and SSDs After Secure Erase

March 01, 2011 Added by:Dan Dieterle

New research shows that secure erase programs used on standard hard drives to wipe important data do not completely erase solid-state (SSD) drives and USB thumb drives. As much as 75 percent of the data could remain after a successful secure wipe...

Comments  (1)


You, Your Data and Its Data Center

December 30, 2010 Added by:Christopher Burgess

When the IT pros show up at your desk asking you to identify, forecast or project your needs, work with them. They are attempting to get ahead of your requirements. You see, in the end, it all boils down to you, your data, and the data center supporting you...

Comments  (0)