October 19, 2011 Added by:Alexander Rothacker
Oracle released its October Critical Patch Update with 57 vulnerabilities across multiple products. This low number of patches continues a trend where Oracle appears to be losing focus on database security, probably due to the many new products offerings and acquisitions...
October 18, 2011
Data has to be independently classified based on availability, integrity and confidentiality. It needs to be data centric, not focusing on the systems or databases so that while data “travels” through the infrastructure it will keep these attributes without relying on source systems...
October 12, 2011 Added by:Emmett Jorgensen
When will manufacturers stop using Flash as the primary storage? Consider that in 2002 many experts assumed that Flash cells would not be stable when scaled past 45nm and predicted that it would need to be replaced by 2010. We know now that those predictions proved to be false...
October 12, 2011 Added by:Simon Heron
The trouble is that technology is just one element of the solution. There is little doubt that while DLP software and devices can help, there is no single solution that can encompass all aspects of DLP, as different types of data have different threats and hence need different controls...
October 05, 2011 Added by:Danny Lieberman
One of the crucial phases in estimating operational risk is data collection: understanding what threats, vulnerabilities you have and understanding not only what assets you have (digital, human, physical, reputational) but also how much they’re worth in dollars...
September 29, 2011 Added by:Chris Schellman, CPA, CISSP, PCI QSA
SSAE 16 is one of the most widely known tools for providing assurances to data center customers. Yet, a myth that the SSAE 16 standard is not applicable to the industry persists. Data center providers have no choice but to arm themselves with the following facts about SSAE 16 applicability...
September 29, 2011 Added by:Headlines
"Business owners will need to understand what the cloud is and what it can do for their businesses in the areas of cost control, data security, data protection, accessibility, efficiency and productivity to facilitate a smooth running technological platform for their business..."
September 18, 2011 Added by:David Navetta
Richard Blumenthal (D-CT) introduced bill that would levy significant penalties for identify theft and other “violations of data privacy and security,” criminalize software that collects “sensitive personally identifiable information” without clear and conspicuous notice and consent...
August 31, 2011 Added by:Stephen Marchewitz
No matter what you are told, simply writing a check to a software vendor and installing some code will not prevent all data loss. Depending on the intricacies of the organization, the money that DLP solutions require may likely be better spent on other security initiates...
August 28, 2011 Added by:Brian Smithson
Multipass disk overwrite and the “DoD 5220-22-M standard 3-pass wipe” are, at best, urban legends. At worst, they are a waste of time. A single pass overwrite with any arbitrary value (randomly chosen or not) is sufficient to render the original HDD data effectively irretrievable...
August 24, 2011 Added by:Emmett Jorgensen
Whether you are planning on selling, recycling or throwing away your old hard drives, you should always consider using one of these solutions: destruction, degaussing, or secure data erasure. Otherwise, there's no telling whose hands you data may end up in...
August 12, 2011 Added by:Infosec Island Admin
Data dumps without context have no real intelligence worth. While this stuff is interesting, it’s certainly not earth shattering. What’s worse is that it makes you all look more and more like the boy who cried wolf than the Deep Throat. This is why I keep harping on Anonymous...
August 03, 2011 Added by:Alexander Rothacker
Modern databases provide powerful built-in auditing capabilities that are often underestimated. There are downsides of native auditing like the ability for a malicious user to manipulate the audit trail. Overall, this feature allows customers to monitor database activity at a very granular level...
July 31, 2011 Added by:Alexander Rothacker
With ‘unbreakable’ timeliness, Oracle released their 27th Critical Patch Update. They shipped 78 security fixes over all their product families. Sixteen of the fixes are specific to the Oracle Database, but a total of 30 fixes have an impact on database confidentiality, integrity or availability...
July 27, 2011 Added by:Rahul Neel Mani
ArcSight which was acquired by HP last year was started when the Dot Com bubble had burst. CTO Forum talks to Hugh Njemanze, ArcSight Founder and VP & CTO, HP Security Solutions about the company’s journey so far and how the company has been able to sustain a robust growth...
July 20, 2011 Added by:David Navetta
In the past, some of the strict foreign data protection laws have not been rigorously enforced, giving businesses breathing room. The enforcement landscape is likely to tighten in the near future, however, increasing the risk of investigations and sanctions for privacy violations...
Making Sense of Split Tunneling ... nat ravitz on 03-08-2014
Why Enterprises Are Struggling So Much with ... Eric Kronthal on 03-07-2014
Making Sense of Split Tunneling ... nat ravitz on 03-07-2014