Items Tagged with "Data Loss Prevention"


0a8cae998f9c51e3b3c0ccbaddf521aa

Data: The Final Frontier of the Collapsing Perimeter

July 16, 2012 Added by:Rafal Los

If we as IT professionals and architects acknowledge that the perimeter is now around the data, what solutions do we have for protecting it? How can we protect data which is mobile, usable, and in a constant state of danger? The answer seems to be some form of protection that involves our old friend, encryption...

Comments  (0)

94c7ac665bbf77879483b04272744424

BYOD is a Bunch of FUD

July 16, 2012 Added by:Marc Quibell

Times have changed , and I'm not talking about the technologies involved. I'm talking about the rules and regulations we have to follow, and the best practices we as employees must abide by - as opposed to the days of the old briefcase - when it comes to protecting the data with which we are entrusted...

Comments  (2)

0a8cae998f9c51e3b3c0ccbaddf521aa

Advanced Persistent Threats: Separating the Unicorns from Reality

July 14, 2012 Added by:Rafal Los

APT - Advanced Persistent Threat has been the nervous topic for a long time now in Information Security. While there is a metric ton of misinformation and confusion about what constitutes an Advanced Persistent Threat, the thrust seems to be that once you're a target, you're a victim...

Comments  (0)

Bd86d2b4bd72ac0ca847696eec3759f3

Beware of BYOD Wreaking Havoc

July 13, 2012 Added by:Michelle Drolet

The downside to the BYOD movement is the difficulty of maintaining security. How do IT departments provide easy access to documents and files for a host of different devices and still ensure that sensitive material remains safe and workplace systems are not exposed to serious threats? How can they safeguard networks?

Comments  (1)

68b48711426f3b082ab24e5746a66b36

Insecure Cryptographic Storage Explained

July 12, 2012 Added by:Fergal Glynn

The impact of Insecure Cryptographic Storage flaws when exploited is usually quite high due to the fact that the information that is usually encrypted are important things like personally identifiable information, trade secrets, healthcare records, personal information and credit card numbers...

Comments  (0)

Fc152e73692bc3c934d248f639d9e963

More on PCI Scoping

June 22, 2012 Added by:PCI Guru

“At least annually and prior to the annual assessment, the assessed entity should confirm the accuracy of their PCI DSS scope by identifying all locations and flows of cardholder data and ensuring they are included in the PCI DSS scope"...

Comments  (1)

54a9b7b662bfb0f0445d1661d7ed180b

Suing Our Way to Better Security?

June 21, 2012 Added by:Jayson Wylie

It does not seem like the top leaders at organizations are as concerned with others' information as they might be with the bottom line. If organizations do not respond to fear of embarrassment for failing at security, should we start taking them to court to formulate better consumer protections?

Comments  (7)

F2792196079f2c16cd02be6e9ff5b3da

The Fear Factor in Information Security

June 13, 2012 Added by:DHANANJAY ROKDE

Vendors are increasingly using the fear factor and coarse tactics to pressure information security managers into deploying rather unnecessary technologies and products. Why have we never heard of a vendor pitch claiming responsibility of failure to protect a company’s infrastructure?

Comments  (0)

A88973e7d0943d295c99820ab9aeed27

Fashionable But Vulnerable: Mobile Devices in the Workplace

June 12, 2012 Added by:Simon Heron

Mobile devices are contributing to improved efficiency and are undoubtedly popular with employees, but they are also inherently vulnerable. To minimise the risks, organisations must develop specific mobile device management policies – and then enforce them...

Comments  (0)

959779642e6e758563e80b5d83150a9f

Can You Use Dropbox for Storing Healthcare Data?

June 11, 2012 Added by:Danny Lieberman

The short answer is that you should not store PHI (protected health information) on Dropbox since they share data with third party applications and service providers - but the real reason is you should not use Dropbox for sharing information with patients is simply that it is not private by design...

Comments  (0)

54b393d8c5ad38d03c46d060fa365773

LinkedIn Breach Part II: What You Need to Prepare for Next

June 09, 2012 Added by:Jason Clark

The LinkedIn breach made headlines, but I want to go deeper and provide practical advice for organizations on how they can anticipate DLP consequences and tighten network security. You need a strategy to protect against attack scenarios. Here’s a seven-step check list for mitigating your risk...

Comments  (4)

145dfdfe39f987b240313956a81652d1

It’s Time to Convert from Passwords to Passphrases

June 08, 2012 Added by:Stacey Holleran

The traditional password must die. The whole concept is fatally flawed. The sheer volume of attacks should be a wake-up call to anyone utilizing a password (pretty much everyone). Now is the time to practice vigilance and to secure systems, accounts and security applications such as firewalls with Passphrases...

Comments  (0)

959779642e6e758563e80b5d83150a9f

How to Keep Healthcare Secrets Online

June 06, 2012 Added by:Danny Lieberman

When we share medical information with our healthcare provider, we trust their information security as being strong enough to protect our medical information from a data breach. Certainly – as consumers of healthcare services, it’s impossible for us to audit the effectiveness of their security portfolio...

Comments  (0)

54a9b7b662bfb0f0445d1661d7ed180b

Keeping Technology Staff Honest

June 05, 2012 Added by:Jayson Wylie

Technology staff, on occasion, have had an all-access pass to all data on Window’s networks. This creates an environment where the support staff has exposure in having access to sensitive and confidential stuff stored in the most private parts of the organization’s data stores...

Comments  (0)

1b061b1cec6b5898e5326992d9461610

Infosec Subjectivity: No Black and White

June 04, 2012 Added by:Dave Shackleford

Overall, here’s the rub: There are almost no security absolutes. Aside from some obvious things like bad coding techniques, the use of WEP, hiring Ligatt Security to protect you, etc... Everything else is in information security the gray area...

Comments  (1)

959779642e6e758563e80b5d83150a9f

Five Things a Healthcare CIO Can Do to Improve Security

May 31, 2012 Added by:Danny Lieberman

In a complex healthcare organization, large scale security awareness training is a hopeless waste of resources considering the increasing number of options that people have (Facebook, smartphones..) to cause damage to the business. Security awareness will lose every time it comes up against an iPad or Facebook...

Comments  (0)

Page « < 2 - 3 - 4 - 5 - 6 > »