28 Apr
2016
Categories : Data Security            1Comments           

Containers have existed in some form or the other since Unix and FreeBSD days, for example, chroot, FreeBSD jails and Solaris Zones etc. The current generation of containers – LxC, LxD and Docker are extensions of these previous technology sets. Click To Tweet: Blog: Data Security for Docker – Required bit.ly/26yIy8a pic.twitter.com/L7VBmjy5X6 What is Docker? From Wikipedia: Docker is an open-source project that automates the deployment of applications inside software containers, by providing an additional layer of abstraction and automation […]

State of Cyber-Emergency

Posted By: Sol Cates, @solcates (Twitter)
26 Apr
2016
Categories : Data Security            Leave a comment           

In late March, President Obama renewed a declaration of national emergency, citing the rising number of cyberattacks against the U.S. (let’s call it a State of Cyber-Emergency).  I am pleased to hear the federal government is grasping the urgency of cybersecurity – an urgency demonstrated by the recent flurry of federal data breaches with the IRS, OPM, Department of Energy and Veteran’s Affairs, just to name a few. Click To Tweet: The State of Cyber-Emergency @SolCates bit.ly/26rPtQu pic.twitter.com/rXusIFGNXu Thankfully, this steady drumbeat of federal […]

Categories : Data Security            Leave a comment           

We did it! Vormetric is officially the first vendor to receive the Enterprise Security Management (ESM) Policy Management Protection Profile (PP_ESM_PM_V2.1) Common Criteria certification for the Vormetric Data Security Manager (DSM) V6000 appliances. While this has been one long and difficult journey, it’s also been one huge accomplishment. Click To Tweet: First to qualify for Common Criteria PP ESM PM V2.1 – Vormetric Data Security Manager bit.ly/26h95GE pic.twitter.com/wjxKZIPZLi The National Information Assurance Partnership (NIAP) (a U.S. organization responsible for implementation […]

Format Preserving Encryption Gets NIST Stamp of Approval

Posted By: charles, @chvrles (Twitter)
19 Apr
2016
Categories : Application Encryption, Tokenization            Leave a comment           

By leveraging a strong encryption standard like AES, organizations can realize a number of advantages, but they can also confront some downsides. Now, there’s a newly sanctioned approach that offers the potential to avoid some significant tradeoffs when employing AES encryption. Advanced Encryption Standard (AES) is a strong algorithm that’s been widely adopted for some time. One of the positives of AES encryption is that it hides the original format (e.g. size and character set) of the clear-text data, making […]

13 Apr
2016
Categories : Data Security            Leave a comment           

Extensive healthcare data contains enough information to not just apply for credit cards or loans, but it can compromise patients’ financial accounts and generate huge sums from fraudulent medical charges. As a result, healthcare data is at a premium, which does not bode well at a time when data breaches are at an all-time high and organizations are still grasping how to handle these new and improved threats. Click To Tweet: Alphabet Soup of Risks for Healthcare IT Security – […]

11 Apr
2016
Categories : Data Security            Leave a comment           

When you think about breaches and organizations targeted, a local uniform vendor probably wouldn’t top your list of obvious hacking threats. However, a recent hack at a uniform vendor that serves New Jersey Transit police officers presents a very illustrative cautionary tale. For enterprise security teams, the message is clear: Even the best defenses will be futile if your vendors’ security is weak. Click To Tweet: ISIS Hacking Targets Families: Data Security = Personal Security @chvrles bit.ly/20vYL9K pic.twitter.com/Mm7LIIRfwA Security and […]

Why European Enterprises Should Be Considering An ‘Encrypt Everything’ Policy

Posted By: Louise Bulman, AVP of EMEA | Vormetric, A Thales Company
07 Apr
2016
Categories : Data Security            Leave a comment           

Time and time again in the UK we have seen some of our most high profile companies fall victim to data breaches due to lax security. Firms are now advised to accept that, due to the broadening scope of the data threat landscape, and the increasing levels of sophistication in cyber crime, it is no longer a case of if they are hacked, but when. The most obvious solution to this growing problem is to simply encrypt everything which ensures […]

Data Protection: It Should Be As Certain As ….

Posted By: Alan Kessler, @kessalan
05 Apr
2016
Categories : Data Security            Leave a comment           

With everyone’s “favorite” April deadline approaching, doesn’t it seem as though data breaches have become as inevitable as you know what? In my colleague Tina Stewart’s latest blog, she outlined some major federal data breaches occurring in the past year (Department of Energy, the IRS) – and that list doesn’t even include OPM. Or the private sector. According to 24/7 Wall Street, the Identity Theft Resource Center (ITRC) reports there have been a total of 177 data breaches recorded through […]

04 Apr
2016
Categories : Data Security            Leave a comment           

Let’s face it. Security is a hard sell. The customer buys a strong product, implements and supports it correctly, and if all goes according to plan… nothing happens. The fact that nothing bad happens either is critical, of course, but reporting that there’s no bad news doesn’t exactly instill enthusiasm in the boardroom or generate promotions. The economics of security have been on my mind as I’ve been hearing some of the debates around privacy and security that have been […]

The Case for “Encrypt Everything”

Posted By: Chris Olive, @ChrisEOlive (Twitter) | Senior Sales Engineer | Vormetric, a Thales company
31 Mar
2016
Categories : Data Security            Leave a comment           

Within the IT industry, when considering data-at-rest (DAR) encryption, you may have noticed recently that security experts seem a little divided on how to leverage and apply this technology. Many experts have stated that only sensitive data should be encrypted. Others seem to be preaching a “new” gospel that all data-at-rest should be encrypted. Why this philosophical split and what, if anything, has taken us down this path? Does a right answer exist, and are there advantages to one strategy […]