Author: Charles Goldberg

Categories : Data Security            Leave a comment           

Governments do ask cloud providers to hand over their customers’ data. Last week there was another reminder when a Federal Court said Google must turn over data in foreign servers. This reminder underlies one of the reasons it is important to not only encrypt your data in the cloud, but to assure that you are the custodian of the encryption keys. Thales is making two announcements about new cloud key management capabilities at the RSA Conference this week that will […]

Categories : Data Security            Leave a comment           

Simply put: encryption is the most effective way for security professionals to protect their data. But, once you decide to encrypt, the question stops becoming “why” and becomes “how.” There are many different use cases in which sensitive data can reside, and thus there are seemingly endless ways to protect your data. These techniques include: full disk encryption, database encryption, file-level encryption, tokenization, dynamic data masking, and static data masking. And this is just naming a few. Confused? Don’t worry, […]

Categories : Data Security            Leave a comment           

The reality is that many business leaders won’t do the right thing in terms of investing in security. At least not until they’re in some way coerced or forced into it. The headlines will keep appearing, detailing how consumer data continues to be exposed because some of the most basic safeguards weren’t employed. Just to be clear, I’m not saying that security is easy. There are a lot of sophisticated cyber adversaries and significant threats that are very difficult to […]

Categories : Application Encryption, Tokenization            Leave a comment           

By leveraging a strong encryption standard like AES, organizations can realize a number of advantages, but they can also confront some downsides. Now, there’s a newly sanctioned approach that offers the potential to avoid some significant tradeoffs when employing AES encryption. Advanced Encryption Standard (AES) is a strong algorithm that’s been widely adopted for some time. One of the positives of AES encryption is that it hides the original format (e.g. size and character set) of the clear-text data, making […]

Categories : Data Security            Leave a comment           

When you think about breaches and organizations targeted, a local uniform vendor probably wouldn’t top your list of obvious hacking threats. However, a recent hack at a uniform vendor that serves New Jersey Transit police officers presents a very illustrative cautionary tale. For enterprise security teams, the message is clear: Even the best defenses will be futile if your vendors’ security is weak. Click To Tweet: ISIS Hacking Targets Families: Data Security = Personal Security @chvrles bit.ly/20vYL9K pic.twitter.com/Mm7LIIRfwA Security and […]

Categories : Data Security            Leave a comment           

Let’s face it. Security is a hard sell. The customer buys a strong product, implements and supports it correctly, and if all goes according to plan… nothing happens. The fact that nothing bad happens either is critical, of course, but reporting that there’s no bad news doesn’t exactly instill enthusiasm in the boardroom or generate promotions. The economics of security have been on my mind as I’ve been hearing some of the debates around privacy and security that have been […]

Categories : Data Security            Leave a comment           

We have all been there.  You buy a product, and immediately see it get outmoded. You drive that new car off the lot and a week later read that the next year’s model will be faster and get better mileage. You buy a new phone for it’s higher resolution camera, and soon find out the next iteration will be more compact and also offer high-definition video capture. ClickToTweet: Data Security is about to get Better, Faster and Stronger @chvrles http://bit.ly/1SEvDcB […]

Categories : Data Security            Leave a comment           

I’m not proud to admit it, but it’s true, reports of major data breaches make me happy (Unless of course the breach happens to affect me personally, and I have to deal with things like updating my online payment information for dozens of vendors because a new credit card number has been issued.) Like a lot of other folks in the IT security industry, a part of this joy is enlightened self-interest—breaches can be good for business. Beyond that, though, […]

Categories : Data Security, Encryption            Leave a comment           

Ski helmets, seat belts, and encryption. What comes to your mind when you read these words? You may immediately think “safety,” and you’d be right, but how about “speed enablers”? At first blush, that may not be the first concept that comes to mind, but there’s a pretty compelling case to be made for this as another common theme. Let me give you a couple fun examples, starting with ski helmets. During the winter of 2002/2003 researchers studied different factors, […]

Categories : Data Security            Leave a comment           

I’ve been working in the data-at-rest encryption field for almost three years now. In this short amount of time I’ve seen a real change in the market’s perception and acceptance of encryption. In fact, less than two years ago I was running a marketing and messaging meeting that included some of Vormetric’s sales leaders and they all asked that we play down the word “encryption” in our high-level messaging. They said their prospects’ eyes just glazed over when they heard […]