Items Tagged with "Data Loss Prevention"


Bd07d58f0d31d48d3764821d109bf165

Cybercrime Controls for the Enterprise

August 30, 2012

The majority of attacks that result data breaches are simply not that complex, relying on well-known, tried-and-true methods. Yet most organizations lack the time and expertise to develop the security content— the breach detection rules and configuration hardening policies for servers—that can deter attempts...

Comments  (0)

82ac4cd789b46af43c0cde730625317e

Why Data Security and Enterprise Risk Management are Important

August 28, 2012 Added by:Christopher Rodgers

Management sometimes assumes that when they have identified and summarized the top risks to their organization through a Strategic Risk Assessment, that they have implemented ERM. This is simply not the case. Strategic Risk Assessment is an important component of ERM and usually a starting point, but not a final destination...

Comments  (0)

37d5f81e2277051bc17116221040d51c

Understanding Your BYOD Policy

August 28, 2012 Added by:Robert Siciliano

If you choose to use your personal device for work, then your employer will more than likely want control over that device. This means like in a company mobile liability policy, the employer may have remote capabilities to monitor activity and in the event of loss or employee termination, wipe the data...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

Threat Intelligence: Plenty Out There, But Are You an Analyst?

August 27, 2012 Added by:Infosec Island Admin

As the complexity of attacks grow at a rate outstripping the pace of Moores Law, defenders have to take up a more nuanced approach to protecting their environments. Reliance on technical solutions alone is not tenable, you have to look at the creature behind the keyboard to get a better picture of the attack...

Comments  (1)

E313765e3bec84b2852c1c758f7244b6

Which Application Testing is Right for Your Organization?

August 23, 2012 Added by:Brent Huston

Billions of dollars and millions of identities are at stake every day. In the past, security professionals thought firewalls, Secure Sockets Layer, patching, and privacy policies were enough to protect websites from hackers. Today, we know better. Whatever your industry — you should have consistent testing...

Comments  (0)

1a490136c27502563c62267354024cd5

Mobile Security: Surfing the Paradox

August 22, 2012

The basis of the paradox – how can a device that is so small, open, innovative, tactile, easy to use and readily available retain mass-market appeal while at the same time remaining secure? This is the challenge not just from a software or hardware perspective, but also a cultural one...

Comments  (0)

F29746c6cb299c1755e4087e6126a816

The Data Compromise Evolutionary Clock Is Ticking

August 22, 2012 Added by:Kelly Colgan

The digitization of medical records may make folks queasy, but it is also efficient, offering an opportunity to save both money and lives. It is in fact inevitable. Unfortunately, so are data breaches and the identity compromises that follow. We need to be deadly serious because lives are at literally at stake...

Comments  (0)

Bd07d58f0d31d48d3764821d109bf165

Utilizing Network Security Solutions: A Customer’s Perspective

August 16, 2012

Anyone can go research IT companies and make decisions based solely on what they read, but this is not how people make decisions. People interested in buying a product or service want to know if it will work, how well it has worked in the past, and if current customers are happy with the product or service...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Relating Responsibility and Liability: At the Core of BYOD

August 15, 2012 Added by:Rafal Los

Does it make sense to repurpose "security awareness" to be inclusive of corporate and personal responsibility? Should we have users sign agreements that make them aware they are responsible, personally, when bad things happen as a result of their actions? Should there be HR actions against users who are reckless?

Comments  (0)

Bd07d58f0d31d48d3764821d109bf165

Translating Security for the Non-Technical Folks

August 15, 2012

To provide more effective data protection that combines preventive and detective controls, a security admin can obtain the necessary technical information to create reports and dashboards that translate data into terms the business understands to make information security visible, measurable and accountable...

Comments  (0)

65be44ae7088566069cc3bef454174a7

Not Providing Education is the Dumbest Idea for Infosec

August 14, 2012 Added by:Rebecca Herold

Every year or so, an otherwise smart information security professional publishes some really bad information security advice about how awareness and training is a waste of time and money. Bottom line for all organizations: Humans have always been and will always be the weakest link in security...

Comments  (0)

2e4d1e4bb6b5e2d5901e2ede8065fb24

Why Effective Awareness Training Matters

August 12, 2012 Added by:Brent Hutfless

Training and education are key elements to securing data. The advances in detection and monitoring solutions have placed more capable tools in the security professional’s toolbox, but APT attacks have grown in sophistication and perseverance – often leading to successful attacks and subsequent data loss...

Comments  (2)

Bd07d58f0d31d48d3764821d109bf165

The Weakest Link in the Security Chain: Is it in Your Controls?

August 11, 2012 Added by:Tripwire Inc

Rather than brute-forcing the account, the hackers gained access by doing some creative social engineering by contacting Apple customer support. The problem is that we often turn over our data to 3rd-party providers without understanding what protocols they have in place to keep our data safe...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

ENISA Calls for Joint Effort to Protect Login Credentials

August 10, 2012

In the cyber world our identity is reflected by our usernames and passwords. For users, keeping passwords safe is vital to avoid security incidents. But online service providers who store usernames and passwords are expected to do the same. Problems arise when security is compromised at either end of the chain...

Comments  (0)

E85787adcaf7bca10e799cfd1cfd08f1

Get a BYOD Policy Now

August 09, 2012 Added by:Michelle Drolet

There’s no one-size-fits-all solution. In creating a policy you have to consider what devices to support, how much access to give them, and what kind of budget to allocate. Do you have specific compliance issues? Are you willing to subsidize data plans or device purchases? How do you ensure company data is secure?

Comments  (0)

68b48711426f3b082ab24e5746a66b36

Mobile Security Experts on BYOD

August 08, 2012 Added by:Fergal Glynn

Devices aren’t the main problem in a BYOD strategy: employees are. That’s why BYOD is not just a technical issue. It needs a holistic approach that includes HR, data security and legal stakeholders. Organizations adopting a BYOD strategy should put in place a strategy that includes policies and technical constraints...

Comments  (0)

Page « < 1 - 2 - 3 - 4 - 5 > »