Items Tagged with "Data Loss Prevention"


7fef78c47060974e0b8392e305f0daf0

GAO: Federal Law and the Changing Technology Landscape

August 08, 2012

The federal government collects and uses personal information on individuals in increasingly sophisticated ways. While this enables federal agencies to carry out critical functions, the existing laws for protecting individuals’ personal information may no longer be sufficient given current practices...

Comments  (0)

Bd07d58f0d31d48d3764821d109bf165

What You Should Know When Choosing a FIM Solution

August 07, 2012

Before selecting a file integrity monitoring (FIM) solution, organizations must understand the technical differences between agentless and agent-based FIM. It’s actually these differences that deliver the benefits organizations want from their file integrity monitoring solution while minimizing the issues...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

BYOD - Challenges of Protecting Data - Part 4

August 07, 2012 Added by:Rafal Los

When it comes down to it, BYOD is only possible if you've got the basics of data-centric security right. You know, protecting the actual data rather than trying to build elaborate structures around the things that work with that data in order to compensate. Let me explain...

Comments  (0)

959779642e6e758563e80b5d83150a9f

Why Does Data Leak?

August 06, 2012 Added by:Danny Lieberman

Data is leaked or stolen because it has value. The financial impact of a breach is directly proportional to the value of the asset. The key attack vector for an event is people - often business partners working with inside employees. People handle electronic data and make mistakes or do not follow policies...

Comments  (0)

9f19bdb2d175ba86949c352b0cb85572

The Unbearable Riskiness of Being Social...

August 06, 2012 Added by:Neira Jones

With social networks transforming the rules of business engagement, many businesses think the biggest risk of social media is the brand and reputational damage that could result from negative interactions or the potential disclosure of proprietary or sensitive information...

Comments  (2)

0a8cae998f9c51e3b3c0ccbaddf521aa

BYOD: Challenges of Protecting Data - Part Three

August 06, 2012 Added by:Rafal Los

BYOD is going to take the many small holes in your environment and drive a semi truck through them... blowing a hole the size of a Buick in what security we have now. And it's not just because BYOD is going to happen whether you like it or not - but because we need to fix this train wreck we call corporate security...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Ticking Time-Bombs: Production Data in Non-Production Systems

August 03, 2012 Added by:Rafal Los

While it's not really OK to have a vulnerable application sitting out on the 'net, at least if it's in "stage" mode it shouldn't have real data... right? Unfortunately this wasn't the case in many of the incidents I experienced. It's time to remind ourselves that anything that is accessible should be well protected...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

BYOD: Challenges of Protecting Data - Part Two

August 01, 2012 Added by:Rafal Los

Productivity is nice to talk about when you can sit at home and read your corporate email on your tablet, or mobile phone - but what if that device is ridden with malware, or hijacked to be part of a botnet, there are very serious security and productivity implications there. Let's expand on this a bit...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

BYOD: Challenges of Protecting Data - Part One

July 30, 2012 Added by:Rafal Los

Whether we're talking about cloud computing, or BYOD, or hacking in general - the buck stops with data. Some believe you can't ever classify all of your data and you should move on, while others believe that without making data custodians responsible for classification of critical data nothing else can happen...

Comments  (1)

7c5c876d1933023ac375eead04302e1a

BYOD too Big for Twitter...

July 29, 2012 Added by:Boris Sverdlik

It's not a question of technology, it really isn't. The one problem that we keep running into is that user's don't want us installing things on their personal devices. It's the whole entitlement mentality that our users have somehow attained through all of our babying. That's the cost of using their resources...

Comments  (1)

Ee5e595fc2be8a24327ce7cefe0f7b2c

A Packet of Risks and a Small Pot of Tea

July 29, 2012 Added by:Christopher Laing

Risks are just circumstances that if they occurred, would have some impact on the business. Naturally risks can potentially disrupt the business, but if identified, planned for, and effectively managed, risks can have a beneficial impact on the business. The key word here is managed...

Comments  (0)

37d5f81e2277051bc17116221040d51c

Is There a Risk in Using My Personal Device for Work?

July 24, 2012 Added by:Robert Siciliano

“Bring your own device” (BYOD) has become widely adopted to refer to workers bringing their personal mobile devices, such as smartphones, tablets and PDAs, into the workplace for use and connectivity. Because your employer is liable for potentially lost data, if you BYOD, plan on giving up some liberties...

Comments  (0)

Bd07d58f0d31d48d3764821d109bf165

Another Angle on Big Data

July 22, 2012 Added by:Tripwire Inc

Today, we don’t have the concept of “knowledge security,” but should we begin considering that moving forward? Given that we are moving, quite quickly, into a knowledge-based orientation, what are the implications for “information security?” Are there any? Does this perspective even matter?

Comments  (0)

68b48711426f3b082ab24e5746a66b36

Between You and Me, This is Not Private...

July 22, 2012 Added by:Fergal Glynn

If most websites can’t get password storage right, you can bet they can’t get storage of the content you are trusting them with right either. The private documents that you stored with your favorite cloud service are probably not encrypted in a way that only your account can decrypt, if they’re encrypted at all...

Comments  (0)

71d85bb5d111973cb65dfee3d2a7e6c9

DEUCE: Bypassing DLP with Cookies

July 19, 2012 Added by:f8lerror

DEUCE went from simple concept to a multi-encoding and encryption DLP bypass tool. The program simply takes an input file and creates a cookie for each line. DEUCE has the ability to encrypt via AES, hash with MD5 or use a custom multi-encode with a 3 times replacement cipher...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

NIST Recommendations for Cryptographic Key Management

July 17, 2012

Developers are presented with many choices in their use of cryptographic mechanisms. Inappropriate choices may result in an illusion of security, but little or no real security for the application. This Recommendation provides information and establishes frameworks to support appropriate decisions...

Comments  (0)

Page « < 1 - 2 - 3 - 4 - 5 > »