Access "Understanding tokenization: What is tokenization and when to use it"
This article is part of the April 2012 issue of An expert guide to tokenization and using it effectively
What's the best way to protect sensitive data from being stolen? Remove it entirely: If data is not present in a system, it can’t be stolen. A steady stream of data breaches demonstrates that IT systems are under attack and underscores how even firms with good security knowledge get it wrong. Just ask Sony, RSA, HBGary Federal, or Stratfor. Information security is hard to do, and the complexity of IT operations hinders our ability to protect data. So why don't we just get rid of sensitive data? No, I am not saying you should delete all your data in order to protect it. I am saying replace sensitive information with something that, if stolen, doesn’t matter. That’s precisely what tokenization does. Tokenization technology removes sensitive data and replaces it with a worthless token. IT systems use the token placeholder as a reference, continuing to function as before, but the risk of leaking information is greatly reduced. There has been quite a buzz around tokenization in heavily regulated industries such as payment processing. Credit card numbers are a ... Access >>>
Premium Content for Free.
Unified threat management devices for the enterprise
by Joel Snyder, Contributor
UTMs aren’t just for SMBs anymore. Here are four requirements for enterprise-grade UTM.
AMI networks: PKI security considerations
by Seth Bromberger, Contributor
PKI components in smart grid and AMI infrastructure introduce new hazards.
- Unified threat management devices for the enterprise by Joel Snyder, Contributor
Understanding tokenization: What is tokenization and when to use it
by Adrian Lane, Contributor
Tokenization protects sensitive data to reduce the compliance burden.
Web browser security features make attacks harder
by Robert Westervelt
Accuvant analysis and hacking contests illustrate browser security improvements.
- Understanding tokenization: What is tokenization and when to use it by Adrian Lane, Contributor
Don’t turn security Big Data analysis into a forgettable cliché
by Michael S. Mimoso, Editorial Director
It’s easy to be cynical about the latest security buzzword, but don’t be so quick to dismiss it.
Marcus Ranum chat: Security startups and security innovation
by Marcus J. Ranum, Contributor
Security expert Marcus Ranum talks with Peter Kuper, a partner with In-Q-Tel focused on funding compelling startups to accelerate innovation for the intelligence community.
Information security roles and technology shifts
by Paul Rohmeyer, Contributor
New technologies and business models are rapidly changing the role of the security pro.
- Don’t turn security Big Data analysis into a forgettable cliché by Michael S. Mimoso, Editorial Director
More Premium Content Accessible For Free
Deploying data protection technologies properly requires a lot of time and patience. While most firms can get started by using preconfigured policies...
The bring your own device (BYOD) movement, which has flooded the enterprise with employee-owned smartphones, tablets, phablets and purse-sized ...
For so long penetration testing meant hiring an expert to use skill and savvy to try to infiltrate the company system. But, as with most ...