Security Management Strategies for the CIO- Data Loss Prevention
- Data Analysis and Classification
- Data Security and Cloud Computing
- Identity Theft and Data Security Breaches
- Enterprise Data Governance
- Disk Encryption and File Encryption
- Database Security Management
Email Alerts
-
How does steganography work and does it threaten enterprise data?
Expert Joe Granneman explains how steganography works, and the ways it can both protect and threaten enterprise data.Answer
-
DLP deployments: Understanding your options
Kevin Beaver examines real-world DLP technologies and discusses some common pitfalls to avoid, ensuring your organization has a successful DLP deployment.security_school
-
Quiz: DLP deployments: Understanding your options
This five-question quiz will test your knowledge of the key points we’ve covered in the webcast, podcast and tip in this DLP deployment Security School Lesson by Kevin Beaver.Quiz
-
Deploying network security devices: Tips to avoid failed deployments
John Burke offers advice on effectively deploying network security devices to protect sensitive data and manage the mobility boom in the enterprise.Tip
-
Practical advice for managing DLP technology effectively
In this podcast, Kevin Beaver provides advice for managing DLP technology in your environment to ensure a successful data loss prevention program.Podcast
-
Data loss prevention tools: Understanding your options
Video: Kevin Beaver uses real-life experiences with data loss prevention tools to help you with your technology choices, rollout and management.Video
-
Quiz: Database security issues
This 10-question quiz will test your knowledge of the key points we’ve covered in the webcast, podcast and tip in this database security school lesson.Quiz
-
Database security issues
The start of many data security issues is, of course, the database. In this security school, we'll examine the predominant database security vulnerabilities and offer best practices on how to monitor database access to detect potential security incidents.partOfGuideSeries
-
Case study: CDI launches aviation company DLP program on short runway
Technology services company CDI-Aerospace used a Verdasys DLP solution to manage third-party risk for a major aviation client.News | 24 May 2013
-
DLP management tools and reporting: Key considerations
When it comes to DLP management tools, installation and maintenance of a single centralized management console to house all rules and alerts are key.Tip
- VIEW MORE ON : Data Loss Prevention
-
Converting to cloud: Ranum Q&A with Lee Heath
Not down with Dropbox? Lee Heath embraced shadow IT and improved his company's data security practices in the process.Column
-
Is big data education a big failure?
Big data presents big challenges for computer science programs from classification to cloud security. Are industry partnerships the answer?Column
-
Practical advice for managing DLP technology effectively
In this podcast, Kevin Beaver provides advice for managing DLP technology in your environment to ensure a successful data loss prevention program.Podcast
-
Data loss prevention tools: Understanding your options
Video: Kevin Beaver uses real-life experiences with data loss prevention tools to help you with your technology choices, rollout and management.Video
-
Big data analytics: New patterns emerge for security
Will big data analytics make security better? With data scientists in short supply, solution providers rush to provide big data analytics tools.Feature
-
The rapid evolution of MDM solutions
Mobile device management (MDM) continues to grow at a feverish pace, both in terms of adoption and mobile security features. BYOD policies, and the rapid turnover in consumer mobile technology, have left many organizations grappling with MDM requirements.
Our June cover story provides insight into the mobility adoption trends, cross-industry issues, and MDM solutions best fit to varying requirements. Technology advances range from nascent network-based mobile device management (NMDM) to software-based approaches such as mobile application management (MAM), native container device management, and more. We also look at big data analytics and security this month, and how early adopters are expanding the definition of risk to all part of the business. Finally, we provide an update on FedRAMP. Does it go far enough, and how will the continuous monitoring of cloud service providers be handled?E-Zine -
Big data analytics: New patterns emerge for security
-
Using network flow analysis to improve network security visibility
To overcome network security issues from advanced attackers and BYOD, security professionals are turning to network flow analysis to gain improved network security visibility.Tip
-
Bruce Schneier explains why there is no privacy on the Internet
Video: Bruce Schneier provides three examples to prove there is no privacy on the Internet. Is government regulation needed?Video
-
RSA 2013: More from Coviello on big data analytics in the security industry
RSA's Art Coviello explains why the shortcomings of current mainstream security products are part of what's driving enterprise interest in big data.News | 28 Feb 2013
- VIEW MORE ON : Data Analysis and Classification
-
Converting to cloud: Ranum Q&A with Lee Heath
Not down with Dropbox? Lee Heath embraced shadow IT and improved his company's data security practices in the process.Column
-
Converting to cloud: Ranum Q&A with Lee Heath
-
What you need to know about containerized data center security
Part of the draw of containerized data centers is ease and speed of deployment, but these features also pose security risks.Answer
-
Readers' Choice Awards 2012
For the seventh consecutive year, Information Security readers voted to determine the best security products. More than 2,000 voters participated this year, rating products in 14 different categories.guideSeries
-
FFIEC statement on cloud risk misses the mark
Bank regulators provide few details on managing cloud risks.News | 26 Jul 2012
-
Do you need virtual firewalls? What to consider first
With virtual firewalls, you can avoid routing traffic out of the virtual environment to pass through a physical firewall. But there are challenges to consider in going virtual.Tip
-
Cloud endpoint security: Considerations for cloud security services
Mike Chapple details discuses considerations for using cloud security services, specifically cloud endpoint security.Answer
-
Monitor outbound traffic: Full-packet capture or only capture network flow data?
If an enterprise can't afford to implement full-packet capture, expert Mike Chapple recommends trying to capture network flow data instead.Answer
-
DHS cloud computing: Homeland Security’s model private cloud strategy
Using private cloud at separate data centers has allowed the Department of Homeland Security to strike a balance between security and cost savings.News | 05 Oct 2011
-
Breach fears push federal cloud computing initiative to private cloud
Trapped between budget constraints and security fears, government agencies are increasingly opting for private clouds.News | 20 Sep 2011
- VIEW MORE ON : Data Security and Cloud Computing
-
Cybersecurity and global risk assessment enter the boardroom
Analysts expect security concerns to drive global risk management, but executives may need convincing.Column
-
Next-generation firewalls play by new rules
Firewalls started their journey to the next generation at about the same time as the Star Trek TV series. While the products have advanced with fine-tuned application awareness and better controls, many IT managers are still stuck with the original firewalls that handle ports and protocols. The September cover story looks at the key developments that define the next-generation of these products from application awareness to domain-reputation-management, intrusion prevention techniques, and protecting virtual machines. IT security managers who have recently migrated to next-generation firewalls explain what platforms they are buying and why. We also cover innovative ways to bridge the security skills gap in a tight market, and global risk assessment beyond regulations, as analysts predict investments in security will finally lead spending in years to come.E-Zine
-
Cybersecurity: Global risk management moves beyond regulations
-
Cybersecurity and global risk assessment enter the boardroom
-
IT security strategy 2.0: Adjusting for a shifting infosec landscape
Seismic shifts in the infosec landscape can no longer be ignored. Ernie Hayden explains how to update an IT security strategy to account for change.Tip
-
To improve breach detection, revisit intrusion detection techniques
To solve the breach-detection issues highlighted in the 2013 Verizon DBIR, several intrusion detection techniques are needed, says expert Nick Lewis.Tip
-
Feds catch hackers behind worldwide data breaches
Feds indict, unmask hackers behind largest known data breach conspiracy targeting worldwide financial institutes, payment processors and retailers.News | 26 Jul 2013
-
Turkish researcher claims responsibility for Apple dev site hack
Turkish researcher Ibrahim Balic says he found multiple vulnerabilities at Apple's developer website, but did not intend to bring the site down.News | 22 Jul 2013
-
Practical advice for managing DLP technology effectively
In this podcast, Kevin Beaver provides advice for managing DLP technology in your environment to ensure a successful data loss prevention program.Podcast
-
Data loss prevention tools: Understanding your options
Video: Kevin Beaver uses real-life experiences with data loss prevention tools to help you with your technology choices, rollout and management.Video
- VIEW MORE ON : Identity Theft and Data Security Breaches
-
Quiz: DLP deployments: Understanding your options
This five-question quiz will test your knowledge of the key points we’ve covered in the webcast, podcast and tip in this DLP deployment Security School Lesson by Kevin Beaver.Quiz
-
The advantages of digital watermarking in enterprise data protection
Expert Michael Cobb explains the advantages of digital watermarking and analyzes whether improved data security is one of them.Answer
-
No firewall? How disabling the firewall can improve network security
Having no perimeter firewall may seem ludicrous, but Joel Snyder explains why disabling the firewall can actually improve enterprise network security.Tip
-
Gary McGraw: NSA data collection programs demand discussion, scrutiny
Opinion: Gary McGraw details the various and sundry NSA data collection programs and explains why all its efforts demand new discussion and scrutiny.Opinion
-
For CISOs, California Right to Know Act would raise privacy emphasis
The proposed California Right to Know Act may compel CISOs to develop additional privacy policies or create new privacy officer roles.News | 09 Apr 2013
-
ISM January 2003 Konstantaras
-
enhanced driver's license (EDL)
An enhanced driver's license (EDL) is a government-issued permit that, in addition to the standard features of a driver's license, includes an RFID tag that allows officials to pull up the owner's biographical and biometric data.Definition
-
Logging in the cloud: Assessing the options and key considerations
Expert Dave Shackleford considers a variety of options for logging in the cloud and determines which choice works best for enterprises.Tip
-
Protecting Intellectual Property: Best Practices
Organizations need to implement best practices to protect their trade secrets from both internal and external threats.Column
-
Protecting Intellectual Property: Best Practices
Organizations need to implement best practices to protect their trade secrets from both internal and external threats.
- VIEW MORE ON : Enterprise Data Governance
-
TPM security overview: Defining the benefits of TPM devices
The nearly ubiquitous TPM device is an often-overlooked tool in an infosec pro's arsenal. Expert Michael Cobb details the benefits of TPM security.Tip
-
Enterprise app store encryption: Lessons to learn from Apple
After the Apple App Store's security mishap, expert Michael Cobb details the minimum enterprise app store encryption requirements.Answer
-
cold boot attack
A cold boot attack is a process for obtaining unauthorized access to encryption keys stored in the dynamic random access memory (DRAM) chips of a computer system.Definition
-
How to protect data from ransomware malware
It can be difficult to recover data that is encrypted by ransomware malware -- unless you have expert Nick Lewis' recommendations in place.Answer
-
evil maid attack
An evil maid attack is a security exploit that targets a computing device that has been shut down and left unattended. An evil maid attack is characterized by the attacker's ability to physically access the target multiple times without the owner's knowledge. Definition
-
Gary McGraw: NSA data collection programs demand discussion, scrutiny
Opinion: Gary McGraw details the various and sundry NSA data collection programs and explains why all its efforts demand new discussion and scrutiny.Opinion
-
DLP management tools and reporting: Key considerations
When it comes to DLP management tools, installation and maintenance of a single centralized management console to house all rules and alerts are key.Tip
-
With DLP, encryption and integration strengthen security policies
Encryption and DLP integration can be used to enhance and strengthen security policies for sensitive data, and for blocking and enforcement actions.Tip
-
Using DLP tools for data leakage alerting and preventive actions
When evaluating DLP tools, it's important to determine data leakage alerting and preventive action needs for potential violations and blocking.Tip
-
DLP monitoring: Defining policies to monitor data
DLP monitoring policies help define what data to evaluate, how data monitoring processes should occur, and what enforcement and alerting actions to take.Tip
- VIEW MORE ON : Disk Encryption and File Encryption
-
Practical advice for managing DLP technology effectively
In this podcast, Kevin Beaver provides advice for managing DLP technology in your environment to ensure a successful data loss prevention program.Podcast
-
Data loss prevention tools: Understanding your options
Video: Kevin Beaver uses real-life experiences with data loss prevention tools to help you with your technology choices, rollout and management.Video
-
Microsoft SQL Server security best practices checklist
Authentication, complex passwords and limiting permissions are three of the top bullet points on this SQL Server security best practices checklist.Tip
-
Understanding database security issues
This presentation takes a look at vulnerabilities that directly affect database security and what enterprises should do to monitor database access to detect potential security incidents.Video
-
Database security issues
The start of many data security issues is, of course, the database. In this security school, we'll examine the predominant database security vulnerabilities and offer best practices on how to monitor database access to detect potential security incidents.partOfGuideSeries
-
engine-level encryption
Engine-level encryption is cryptographic encoding and decoding of data that is executed within a database engine.Definition
-
Privileged user management a must for DBAs
Trust, but verify. Ronald Reagan made it popular, and it's certainly relevant for DBAs in today's consolidated, virtualized IT world.Oracle Revelations | 15 May 2013
-
DLP management tools and reporting: Key considerations
When it comes to DLP management tools, installation and maintenance of a single centralized management console to house all rules and alerts are key.Tip
-
With DLP, encryption and integration strengthen security policies
Encryption and DLP integration can be used to enhance and strengthen security policies for sensitive data, and for blocking and enforcement actions.Tip
-
Using DLP tools for data leakage alerting and preventive actions
When evaluating DLP tools, it's important to determine data leakage alerting and preventive action needs for potential violations and blocking.Tip
- VIEW MORE ON : Database Security Management