Data loss prevention technology
In this guide learn about the basics of data loss prevention technology and data loss threats. Find out how to build a security system to detect and prevent malicious hacker activity with data loss prevention (DLP) technology, software and products.
Top Stories
-
Feature
30 Sep 2021
How to use Ghidra for malware analysis, reverse-engineering
The Ghidra malware analysis tool helps infosec beginners learn reverse-engineering quickly. Get help setting up a test environment and searching for malware indicators. Continue Reading
-
Feature
30 Sep 2021
Get started with the Ghidra reverse-engineering framework
Malware analysts use Ghidra to examine code to better understand how it works. Learn what to expect from the reverse-engineering framework, how to start using it and more. Continue Reading
-
Feature
14 Sep 2021
Why companies should use AI for fraud management, detection
AI is involved in many cybersecurity processes. Now it's making inroads in fraud management and detection. The benefits, however, are not without AI's nagging bias challenge. Continue Reading
-
Definition
13 Jul 2021
spyware
Spyware is a type of malicious software -- or malware -- that is installed on a computing device without the end user's knowledge. Continue Reading
-
Feature
15 Jun 2021
How to get started with security chaos engineering
Introducing security chaos engineering: the latest methodology security teams can implement to proactively discover vulnerabilities or weaknesses in a company's system. Continue Reading
-
News
26 May 2021
Rowhammer reach extended for new attack method
Google researchers discovered a bit-flipping hardware trick can now be carried out across extra rows of transistors, circumventing protections against the attack technique. Continue Reading
-
Feature
19 May 2021
12 essential features of advanced endpoint security tools
In addition to protecting an organization's endpoints from threats, IT administrators can use endpoint security tools to monitor operation functions and DLP strategies. Continue Reading
-
Feature
14 May 2021
Endpoint security strategy: Focus on endpoints, apps or both?
Companies know how to secure traditional endpoints, but what about mobile devices outside the network? They should decide if they want to protect devices, apps or both. Continue Reading
-
Tip
12 May 2021
Use immutable backups to prevent data loss, boost compliance
Immutable backups have gained traction with the rise in ransomware attacks. However, there are different approaches to immutability and external factors that come in to play. Continue Reading
-
Feature
29 Apr 2021
Learn how to mitigate container security issues
The more companies embrace application containerization, the more they need to know about container security issues and attack prevention methods. Continue Reading
-
Feature
29 Apr 2021
Adopting containers and preventing container security risks
When it comes to container security risks, organizations often worry about container escapes, but as expert Liz Rice explains, they should focus on prevention and patching. Continue Reading
-
Guest Post
16 Apr 2021
Companies must train their SOC teams well to prevent breaches
SOC teams can have all the latest and greatest cybersecurity tools, but unless they have the proper training, it won't be enough to mitigate an attack. Continue Reading
-
Guest Post
07 Apr 2021
Utilizing existing tech to achieve zero-trust security
A zero-trust security model can immediately be used to address current gaps and provide a secure foundation for managing risk going forward, from both internal and external threats. Continue Reading
-
Quiz
30 Mar 2021
Data loss prevention quiz: Test your training on DLP features
Data loss prevention tools can help infosec manage insider threat, shadow IT and compliance initiatives. Test your know-how with this DLP quiz. Continue Reading
-
Guest Post
11 Mar 2021
How security teams can prepare for advanced persistent threats
Daniel Clayton explains how any organization can devise its cybersecurity strategy to account for advanced persistent threats, which have started changing the threat landscape. Continue Reading
-
News
02 Mar 2021
Arcserve UDP 8.0 update focuses on ransomware protection
After its latest update, Arcserve's flagship data protection software has integrated Sophos security and supports AWS S3 Object Lock to make backups immutable. Continue Reading
-
Quiz
09 Nov 2020
Try this cybersecurity quiz, test your cyberdefense smarts
Based on the November 2020 issue of Information Security magazine, this 10-question quiz lets you check your comprehensive knowledge of current security issues and earn CPE credit too. Continue Reading
-
Feature
02 Nov 2020
AI in security analytics is the enhancement you need
AI-powered analytics is critical to an effective, proactive security strategy. Learn how AI-enabled tools work and what your organization needs to do to reap their benefits. Continue Reading
-
Opinion
02 Nov 2020
AI in cybersecurity ups your odds against persistent threats
AI capabilities can identify and take down cyberthreats in real time but are only part of what your team needs to come out on the winning side of the cybersecurity battle. Continue Reading
- E-Zine 02 Nov 2020
-
Tip
22 Sep 2020
Format-preserving encryption use cases, benefits, alternative
With format-preserving encryption, a ciphertext's format is the same as its plaintext's. Read up on the benefits of this cryptography method, NIST FPE methods, vendors and more. Continue Reading
-
News
23 Jul 2020
Microsoft unveils new DLP, 'Double Key Encryption' offerings
Microsoft revealed new security products and features this week, including an Endpoint Data Loss Prevention product as well as "Double Key Encryption" for Microsoft 365. Continue Reading
-
Feature
29 May 2020
GDPR, CCPA, cloud drive security management tool makeovers
As data protection and privacy laws like GDPR and CCPA take hold, data managers refine governance practices, while vendors enhance traditional big data security tools. Continue Reading
-
Infographic
01 May 2020
The state of cybersecurity risk: Detection and mitigation
Hackers will always try to creep in, and many will succeed. That's why effective detection and mitigation are essential. How are enterprises faring? Continue Reading
-
Tip
06 Apr 2020
Using AIOps for cybersecurity and better threat response
AIOps platforms, when properly tuned, can benefit all of IT in important ways. Learn how these advanced security tools improve threat detection and response in myriad ways. Continue Reading
-
Feature
26 Mar 2020
Explore 7 data loss prevention tools for utmost security
Explore how DLP products secure enterprise data and these seven specialized vendors that provide protection through varying installation, platforms and features. Continue Reading
-
Tip
27 Jan 2020
Protect against evolving data security threats
As data security threats evolve, knowing how to protect your data is more important than ever. Learn about the latest security threats and how to ward them off. Continue Reading
-
Tip
10 Dec 2019
Use a data privacy framework to keep your information secure
Find out how a data privacy framework gives companies the tools they need to ensure their information is protected -- from both internal and external threats. Continue Reading
-
Feature
13 Nov 2019
Build new and old strategies into insider threat management
The risk of insider threat does not discriminate across industry lines. Learn how to build an insider threat management program that combines AI, zero-trust principles and a healthy security culture. Continue Reading
-
Feature
23 Oct 2019
Combat the human aspect of risk with insider threat management
When it comes to insider threat awareness and prevention, enterprises would be wise to marry a people-centric approach with a technology-centric approach. Continue Reading
-
Answer
22 Oct 2019
The difference between AES and DES encryption
Choosing to encrypt confidential data with AES or DES encryption is an important cybersecurity matter. Learn about the important differences between AES and DES. Continue Reading
-
Tip
20 Aug 2019
Network traffic analysis tools secure a new, crucial role
Gartner just produced its first-ever guide to network traffic analytics security tools. Learn how the analysis of network traffic is broadening to include network security. Continue Reading
-
News
30 Jul 2019
Carbonite CEO joins IDG, interim CEO steps in
Former Carbonite CEO Mohamad Ali joined tech media company International Data Group as Steve Munford stepped in to become interim CEO. Continue Reading
-
Answer
26 Jul 2019
How can endpoint security features help combat modern threats?
The antivirus of yesteryear isn't a strong enough competitor to beat modern enterprise threats. Learn about the endpoint security features ready to tackle these battles head-on. Continue Reading
-
News
24 Jul 2019
Acronis CEO: 'Backup is dead'
Backup alone is not enough, according to Acronis CEO Serguei Beloussov. True data protection involves a combination of security, privacy and accessibility on top of backup. Continue Reading
-
Opinion
01 May 2019
Putting cybersecurity for healthcare on solid footing
CISO Kevin Charest talks security threats he sees in the healthcare field and the means his company is using to thwart them, including HCSC's Cyber Fusion Center. Continue Reading
-
Feature
18 Apr 2019
A condensed look at the IT resilience market
A lot is going on in the market for resilience. Acquisitions, partnerships and other consolidations have bundled DR planning offerings, creating one-stop shopping experiences. Continue Reading
-
Answer
26 Mar 2019
Can PDF digital signatures be trusted?
Digital signatures on PDF documents don't necessarily guarantee their contents are valid, as new research shows viewer implementations don't always detect incomplete signatures. Continue Reading
-
Tip
20 Feb 2019
Key steps to put your zero-trust security plan into action
There are three key categories of vendor zero-trust products. Learn what they are, and how to evaluate and implement the one that's best for your company. Continue Reading
-
Answer
19 Feb 2019
How did Signal Desktop expose plaintext passwords?
The Signal Desktop application was found to be making decryption keys available in plaintext. Learn how the SQLite database and plaintext passwords were put at risk. Continue Reading
-
Tip
31 Oct 2018
NIST incident response plan: 4 steps to better incident handling
The NIST incident response plan involves four phases enterprises can take to improve security incident handling. Expert Mike O. Villegas reviews each step. Continue Reading
-
Tip
26 Jul 2018
How to identify and protect high-value data in the enterprise
Protecting data in the enterprise is a crucial but challenging task. Expert Charles Kao shares key steps and strategies to consider to identify and protect high-value data. Continue Reading
-
Answer
06 Jul 2018
Can IT add digital watermarks to its virtual desktops?
As part of a larger security strategy, watermarking virtual desktops can help IT discourage data leakage by adding user-specific text to each desktop. Continue Reading
-
News
29 Jun 2018
McAfee details rise in blockchain threats, cryptocurrency attacks
McAfee's new 'Blockchain Threat Report' charts a dramatic rise in cryptomining malware and details four major attack vectors for cryptocurrency-related threats. Continue Reading
-
Definition
29 May 2018
counterintelligence
Counterintelligence (CI) is the information gathered and actions taken to identify and protect against an adversary’s knowledge collection activities or attempts to cause harm through sabotage or other actions. Continue Reading
-
Tip
22 May 2018
DeOS attacks: How enterprises can mitigate the threat
An increase in DeOS attacks has been reported just as the 'Cisco 2017 Midyear Cybersecurity Report' predicted. Learn how these attacks target off-site backups with David Geer. Continue Reading
-
Tip
17 May 2018
How security operations centers work to benefit enterprises
One key support system for enterprises is security operations centers. Expert Ernie Hayden reviews the basic SOC framework and the purposes they can serve. Continue Reading
-
News
27 Feb 2018
DLP implementation: Partner with the business for success
Data loss prevention strategies help prevent unauthorized disclosure of sensitive information. For a DLP strategy to be successful, however, business-wide buy-in is required. Continue Reading
-
Feature
21 Dec 2017
Get the best botnet protection with the right array of tools
Enterprise anti-botnet defenses, to be effective, must be added in multiple layers. No single security product will do the trick, but the right combo of tools can. Continue Reading
-
Tip
02 Oct 2017
Securing endpoints with supplementary tools protects data
Learn how network access control (NAC), data loss prevention (DLP) and robust data destruction tools secure the data in your corporate endpoints against data loss. Continue Reading
-
Feature
15 Sep 2017
Symantec Data Loss Prevention: Product overview
Expert Bill Hayes checks out the Symantec Data Loss Prevention suite, featuring an architecture consisting of content-aware detection servers, endpoint agents and unified management. Continue Reading
-
Tip
29 Aug 2017
What to do when cybersecurity breaches seem inevitable
The current threat landscape makes cybersecurity breaches seem unavoidable. Expert Peter Sullivan discusses some simple ways enterprises can reduce the risk of a breach. Continue Reading
-
Guide
21 Jul 2017
What data loss prevention systems and tactics can do now
Setting up systems to preventing data loss is a must for companies of all sizes. Learn the basics of and what's new in data loss prevention and how to keep your DLP system humming. Continue Reading
-
Feature
10 Jul 2017
Advanced endpoint protection takes on the latest exploits
Advanced endpoint protection is arriving from all quarters -- machine learning, crafty sandboxes, behavior analytics. Learn how tech advances are being applied to endpoints. Continue Reading
-
Opinion
10 Jul 2017
Do thoughts of your least secure endpoint keep you up at night?
Some days, 'secure endpoint' feels like an oxymoron, but that soon may change. From smart sandboxes to advanced behavior analytics, learn what's new in endpoint security technologies. Continue Reading
-
Feature
24 May 2017
Trustwave Data Loss Prevention: Product overview
Expert Bill Hayes examines Trustwave Data Loss Prevention and how the product addresses data at rest, endpoint data in use and network data in transit for enterprises. Continue Reading
-
Answer
02 May 2017
How can a distributed guessing attack obtain payment card data?
Attackers can gather payment card data by carrying out distributed guessing with a minimal amount of existing information. Expert Michael Cobb explains how this attack works. Continue Reading
-
Answer
21 Apr 2017
How does USB Killer v3 damage devices through their USB connections?
USB Killer devices, with the ability to destroy systems via a USB input, are available and inexpensive. Expert Nick Lewis explains how they work and how to defend against this threat. Continue Reading
-
Answer
05 Apr 2017
Insecure OAuth implementations: How are mobile app users at risk?
Mobile apps using insecure OAuth could lead to over one billion user accounts being attacked. Expert Michael Cobb explains how developers can implement OAuth securely. Continue Reading
-
Tip
30 Mar 2017
DLP systems: Spotting weaknesses and improving management
DLP systems are becoming a necessity, but their weaknesses need to be tightened to ensure enterprise asset security. Expert Kevin Beaver explains what areas to focus on. Continue Reading
-
Feature
13 Mar 2017
RSA Data Loss Prevention Suite: Product overview
Expert Bill Hayes examines the RSA Data Loss Prevention Suite, which covers data in use, in transit and at rest for corporate networks, mobile devices and cloud services. Continue Reading
-
Feature
20 Feb 2017
Ransomware prevention tools to win the fight
Fighting malware today means battling ransomware. Learn what ransomware prevention tools you need to acquire and how to perfect using the tools your company already owns. Continue Reading
-
Feature
17 Feb 2017
Quest Rapid Recovery incremental backup software saves data in a flash
Quest Software's block-level, incremental backup software provides in-place recovery, integration with Microsoft VSS and tight recovery point and recovery time objectives. Continue Reading
-
Answer
20 Jan 2017
How serious are the flaws in St. Jude Medical's IoT medical devices?
MedSec and Muddy Waters Capital revealed serious flaws in IoT medical devices manufactured by St. Jude Medical. Expert Nick Lewis explains the severity of these vulnerabilities. Continue Reading
-
Answer
17 Jan 2017
How does USBee turn USB storage devices into covert channels?
USB storage devices can be turned into covert channels with a software tool called USBee. Expert Nick Lewis explains how to protect your enterprise data from this attack. Continue Reading
-
Answer
16 Jan 2017
How do man-in-the-middle attacks on PIN pads expose credit card data?
Passive man-in-the-middle attacks on PIN pads can lead to attackers stealing credit card details. Expert Nick Lewis explains how companies can mitigate these attacks. Continue Reading
-
News
12 Jan 2017
Google Cloud KMS simplifies the key management service, but lacks features
Experts are impressed with the simplicity of Google's Cloud KMS even if it doesn't separate itself from the key management service competition. Continue Reading
-
Feature
23 Nov 2016
Digital Guardian for Data Loss Prevention: Product overview
Expert Bill Hayes examines Digital Guardian for Data Loss Prevention and more of the vendor's DLP product lineup, which cover data in use, data in transit and data in the cloud. Continue Reading
-
Feature
16 Nov 2016
CA Technologies Data Protection: DLP product overview
Expert Bill Hayes examines CA Technologies Data Protection, a data loss prevention suite designed to protect data at rest, in transit and in use across enterprise devices, networks and cloud services. Continue Reading
-
Feature
25 Aug 2016
Blue Coat DLP: Data loss prevention product overview
Expert Bill Hayes takes a look at Blue Coat DLP, a single appliance data loss prevention system that works with the company's web security gateway products. Continue Reading
-
Buyer's Guide
26 May 2016
The best email encryption products: A comprehensive buyer's guide
Email encryption is a critical component of enterprise security. In this buyer's guide, expert Karen Scarfone breaks down what you need to know to find the best email encryption software for your organization. Continue Reading
-
Feature
14 Apr 2016
Voltage SecureMail encryption tool: Product overview
Expert contributor Karen Scarfone takes a look at Voltage SecureMail for encrypting email messages in the enterprise. Continue Reading
-
Feature
12 Apr 2016
Symantec Desktop Email Encryption: Product overview
Expert contributor Karen Scarfone examines Symantec Desktop Email Encryption, a tool for encrypting email messages for individuals within the enterprise. Continue Reading
-
Feature
11 Nov 2015
Lessons in mobile data loss protection for enterprise IT pros
With mobile devices everywhere in the enterprise now, learning tactics for data loss protection must become an IT priority. Continue Reading
-
Tip
15 Oct 2015
Is a security cloud service your best endpoint defense?
Cloud technologies often have a bad reputation when it comes to security, but that may be unfair. Is the cloud the best answer for securing the endpoints in your enterprise? Continue Reading
-
Feature
25 Jun 2015
How to keep track of sensitive data with a data flow map
Expert Bill Hayes describes how to create a data flow map to visualize where sensitive data is processed, how it transits the network and where it's stored. Continue Reading
-
Feature
10 Apr 2015
Symantec Endpoint Encryption: Full disk encryption product overview
Expert Karen Scarfone examines the features of Symantec Endpoint Encryption, a full disk encryption product for Windows laptops, desktops and servers. Continue Reading
-
Feature
10 Apr 2015
Sophos SafeGuard: Full disk encryption product overview
Expert Karen Scarfone examines the features of Sophos SafeGuard, a full disk encryption product for laptops, desktops and servers. Continue Reading
-
Feature
10 Apr 2015
Microsoft BitLocker: Full disk encryption software overview
Expert Karen Scarfone examines the features of BitLocker, Microsoft's native full disk encryption software for Windows laptops, desktops and servers. Continue Reading
-
Feature
10 Apr 2015
McAfee Complete Data Protection: Full disk encryption product overview
Expert Karen Scarfone examines the features of McAfee Complete Data Protection, a full disk encryption product for securing client-side computers and servers. Continue Reading
-
Feature
10 Apr 2015
Dell Data Protection | Encryption: Full disk encryption product overview
Expert Karen Scarfone examines the features of Dell Data Protection | Encryption, a full disk encryption product for securing client-side devices. Continue Reading
-
Feature
10 Apr 2015
Apple FileVault 2: Full disk encryption software overview
Expert Karen Scarfone examines the features of Apple's bundled full disk encryption software for Mac OS X, FileVault 2. Continue Reading
-
Feature
10 Apr 2015
The top full disk encryption products on the market today
Full disk encryption can be a key component of an enterprise's desktop and laptop security strategy. Here's a look at some of the top FDE products in the industry. Continue Reading
-
Feature
05 Dec 2014
The fundamentals of FDE: Comparing the top full disk encryption products
Expert Karen Scarfone examines the top full disk encryption products to determine which one may be best for your organization. Continue Reading
-
Feature
25 Nov 2014
The fundamentals of FDE: Procuring full-disk encryption software
Expert Karen Scarfone examines the most important criteria for evaluating full disk encryption options for deployment within an enterprise. Continue Reading
-
Feature
20 Nov 2014
The fundamentals of FDE: The business case for full disk encryption
Expert Karen Scarfone outlines the benefits of FDE to help businesses decide if the storage encryption technology is right for their organization. Continue Reading
-
Feature
12 Nov 2014
The fundamentals of FDE: Full disk encryption in the enterprise
Expert Karen Scarfone examines full disk encryption, or FDE, tools and describes how the security technology protects data at rest on a laptop or desktop computer. Continue Reading
-
Tip
10 Nov 2014
Inside the four main elements of DLP tools
Security expert Rich Mogull outlines the four elements of a DLP tool: the central management server, network monitoring, storage and endpoint DLP. Continue Reading
-
Quiz
30 May 2013
Quiz: Database security issues
This 10-question quiz will test your knowledge of the key points we’ve covered in the webcast, podcast and tip in this database security school lesson. Continue Reading
-
Tip
10 Jan 2013
BYOD security: How to remotely wipe iPhone and Android devices
Remote data wipe is key to any BYOD security policy, but each OS handles it differently. Lisa Phifer covers how to use it with other controls to protect data. Continue Reading
-
Answer
01 Oct 2007
How should sensitive customer data, such as driver's license information, be handled?
In this Q&A, Identity management and access control expert Joel Dubin discusses how to properly protect the personal data of a driver's license. Continue Reading