Data security methods


  • To defend endpoint security in healthcare, technology teams with training

    At many hospitals and physician practices, endpoint devices -- such as desktop computers, laptops and smartphones -- can become areas for cybercriminals to exploit. However, a combination of high-tech defense and old-fashioned common sense offer potent protection against endpoint breaches.

    This handbook starts off with an article that looks at the security aspects of patient data on mobile devices and how those devices can work with storage technology. It may be best, when possible, to steer clear of storing personal health information on smartphones and tablets. Instead, look to back-end storage options.

    Next, readers can learn about HIPAA breaches and endpoint security in a Q&A with a hospital interim CIO. He recommends using multifactor authentication -- in other words, the practices of using at least two different credentials to verify a user's identity -- as a prime way to protect patient data from breaches that could violate HIPAA requirements.

    The final article pinpoints the security advantages offered by a virtual desktop infrastructure (VDI), which can help medical facilities sidestep data breaches while physicians use mobile devices.

    These high-tech efforts, combined with improved end-user education, can help clinicians and others in hospitals and physician practices avoid lurking digital dangers that threaten endpoints.

    Continue Reading

  • Insider security threats: What CISOs can do to mitigate them

    Dealing with insider security threats requires a combination of tactics. Expert Mike O. Villegas discusses the various aspects of insider threat mitigation strategies.Continue Reading

  • Four ways to defend against a mobile security breach

    No company is safe from potential data leaks and breaches. To combat the biggest mobile security challenges, IT needs a four-pronged line of defense.Continue Reading

  • For effective healthcare data protection try a 'layered' approach

    Healthcare organizations can protect patient data from breaches with a three-layered approach that combines traditional and advanced protection features.Continue Reading

  • Mobile security issues and solutions

    Mobile technology usage is growing just as the number of threats facing mobile data is growing. CIOs must combat mobile security issues to stay ahead in the mobile-dominated world.Continue Reading

  • Want to avoid data breach lawsuits? Get legal on your side

    The CISO's role as the protector of an organization's data intersects with responsibilities of corporate counsel. Here's how to keep the communications flowing in sticky situations.Continue Reading

  • Denial-of-service defense depends on multipronged strategy

    Ransomware and data breaches may be getting all the headlines, but denial-of-service attacks are on the rise. What can you do to mitigate their effect?Continue Reading

  • What are the pros and cons of hiring an ex-hacker?

    Hiring an ex-hacker to join an enterprise security team is a risky move. Expert Mike O. Villegas discusses the potential benefits and drawbacks of this nontraditional hiring move.Continue Reading

  • Information security culture: How enterprises can build and improve it

    Creating and fostering an information security culture isn't easy. Guest contributor Lance Hayden explains how to do it and how to identify signs of improvement.Continue Reading

  • How tabletop exercises can help uncover hidden security risks

    A regular tabletop exercise could help to identify security risks in scenarios relevant to your organization. Expert Bob Wood explains the steps in the process.Continue Reading

  • CISO challenges: Addressing cybersecurity blind spots

    Every enterprise has cybersecurity blind spots that it fails to recognize and address. Sean Martin explains what they are and how they create more CISO challenges.Continue Reading

  • Verizon: Human error still among the top data security threats

    Verizon's 2016 Data Breach Investigations Report found human vulnerabilities and errors continue to be among companies' top data security threats.Continue Reading

  • Cyberinsurance policies: Getting coverage and avoiding limitations

    The cyberinsurance market is maturing rapidly, but there are still gray areas to navigate. Sean Martin explains what enterprises should know about policies.Continue Reading

  • Enterprise mobile strategy: Step up security

    CISOs are tasked with developing an effective enterprise mobile strategy that offers different levels of mobile security, from device management to application-layer controls. Some companies are moving beyond device management and containerization to protect the data layer. An effective enterprise mobile strategy can increase employee productivity, but how can security programs strike a balance between user experience and information security? In this issue of Information Security, we talk to companies about their enterprise mobile strategies to find out what works and what doesn't.

    Even with all the momentum in advanced authentication, some enterprises show no signs of moving beyond usernames and passwords. Why isn't advanced authentication, such as one-time passwords or multifactor authentication (MFA), widely deployed? Despite the challenges of implementing and maintaining strong authentication methods, they provide significant benefits over password-only authentication mechanisms. The consumerization of MFA may lower costs. We look at strong authentication strategies and best practices for these methods on premises and in the cloud.

    Also, we continue our Readers' Top Picks series with a look at enterprise encryption tools. TechTarget polled 1,435 IT and security professionals at medium-to-large enterprises who told us that they have active encryption projects or technology purchases in the next 12 months. Look for a shortlist of products and features from readers who plan to invest in enterprise encryption tools.

    Continue Reading

  • Cyberinsurance: Assessing risks and defining policies

    Cyberinsurance is sparking interest from enterprises, but how are security risks assessed for policies? Sean Martin takes a closer look at the process.Continue Reading