Data security and privacy
Secure data storage, data loss prevention and encryption are must-have components of any enterprise security strategy, especially as data threats and breaches become increasingly common. Get advice on these topics, along with the latest data security strategies, data backup and recovery info, and more.
Top Stories
-
Feature
17 Sep 2024
Infosec experts detail widespread Telegram abuse
Cybersecurity vendors say threat activity on Telegram has grown rapidly in recent years, and they don't expect the arrest of founder and CEO Pavel Durov to change that trend. Continue Reading
By- Arielle Waldman, News Writer
-
News
13 Sep 2024
Fortinet confirms data breach, extortion demand
Fortinet confirmed that a threat actor stole data from a third-party cloud-based shared file drive, which affected a small number of customers, but many questions remain. Continue Reading
By- Arielle Waldman, News Writer
-
Feature
10 Apr 2015
Symantec Endpoint Encryption: Full disk encryption product overview
Expert Karen Scarfone examines the features of Symantec Endpoint Encryption, a full disk encryption product for Windows laptops, desktops and servers. Continue Reading
By- Karen Scarfone, Scarfone Cybersecurity
-
Feature
10 Apr 2015
Sophos SafeGuard: Full disk encryption product overview
Expert Karen Scarfone examines the features of Sophos SafeGuard, a full disk encryption product for laptops, desktops and servers. Continue Reading
By- Karen Scarfone, Scarfone Cybersecurity
-
Feature
10 Apr 2015
Microsoft BitLocker: Full disk encryption software overview
Expert Karen Scarfone examines the features of BitLocker, Microsoft's native full disk encryption software for Windows laptops, desktops and servers. Continue Reading
By- Karen Scarfone, Scarfone Cybersecurity
-
Feature
10 Apr 2015
McAfee Complete Data Protection: Full disk encryption product overview
Expert Karen Scarfone examines the features of McAfee Complete Data Protection, a full disk encryption product for securing client-side computers and servers. Continue Reading
By- Karen Scarfone, Scarfone Cybersecurity
-
Feature
10 Apr 2015
Dell Data Protection | Encryption: Full disk encryption product overview
Expert Karen Scarfone examines the features of Dell Data Protection | Encryption, a full disk encryption product for securing client-side devices. Continue Reading
By- Karen Scarfone, Scarfone Cybersecurity
-
Feature
10 Apr 2015
Check Point Full Disk Encryption product overview
Expert Karen Scarfone examines the features of Check Point Full Disk Encryption, an FDE product for securing client devices such as laptops and desktops. Continue Reading
By- Karen Scarfone, Scarfone Cybersecurity
-
Feature
10 Apr 2015
Apple FileVault 2: Full disk encryption software overview
Expert Karen Scarfone examines the features of Apple's bundled full disk encryption software for Mac OS X, FileVault 2. Continue Reading
By- Karen Scarfone, Scarfone Cybersecurity
-
Feature
10 Apr 2015
The top full disk encryption products on the market today
Full disk encryption can be a key component of an enterprise's desktop and laptop security strategy. Here's a look at some of the top FDE products in the industry. Continue Reading
By- James Alan Miller, Senior Executive Editor
-
Feature
23 Mar 2015
Introduction to security analytics tools in the enterprise
Expert Dan Sullivan explains how security analysis and analytics tools work, and how they provide enterprises with valuable information about impending attacks or threats. Continue Reading
By -
Tip
27 Jan 2015
A CISO's introduction to enterprise data governance strategy
Every enterprise must have a viable strategy for protecting high-value data. See if your plan aligns with Francoise Gilbert's advice on top priorities to consider when defining data governance plans. Continue Reading
By- Francoise Gilbert, Greenberg Traurig
-
Feature
23 Jan 2015
The importance of email encryption software in the enterprise
Expert Karen Scarfone explains how email encryption software protects messages and attachments from malfeasance. Continue Reading
By- Karen Scarfone, Scarfone Cybersecurity
-
Feature
05 Dec 2014
The fundamentals of FDE: Comparing the top full disk encryption products
Expert Karen Scarfone examines the top full disk encryption products to determine which one may be best for your organization. Continue Reading
By- Karen Scarfone, Scarfone Cybersecurity
-
Feature
25 Nov 2014
The fundamentals of FDE: Procuring full-disk encryption software
Expert Karen Scarfone examines the most important criteria for evaluating full disk encryption options for deployment within an enterprise. Continue Reading
By- Karen Scarfone, Scarfone Cybersecurity
-
Feature
20 Nov 2014
The fundamentals of FDE: The business case for full disk encryption
Expert Karen Scarfone outlines the benefits of FDE to help businesses decide if the storage encryption technology is right for their organization. Continue Reading
By- Karen Scarfone, Scarfone Cybersecurity
-
Feature
12 Nov 2014
The fundamentals of FDE: Full disk encryption in the enterprise
Expert Karen Scarfone examines full disk encryption, or FDE, tools and describes how the security technology protects data at rest on a laptop or desktop computer. Continue Reading
By- Karen Scarfone, Scarfone Cybersecurity
-
Tip
10 Nov 2014
Inside the four main elements of DLP tools
Security expert Rich Mogull outlines the four elements of a DLP tool: the central management server, network monitoring, storage and endpoint DLP. Continue Reading
By- Rich Mogull, Securosis
-
Feature
01 Aug 2014
The NoSQL challenge: What's in store for big data and security
Big data offers horizontal scalability, but how do you get your database security to scale along with it? Continue Reading
By- Adrian Lane, Securosis
-
News
05 Feb 2014
Amid Microsoft MD5 deprecation, experts warn against SHA-1 algorithm
With Microsoft's MD5 deprecation set for next week, experts say companies must be careful to avoid other weak protocols, like SHA-1. Continue Reading
-
Quiz
30 May 2013
Quiz: Database security issues
This 10-question quiz will test your knowledge of the key points we’ve covered in the webcast, podcast and tip in this database security school lesson. Continue Reading
By -
Feature
26 Feb 2013
Managing big data privacy concerns: Tactics for proactive enterprises
The growing use of big data analytics has created big data privacy concerns, yet viable tactics exist for proactive enterprises to help companies get smarter while keeping consumers happy. Continue Reading
-
Answer
12 Feb 2013
What risk does the Apple UDID security leak pose to iOS users?
Expert Michael Cobb details Apple's Unique Device Identifiers, plus why iOS users should be concerned about the Anonymous UDID security leak. Continue Reading
By -
Tip
08 Jan 2013
Windows Server 2012 security: Is it time to upgrade?
Expert Michael Cobb wades through the security features of Windows Server 2012 to find out what's new and beneficial in Microsoft's latest release. Continue Reading
By -
Opinion
01 Nov 2012
Protecting Intellectual Property: Best Practices
Organizations need to implement best practices to protect their trade secrets from both internal and external threats. Continue Reading
By- Peter J. Toren
-
Tip
06 Dec 2011
P2P encryption: Pros and cons of point-to-point encryption
P2P encryption is an emerging technology; one that may be helpful for many companies, especially merchants. Mike Chapple dissects the pros and cons. Continue Reading
By- Mike Chapple, University of Notre Dame
-
Answer
17 Oct 2011
Comparing relational database security and NoSQL security
In this introduction to database security, expert Michael Cobb explains the differences between relational database and NoSQL security. Continue Reading
By -
Tip
05 Nov 2010
Outsourcing data center services: SMB security best practices
Learn best practices for outsourcing data center services and about the security and compliance considerations that influence whether an SMB should outsource data center services. Continue Reading
By- Joe Malec, Contributor
-
Tip
18 Oct 2010
Data classification best practices in financial services
Data classification is critical in the highly regulated financial industry. Learn key steps for data classification. Continue Reading
By- Dave Shackleford, Voodoo Security
-
Tip
14 Jun 2010
Your USB port management options
When it comes to managing USB ports, the choice is yours. Mike Chapple reviews your three best options. Continue Reading
By- Mike Chapple, University of Notre Dame
-
Answer
19 May 2010
MD5 security: Time to migrate to SHA-1 hash algorithm?
Many organizations have been replacing the MD5 hash algorithm with the SHA-1 hash function, but can the MD5 hash algorithm still be used securely? Continue Reading
By -
Answer
17 Dec 2009
Personally identifiable information guidelines for U.S. passport numbers
Do U.S. passport numbers count as personally identifiable information? Learn more about guidelines for PII in this security management expert response from David Mortman. Continue Reading
By- David Mortman, Dell
-
Answer
03 Nov 2009
How to protect employee information in email paystubs
Many companies are moving to a system of paperless paystubs. Learn how to protect the information contained in these email paystubs with the use of secure email in this expert response. Continue Reading
By- David Mortman, Dell
-
Answer
23 Oct 2009
What is an encryption collision?
Michael Cobb reviews how encryption collision attacks on cryptographic hash functions could compromise the security of all kinds of digital systems. Continue Reading
By -
Answer
28 Aug 2009
What are new and commonly used public-key cryptography algorithms?
Expert Michael Cobb breaks down a variety of encryption algorithms and reviews the use cases for several types of cryptography. Continue Reading
By -
Answer
25 Aug 2009
What are the export limitations for AES data encryption?
Although AES is free for any use public or private, commercial or non-commercial programs that provide encryption capabilities are subject to U.S. export controls. Expert Michael Cobb reviews the limitations. Continue Reading
By -
Answer
09 Jan 2009
Comparing FTP vs. TFTP
There are some differences between FTP and TFTP, but here's the catch: both are inherently insecure protocols. Continue Reading
By- Mike Chapple, University of Notre Dame
-
Tip
05 Nov 2008
Lessons learned: The Countrywide Financial breach
The data breach at Countrywide Financial Corp. seems like something out of a TV crime drama: Two men regularly copied customer data and secretly sold it as leads to other mortgage brokers. The tale suggests that data theft is, more often than not, an inside job. Robert Mullins reviews internal threats, and the authorization and access control practices that can stop them. Continue Reading
By- Robert Mullins, Contributor
-
Answer
27 Mar 2008
Is Triple DES a more secure encryption scheme than DUKPT?
Both DES and TDES use a symmetric key, but Michael Cobb explains their separate and distinct roles in protecting financial transactions. Continue Reading
By -
Answer
07 Nov 2007
What are the security risks of a corporate divestiture?
Security management expert Mike Rothman discusses the data protection issues involved with a corporate divestiture . Continue Reading
By- Mike Rothman, Securosis
-
Answer
01 Oct 2007
How should sensitive customer data, such as driver's license information, be handled?
In this Q&A, Identity management and access control expert Joel Dubin discusses how to properly protect the personal data of a driver's license. Continue Reading
By -
Answer
31 May 2007
What should be done with a RAID-5 array's failed drives?
Even one failed drive in a RAID-5 array can present an enterprise with serious data protection concerns. In this SearchSecurity.com Q&A, expert Michael Cobb explains which policies can protect and recover RAID-5 data. Continue Reading
By -
Answer
24 May 2007
What are the alternatives to RC4 and symmetric cryptography systems?
In this SearchSecurity.com Q&A, network security expert Mike Chapple explains how RC4 encryption stacks up against public key cryptography. Continue Reading
By- Mike Chapple, University of Notre Dame
-
Answer
18 Apr 2007
How to verify 140-2 (FIPS 140-2) compliance
In this SearchSecurity.com Q&A, identity management and access control expert, Joel Dubin, discuses several ways to verify that Federal Information Processing Standard 140-2 is being enforced. Continue Reading
By