Data security and privacy

Secure data storage, data loss prevention and encryption are must-have components of any enterprise security strategy, especially as data threats and breaches become increasingly common. Get advice on these topics, along with the latest data security strategies, data backup and recovery info, and more.

Top Stories

Feature 01 May 2026
Top zero-trust use cases in the enterprise

When applied correctly, zero trust can minimize an organization's attack surface. Experts weigh in on the best use cases where zero trust can deliver results. Continue Reading
By
- Mary K. Pratt
Tip 24 Apr 2026
5 top SIEM use cases in the enterprise

In the age of AI everything, SIEM isn't exactly flashy -- but it still matters. Explore top SIEM use cases that span the enterprise, from cybersecurity to IT ops. Continue Reading
By
- John Burke, Nemertes Research

Tip 14 Jun 2010
Your USB port management options

When it comes to managing USB ports, the choice is yours. Mike Chapple reviews your three best options. Continue Reading
By
- Mike Chapple, University of Notre Dame
Answer 19 May 2010
MD5 security: Time to migrate to SHA-1 hash algorithm?

Many organizations have been replacing the MD5 hash algorithm with the SHA-1 hash function, but can the MD5 hash algorithm still be used securely? Continue Reading
By
- Michael Cobb
Answer 17 Dec 2009
Personally identifiable information guidelines for U.S. passport numbers

Do U.S. passport numbers count as personally identifiable information? Learn more about guidelines for PII in this security management expert response from David Mortman. Continue Reading
By
- David Mortman, Dell
Answer 03 Nov 2009
How to protect employee information in email paystubs

Many companies are moving to a system of paperless paystubs. Learn how to protect the information contained in these email paystubs with the use of secure email in this expert response. Continue Reading
By
- David Mortman, Dell
Answer 23 Oct 2009
What is an encryption collision?

Michael Cobb reviews how encryption collision attacks on cryptographic hash functions could compromise the security of all kinds of digital systems. Continue Reading
By
- Michael Cobb
Answer 28 Aug 2009
What are new and commonly used public-key cryptography algorithms?

Expert Michael Cobb breaks down a variety of encryption algorithms and reviews the use cases for several types of cryptography. Continue Reading
By
- Michael Cobb
Answer 25 Aug 2009
What are the export limitations for AES data encryption?

Although AES is free for any use public or private, commercial or non-commercial programs that provide encryption capabilities are subject to U.S. export controls. Expert Michael Cobb reviews the limitations. Continue Reading
By
- Michael Cobb
Answer 09 Jan 2009
Comparing FTP vs. TFTP

There are some differences between FTP and TFTP, but here's the catch: both are inherently insecure protocols. Continue Reading
By
- Mike Chapple, University of Notre Dame
Tip 05 Nov 2008
Lessons learned: The Countrywide Financial breach

The data breach at Countrywide Financial Corp. seems like something out of a TV crime drama: Two men regularly copied customer data and secretly sold it as leads to other mortgage brokers. The tale suggests that data theft is, more often than not, an inside job. Robert Mullins reviews internal threats, and the authorization and access control practices that can stop them. Continue Reading
By
- Robert Mullins, Contributor
Answer 27 Mar 2008
Is Triple DES a more secure encryption scheme than DUKPT?

Both DES and TDES use a symmetric key, but Michael Cobb explains their separate and distinct roles in protecting financial transactions. Continue Reading
By
- Michael Cobb
Answer 07 Nov 2007
What are the security risks of a corporate divestiture?

Security management expert Mike Rothman discusses the data protection issues involved with a corporate divestiture . Continue Reading
By
- Mike Rothman, Securosis
Answer 01 Oct 2007
How should sensitive customer data, such as driver's license information, be handled?

In this Q&A, Identity management and access control expert Joel Dubin discusses how to properly protect the personal data of a driver's license. Continue Reading
By
- Joel Dubin
Answer 31 May 2007
What should be done with a RAID-5 array's failed drives?

Even one failed drive in a RAID-5 array can present an enterprise with serious data protection concerns. In this SearchSecurity.com Q&A, expert Michael Cobb explains which policies can protect and recover RAID-5 data. Continue Reading
By
- Michael Cobb
Answer 24 May 2007
What are the alternatives to RC4 and symmetric cryptography systems?

In this SearchSecurity.com Q&A, network security expert Mike Chapple explains how RC4 encryption stacks up against public key cryptography. Continue Reading
By
- Mike Chapple, University of Notre Dame
Answer 18 Apr 2007
How to verify 140-2 (FIPS 140-2) compliance

In this SearchSecurity.com Q&A, identity management and access control expert, Joel Dubin, discuses several ways to verify that Federal Information Processing Standard 140-2 is being enforced. Continue Reading
By
- Joel Dubin