Data security strategies and governance
In this guide to enterprise data security strategies and governance, get advice on how to protect your enterprise information with the right data classification and protection techniques and policies.
Top Stories
-
Answer
19 Apr 2023
How to defend against TCP port 445 and other SMB exploits
Keeping TCP port 445 and other SMB ports open is necessary for resource sharing, yet this can create an easy target for attackers without the proper protections in place. Continue Reading
-
Feature
09 Nov 2021
API security strategies must evolve to include API protection
An API security strategy must include the ability to protect APIs post-deployment, but questions abound about ownership, which tools to use and how to get started. Continue Reading
-
Feature
25 Aug 2016
Blue Coat DLP: Data loss prevention product overview
Expert Bill Hayes takes a look at Blue Coat DLP, a single appliance data loss prevention system that works with the company's web security gateway products. Continue Reading
-
Feature
17 Aug 2016
WinMagic SecureDoc: Full-disk encryption product overview
Expert Karen Scarfone examines the features of WinMagic's SecureDoc, a full-disk encryption product for laptops, desktops, mobile devices and servers. Continue Reading
-
Answer
10 Feb 2016
What privacy regulations should enterprises follow?
The U.S. government has been criticized for its lack of updated privacy regulations. Expert Mike Chapple advises enterprises that want to bolster their privacy policies. Continue Reading
-
News
20 Nov 2015
Safe Harbor framework update in danger of capsizing
News roundup: Rights groups join critics of Safe Harbor framework update, OPM breach testimony pushback, FBI hiring part of cybersecurity issue for Justice Department. Plus: recycled malware, Microsoft's security push. Continue Reading
-
Answer
01 Oct 2015
How can power consumption-tracking malware be avoided?
Malware authors are using power consumption tracking-malware to eavesdrop on and attack mobile devices. Expert Nick Lewis explains the threat and how to defend against it. Continue Reading
-
Tip
10 Sep 2015
Improve corporate data protection with foresight, action
Better corporate data protection demands foresight and concrete action. Learn why breach training, monitoring and early detection capabilities can minimize damage when hackers attack. Continue Reading
-
Feature
25 Jun 2015
How to keep track of sensitive data with a data flow map
Expert Bill Hayes describes how to create a data flow map to visualize where sensitive data is processed, how it transits the network and where it's stored. Continue Reading
-
News
24 Apr 2015
NIST wants help building the one ID proofing system to rule them all
The U.S. government wants to solve the weaknesses in online ID proofing systems, but it needs the help of enterprise and security professionals in order to overcome privacy concerns and other issues. Continue Reading
-
Feature
10 Apr 2015
Check Point Full Disk Encryption product overview
Expert Karen Scarfone examines the features of Check Point Full Disk Encryption, an FDE product for securing client devices such as laptops and desktops. Continue Reading
-
Feature
10 Apr 2015
The top full disk encryption products on the market today
Full disk encryption can be a key component of an enterprise's desktop and laptop security strategy. Here's a look at some of the top FDE products in the industry. Continue Reading
-
Tip
27 Jan 2015
A CISO's introduction to enterprise data governance strategy
Every enterprise must have a viable strategy for protecting high-value data. See if your plan aligns with Francoise Gilbert's advice on top priorities to consider when defining data governance plans. Continue Reading
-
Feature
23 Jan 2015
The importance of email encryption software in the enterprise
Expert Karen Scarfone explains how email encryption software protects messages and attachments from malfeasance. Continue Reading
-
Tip
10 Nov 2014
Inside the four main elements of DLP tools
Security expert Rich Mogull outlines the four elements of a DLP tool: the central management server, network monitoring, storage and endpoint DLP. Continue Reading
-
Definition
29 Aug 2014
document sanitization
In addition to making sure the document text doesn’t openly divulge anything it shouldn’t, document sanitization includes removing document metadata that could pose a privacy or security risk. Continue Reading
-
Definition
05 Nov 2012
enhanced driver's license (EDL)
An enhanced driver's license (EDL) is a government-issued permit that, in addition to the standard features of a driver's license, includes an RFID tag that allows officials to pull up the owner's biographical and biometric data. Continue Reading
-
Opinion
01 Nov 2012
Protecting Intellectual Property: Best Practices
Organizations need to implement best practices to protect their trade secrets from both internal and external threats. Continue Reading
-
Answer
03 Nov 2009
How to protect employee information in email paystubs
Many companies are moving to a system of paperless paystubs. Learn how to protect the information contained in these email paystubs with the use of secure email in this expert response. Continue Reading
-
Answer
27 Mar 2008
Is Triple DES a more secure encryption scheme than DUKPT?
Both DES and TDES use a symmetric key, but Michael Cobb explains their separate and distinct roles in protecting financial transactions. Continue Reading
-
Answer
13 Mar 2008
How to secure an FTP connection
Network security expert Mike Chapple offers three tips that enable an FTP connection without opening up an enterprise to security risks. Continue Reading
-
Answer
07 Nov 2007
What are the security risks of a corporate divestiture?
Security management expert Mike Rothman discusses the data protection issues involved with a corporate divestiture . Continue Reading
-
Answer
01 Oct 2007
How should sensitive customer data, such as driver's license information, be handled?
In this Q&A, Identity management and access control expert Joel Dubin discusses how to properly protect the personal data of a driver's license. Continue Reading
-
Answer
31 May 2007
What should be done with a RAID-5 array's failed drives?
Even one failed drive in a RAID-5 array can present an enterprise with serious data protection concerns. In this SearchSecurity.com Q&A, expert Michael Cobb explains which policies can protect and recover RAID-5 data. Continue Reading
-
Answer
30 May 2007
How secure are document scanners and other 'scan to email' appliances?
Copiers and document scanners have always posed challenges for information security teams. In this SearchSecurity.com Q&A, Michael Cobb reveals how the right policies can control the use (and abuse) of these devices. Continue Reading
-
Answer
24 May 2007
What are the alternatives to RC4 and symmetric cryptography systems?
In this SearchSecurity.com Q&A, network security expert Mike Chapple explains how RC4 encryption stacks up against public key cryptography. Continue Reading
-
Answer
18 Apr 2007
How to verify 140-2 (FIPS 140-2) compliance
In this SearchSecurity.com Q&A, identity management and access control expert, Joel Dubin, discuses several ways to verify that Federal Information Processing Standard 140-2 is being enforced. Continue Reading