Data security technology and strategy
In an era when data theft and security breaches are daily occurrences, secure data storage is a key component of a security infrastructure. This introduction to enterprise data security and protection strategies offers advice on how to lock down stored data, data backup and recovery, disk and file encryption and database security.
Top Stories
-
Answer
19 Apr 2023
How to defend against TCP port 445 and other SMB exploits
Keeping TCP port 445 and other SMB ports open is necessary for resource sharing, yet this can create an easy target for attackers without the proper protections in place. Continue Reading
-
Tip
09 Jan 2023
What is Triple DES and why is it being disallowed?
Triple DES no longer provides the encryption strength it once did. Prepare now to transition away from its use to a more security alternative. Continue Reading
-
Tip
20 Mar 2019
How automated patch management using SOAR can slash risk
Learn how to use security orchestration, automation and response, also known as SOAR, to ease the hassle of mundane tasks related to patch management. Continue Reading
-
Tip
20 Mar 2019
Automating incident response with security orchestration
Security orchestration, automation and response technology is now seen as a key aid to security pros attempting to thwart an onslaught of cyberattacks. Continue Reading
-
Tip
20 Mar 2019
Plugging the cybersecurity skills gap with security automation
Security automation and response promises to help alleviate the shortage of qualified cybersecurity pros. Learn how SOAR helps security teams work smarter, not harder. Continue Reading
-
Feature
14 Mar 2019
AI security tech is making waves in incident response
Experts weigh in on the latest smart cybersecurity tools -- how they work, the implications for your IT security team and whether the investment is worth the expense. Continue Reading
-
Conference Coverage
07 Mar 2019
RSAC 2019: Coverage of the premiere security gathering
Find out what's happening at the at the 2019 RSA Conference in San Francisco, the information security industry's biggest event, with breaking news and analysis by the SearchSecurity team. Continue Reading
-
Tip
05 Mar 2019
How blockchain storage could benefit the enterprise
Whether your organization is a potential buyer or seller of blockchain data storage, the technology could change how you look at storage. Discover where blockchain is headed. Continue Reading
-
Tip
27 Feb 2019
Secure disaster recovery will be a priority in 2019
Along with weather events and IT outages, data security has become a major concern in DR. With cyberattacks on the rise, strategists are placing higher importance on resilience. Continue Reading
-
Tip
20 Feb 2019
Key steps to put your zero-trust security plan into action
There are three key categories of vendor zero-trust products. Learn what they are, and how to evaluate and implement the one that's best for your company. Continue Reading
-
News
12 Feb 2019
Carbonite acquisition of Webroot merges backup, cybersecurity
The Carbonite acquisition of Webroot is a big play in the SMB market. Carbonite's backup and recovery platform will combine with Webroot's cybersecurity. Continue Reading
-
Feature
01 Feb 2019
CISO tackles banking cybersecurity and changing roles
Over the course of his career in security, Thomas Hill has held varied positions that inform his views on both technological specifics and strategic roles in modern corporations. Continue Reading
-
Feature
01 Feb 2019
Top 10 CISO concerns for 2019 span a wide range of issues
From dealing with data and staffing shortages to adapting to an ever-expanding set of job responsibilities, CISOs face an array of serious issues in 2019. Continue Reading
-
Infographic
01 Feb 2019
Cutting SecOps breach response time is key to success
A new survey measures the success of security operations breach response by how long it takes to complete a three-step process to detect, understand and contain incidents. Continue Reading
-
Tip
30 Jan 2019
How to ensure a secure disaster recovery operation
As if recovering from a disaster isn't pressing enough, organizations also need to be mindful of potential security breaches when they are most vulnerable. Continue Reading
-
Tip
10 Jan 2019
6 steps to how blockchain storage works
See how blockchain technology has the potential to provide a secure and reliable enterprise data storage environment with our step-by-step guide to blockchain data storage. Continue Reading
-
Tip
20 Nov 2018
Zero-trust security means new thinking plus practical steps
Implementing a security policy that, essentially, trusts no one and nothing doesn't have to be overwhelming if you understand the basics behind the security model. Continue Reading
-
News
20 Nov 2018
AWS moves to curb S3 data leaks, but Chris Vickery is doubtful
Amazon unveils new settings to help users avoid S3 data leaks, but UpGuard's Chris Vickery, who uncovered most AWS exposures, is doubtful the changes will end the problem. Continue Reading
-
Tip
21 Sep 2018
4 tips on getting up to speed with GDPR for U.S. companies
When GDPR went into effect four months ago, some U.S. companies just shut down communications with EU customers, but compliance can benefit organizations and marketers. Continue Reading
-
Tip
10 Jul 2018
How to ensure hyper-converged infrastructure security
To secure data in an HCI system, it requires tools and techniques that account for the unique features of hyper-convergence, such as shared resources and virtualized management. Continue Reading
-
Answer
26 Jun 2018
How do I keep my virtualized backup secure?
A virtual backup is not effective if it's not secure. Encryption, agentless backup and testing can all help. Explore the details of how to secure your backups. Continue Reading
-
Podcast
17 May 2018
Risk & Repeat: Why Ray Ozzie's Clear proposal isn't so clear
In this week's Risk & Repeat podcast, SearchSecurity editors discuss Ray Ozzie's solution for going dark, known as Clear, and what infosec experts are saying about it. Continue Reading
-
Feature
10 May 2018
SOC services: How to find the right provider for your company
SOCs are the latest services you can now outsource rather than build in-house. But should you entrust them to a third party? Yes—but make sure you know how to pick the best. Continue Reading
-
Tip
23 Apr 2018
Spectre and Meltdown vulnerabilities show haste makes waste
When the Meltdown and Spectre vulnerabilities came to light, everyone scrambled to find a fix. As a result, the patching process has been anything but smooth. Continue Reading
-
News
06 Apr 2018
Misconfigured cloud storage leaves 1.5B files exposed
Researchers found misconfigured cloud storage across multiple platforms left huge amounts of data exposed, including medical information and payroll data. Continue Reading
-
Tip
06 Apr 2018
Zero-trust model promises increased security, decreased risk
The zero-trust model takes focused and sustained effort, but promises to improve most companies' risk posture. Learn what it takes to get the most out of zero trust. Continue Reading
-
Tip
11 Jan 2018
Guard the line with Windows Defender features
The Windows 10 Fall Creators Update took Windows 10 security up a notch by adding advanced features to Windows Defender, including Application Guard and Exploit Guard. Continue Reading
-
Answer
26 Dec 2017
What is emotional data and what are the related privacy risks?
SearchSecurity talks with UC Berkeley professor Steven Weber about the concept of emotional data, where it comes from and how it can potentially be used -- and abused. Continue Reading
-
Opinion
02 Oct 2017
No customer data leaks? Companies look down the rabbit hole
When Yahoo finally disclosed a massive 2014 data breach to up to five hundred million affected account holders in September 2016, some already had legal representation. Continue Reading
-
Feature
15 Sep 2017
Symantec Data Loss Prevention: Product overview
Expert Bill Hayes checks out the Symantec Data Loss Prevention suite, featuring an architecture consisting of content-aware detection servers, endpoint agents and unified management. Continue Reading
-
Guide
21 Jul 2017
What data loss prevention systems and tactics can do now
Setting up systems to preventing data loss is a must for companies of all sizes. Learn the basics of and what's new in data loss prevention and how to keep your DLP system humming. Continue Reading
-
Tip
20 Jul 2017
Tools to transfer large files: How to find and buy the best
Need to transfer files within headquarters or between branches? Managed file transfer tools now offer some interesting new features. Continue Reading
-
News
14 Jul 2017
AWS S3 bucket leak exposes millions of Verizon customers' data
News roundup: An AWS S3 bucket leak containing personal data of millions of Verizon customers was exposed to the public. Plus, DNC hack victims are suing the Trump campaign, and more. Continue Reading
-
Tip
11 Jul 2017
Tactics for security threat analysis tools and better protection
Threat analysis tools need to be in top form to counter a deluge of deadly security issues. Here are tips for getting the most from your analytics tool. Continue Reading
-
E-Zine
10 Jul 2017
The best endpoint security practices are evolving and essential
Ever since the first mobile device hit the enterprise network, best endpoint security practices have been a major IT concern. What's happened since then has been a staggering proliferation of the number and types of devices on the network, complicated by increasing numbers of mobile and remote corporate employees, all of which have essentially ended the traditional idea of a corporate network security perimeter. Firewalls and other more traditional security appliances may still be in use, and rightly so, but endpoint security management is more critical than ever in keeping enterprise systems and data safe from malicious actors.
The summer Insider Edition, our Information Security magazine quarterly e-zine, looks at what's new in endpoint security management, from the best endpoint security tools to consider now, and what other efforts beyond tools infosec pros can employ to best secure all those pesky mobile endpoints wandering in and out of corporate corridors.
This Insider Edition offers expert assessments on the endpoint security technology vendors have developed to combat mutating ransomware like WannaCry -- from machine learning to multivendor partnerships to behavior analytics. Also included is an exploration of mobile endpoint security tools like application containers and app wrapping. CISOs must focus now on how the threats, and the technological advances to fight them, are changing and factor these considerations into any endpoint security strategy.
Readers will come away with a deeper understanding of the best endpoint security tools and techniques available and be able to consider the most advanced approaches available to locking down the company data and systems that endpoints can access.
Continue Reading -
Feature
10 Jul 2017
Advanced endpoint protection takes on the latest exploits
Advanced endpoint protection is arriving from all quarters -- machine learning, crafty sandboxes, behavior analytics. Learn how tech advances are being applied to endpoints. Continue Reading
-
Opinion
10 Jul 2017
Do thoughts of your least secure endpoint keep you up at night?
Some days, 'secure endpoint' feels like an oxymoron, but that soon may change. From smart sandboxes to advanced behavior analytics, learn what's new in endpoint security technologies. Continue Reading
-
Podcast
29 Jun 2017
Risk & Repeat: RNC voter database left open to the public
In this week's Risk & Repeat podcast, SearchSecurity editors discuss how the Republican National Committee's voter database was accidentally exposed in an Amazon S3 bucket. Continue Reading
-
Feature
23 May 2017
Learn what breach detection system is best for your network
Breach detection systems are essential in these days of machine learning and artificial intellingence. Learn how to identify the features and functions your network needs. Continue Reading
-
Tip
03 Apr 2017
User behavior analytics: Building a business case for enterprises
User behavior analytics can be beneficial to enterprises, but there are complexities involved. Expert Ajay Kumar explains what companies should know about this new technology. Continue Reading
-
Tip
30 Mar 2017
1024-bit encryption keys: How 'trapdoored' primes have caused insecurity
Encryption algorithms using 1024-bit keys are no longer secure, due to the emergence of 'trapdoored' primes. Expert Michael Cobb explains how the encryption backdoor works. Continue Reading
-
Security School
14 Mar 2017
Securing big data is a growing infosec responsibility
Learn the ins and out of securing big data, from the key risks facing big data environments to the skills infosec pros need to master to handle this growing responsibility. Continue Reading
-
Podcast
22 Feb 2017
Top three steps to ensure security in big data environments
Ensuring security in big data implementations remains a problem for most enterprises. Learn about the reasons why this is, and how your company can protect sensitive data. Continue Reading
-
Answer
02 Feb 2017
What are the best anti-network reconnaissance tools for Linux systems?
Anti-network reconnaissance tools can prevent attackers from getting access to system information. Expert Judith Myerson goes over the best enterprise options. Continue Reading
-
Feature
11 Oct 2016
Splunk Enterprise Security: Product overview
Expert Dan Sullivan explores how Splunk Enterprise Security uses big data security analytics to incorporate multiple methods of data integration to identify malicious events. Continue Reading
-
Answer
05 Oct 2016
How would a cyberattack information database affect companies?
A proposed cyberattack information database in the U.K. aims to improve cyberinsurance. Expert Mike Chapple explains what collecting data breach information means for U.S. companies. Continue Reading
-
Feature
15 Sep 2016
RSA NetWitness Logs and Packets: Security analytics product overview
Expert Dan Sullivan examines RSA's NetWitness Logs and Packets, security analytics tools that collect and review logs, packets and behavior to detect enterprise threats. Continue Reading
-
Feature
24 Aug 2016
Blue Coat Security Analytics Platform: Product overview
Expert Dan Sullivan takes a look at the Blue Coat Security Analytics Platform, which is designed to capture comprehensive network information and apply targeted security analytics. Continue Reading
-
Feature
17 Feb 2016
Comparing the top big data security analytics tools
Expert Dan Sullivan compares how the top-rated big data security analytics tools measure up against each other to help you select the right one for your organization. Continue Reading
-
Feature
17 Nov 2015
Introduction to big data security analytics in the enterprise
Expert Dan Sullivan explains what big data security analytics is and how these tools are applied to security monitoring to enable broader and more in-depth event analysis for better enterprise protection. Continue Reading
-
Feature
27 Oct 2015
Vormetric Transparent Encryption: Product overview
Expert Ed Tittel takes a look at Vormetric Transparent Encryption, a component of Vormetric's Data Security Platform that encrypts data and does access control for that data. Continue Reading
-
Feature
27 Oct 2015
HP Security Voltage's SecureData Enterprise: Product overview
Expert Ed Tittel examines SecureData Enterprise, which is a part of the HP Security Voltage platform, a scalable database security product that encrypts both structured and unstructured data, tokenizing data to prevent viewing and more. Continue Reading
-
Feature
25 Oct 2015
Protegrity Database Protector: Database security tool overview
Expert Ed Tittel examines Protegrity Database Protector, a database security add-on product that provides column- and field-level protection of confidential and sensitive data stored in nearly any type of relational database. Continue Reading
-
Feature
25 Oct 2015
McAfee Database Activity Monitoring: Database security tool overview
Expert Ed Tittel takes a look at McAfee Database Activity Monitoring and McAfee Vulnerability Manager for Databases to see how they protect enterprises' databases and corporate data. Continue Reading
-
Feature
25 Oct 2015
Imperva SecureSphere: Database security tool overview
Expert Ed Tittel examines Imperva SecureSphere Database Activity Monitoring and Database Assessment, products that are deployed as an inline bridge or as a lightweight agent to assess and monitor local database access. Continue Reading
-
Feature
25 Oct 2015
IBM Guardium: Database security tool overview
Expert Ed Tittel examines IBM Guardium, a security product that offers continuous, real-time, policy-based monitoring of database activities. Continue Reading
-
Feature
13 Aug 2015
Comparing the top database security tools
Expert Ed Tittel examines the strengths and weaknesses of top-rated database security tools -- from database activity monitoring to transparent database encryption -- to help enterprises make the right purchasing decision. Continue Reading
-
Feature
16 Jun 2015
Introduction to database security tools for the enterprise
Expert Adrian Lane explains why database security tools play a significant, if not the majority, role in protecting data in the enterprise data center. Continue Reading
-
Feature
26 May 2015
Six criteria for procuring security analytics software
Security analytics software can be beneficial to enterprises. Expert Dan Sullivan explains how to select the right product to fit your organization's needs. Continue Reading
-
Feature
23 Mar 2015
Introduction to security analytics tools in the enterprise
Expert Dan Sullivan explains how security analysis and analytics tools work, and how they provide enterprises with valuable information about impending attacks or threats. Continue Reading
-
Feature
01 Aug 2014
The NoSQL challenge: What's in store for big data and security
Big data offers horizontal scalability, but how do you get your database security to scale along with it? Continue Reading
-
Tip
22 Jul 2014
Big data security analytics: Facebook's ThreatData framework
Expert Kevin Beaver explains how enterprises can take a page from Facebook's ThreatData framework security analytics to boost enterprise defense. Continue Reading
-
Feature
26 Feb 2013
Managing big data privacy concerns: Tactics for proactive enterprises
The growing use of big data analytics has created big data privacy concerns, yet viable tactics exist for proactive enterprises to help companies get smarter while keeping consumers happy. Continue Reading
-
Tip
08 Jan 2013
Windows Server 2012 security: Is it time to upgrade?
Expert Michael Cobb wades through the security features of Windows Server 2012 to find out what's new and beneficial in Microsoft's latest release. Continue Reading
-
Answer
17 Oct 2011
Comparing relational database security and NoSQL security
In this introduction to database security, expert Michael Cobb explains the differences between relational database and NoSQL security. Continue Reading
-
Tip
05 Nov 2010
Outsourcing data center services: SMB security best practices
Learn best practices for outsourcing data center services and about the security and compliance considerations that influence whether an SMB should outsource data center services. Continue Reading
-
Tip
18 Oct 2010
Data classification best practices in financial services
Data classification is critical in the highly regulated financial industry. Learn key steps for data classification. Continue Reading
-
Tip
14 Jun 2010
Your USB port management options
When it comes to managing USB ports, the choice is yours. Mike Chapple reviews your three best options. Continue Reading