fbpx
 

Category: Security Assessments

How Data Loss Prevention Technology Can Help You

Data Loss Prevention (DLP) is one of the key IT security measures a company must undertake. DLP is one of the 20 Critical IT Security Controls that the nonprofit security training agency SAN recommends. A recent news item provides a great real life of how Nationwide Insurance used DLP technology to prevent an employee’s unlawful activities. Nationwide recently installed new monitoring software to prevent unlawful transmission of data by its employees. The software snagged Qiang “Michael” Bi, a 36-year old […]

Using Oracle Database Firewall

We’re all familiar with network firewalls, which prevent unauthorized access to your network from external sources. However, network firewalls don’t protect your databases from malicious attacks, which sometimes come disguised as privileged internal users. Web applications are a major source of data attacks, through stratagems such as SQL Injection, for example. Oracle’s Database Firewall (a product Oracle gained through its acquisition of Secerno, a British firm, in 2010) offers a solid defensive perimeter to monitor and enforce accepted behavior on […]

The New Ponemon Institute End Point Security Report

Ponemon Institute has just (Dec 2010) released a new State of Endpoint report (http://www.lumension.com/Media_Files/Documents/Marketing—Sales/Others/Ponemon—State-of-Endpoint-Risk.aspx). The study, sponsored by Lumension, reveals that a full 64 percent of the 570 respondents surveyed report that their networks are less secure than they were a year ago, or they aren’t sure. And 58 percent report that their security costs are increasing, with malware incidents being the main driver of the escalating costs. A very interesting thing to note is the fact that most IT […]

Data Loss Prevention

Data Loss Prevention (DLP) is something companies are devoting considerable attention to in recent years, and for good reason. DLP refers to efforts to keep confidential information from being leaked or stolen. Whether an employee sends secret documents and data to a rival or an employee accidentally exposes social security numbers on the wide open internet it’s all considered a failure of a company’s DLP efforts. DLP seeks to protect various types of data, including data relating to regulatory compliance, […]

What is Oracle Data Masking?

Oracle Data Masking is an Option offered for use with Oracle’s databases. Data masking provides a way to de-identify data. When might a company need to de-identify its data? Well, companies service their customers through data stored in their production databases. However, the production database isn’t the only place that sensitive data is stored. Almost every company supports its production databases with various data stores called testing, development or staging databases. Privacy and regulatory mandates call for securing and protecting […]

Oracle Advanced Security

Oracle Advanced Security (OAS) is an Option that you can purchase for your Oracle databases. What exactly can OAS do for you? There are two key things that you can do with OAS – encrypt what is called data “at rest” and data “in flight”. The data at test that OAS lets you protect is the data stored on your storage disks, whether they are in database storage or in backup storage. Since your database and backup data is stored […]

Breach Notification Laws

Data breach notification laws require companies to implement formal data breach notification polices that cover the procedures for incident reporting and external breach notification. Except just four states – Alabama, Kentucky, New Mexico and South Dakota, every state in the U.S. has passed a breach notification law in the recent past, following the lead of California’s landmark breach disclosure law in 2003. . Breach notification laws require companies to notify their customers about security breaches that involve personal information. Of […]

In Archive