Building Up Data-at-Rest Encryption
Previously, Security Architects Partners posted “Is there a Gold Standard for Data-At-Rest Encryption?” We noted that enterprises are under pressure to encrypt data, but the compliance landscape is confusing and the risks or threats actually mitigated through cryptography… Continue reading
Does Size Matter? AES 128-Bit Encryption is (Probably) Good Enough
Recently, I was asked to opine on whether AES 128-bit encryption was adequate, or if the customer’s cryptography standard should require 256-bit operation.
Source: Wikipedia – “SubBytes – one of the four rounds of AES”
Background
I’m not a… Continue reading
Certes Networks CryptoFlow Lays Security Overlay Atop Insecure Environments
Today, Certes Networks announced a new suite of CryptoFlow products, extending an enterprise security overlay capacity across mobile, cloud and external partner environments. Many enterprises are still struggling to make cybersecurity gains by implementing network zoning or segmentation within their… Continue reading
Token Bindings to Gear Up Authentication Assurance
In last year’s “Passwords are Overloaded, Not Dead” I voiced skepticism that security’s oldest construct would be replaced anytime soon. But many in the industry continue working to replace passwords, and while their marketing slogans may… Continue reading
Cloud Security for IaaS: From Vision to Reality with a Trend Micro Case Study
Cloud computing a la infrastructure-as-a-service (IaaS) has this ephemeral quality. High scale, replicated, virtualized, fast. Automated orchestras of workloads and storage volumes of data moving, copying, cloning at Netflix speed. In the wrong hands, so goes your data, so goes… Continue reading