encryption

Data Protection Thrives on a Comprehensive Approach to Security

Published January 22, 2017 | By Dan Blum

Data protection requires effectively coordinating good practices across many security domains. It is actually a large subset of the overall security program. Take a look:

If you’re familiar with Security Architects Partners, you’ll know we’re both broad and deep in… Continue reading →

Posted in Dan Blum | Tagged data protection, DLP, encryption, IAM, identity management, PAM, privileged access management, tokenization

CASB from the Horse’s Mouth

Published March 3, 2016 | By Dan Blum

CASB as a market was born of Neil MacDonald’s Gartner research notes. It’s grown to comprise 20-30 very different types of vendors. According to MacDonald, the CASB crew is already pulling down an estimated $180 million in annual revenue.… Continue reading →

Posted in Dan Blum | Tagged CASB, cloud security, DLP, encryption

Can the CASB Unify Cloud Security Policy Enforcement?

Published February 25, 2016 | By Dan Blum

The Cloud Access Security Broker (CASB) is an architectural concept become an over-sized security market category. Many of the pieces in the CASB model are necessary for coherent cloud security policy enforcement. But is a unified CASB solution as presently… Continue reading →

Posted in Dan Blum | Tagged CASB, cloud security, encryption, identity management, SWG

Building Up Data-at-Rest Encryption

Published January 9, 2016 | By Dan Blum

Previously, Security Architects Partners posted “Is there a Gold Standard for Data-At-Rest Encryption?” We noted that enterprises are under pressure to encrypt data, but the compliance landscape is confusing and the risks or threats actually mitigated through cryptography… Continue reading →

Posted in Dan Blum | Tagged cryptography, data-at-rest encryption, encryption

Does Size Matter? AES 128-Bit Encryption is (Probably) Good Enough

Published November 9, 2015 | By Dan Blum

Recently, I was asked to opine on whether AES 128-bit encryption was adequate, or if the customer’s cryptography standard should require 256-bit operation.

Source: Wikipedia – “SubBytes – one of the four rounds of AES”

Background

I’m not a… Continue reading →

Posted in Dan Blum | Tagged cryptography, encryption

Safe Harbor is Dead – Now What?

Published October 6, 2015 | By Dan Blum

Tuesday October 6, 2015 the European Court of Justice struck down Safe Harbor, an international agreement that allowed companies to move digital information between the the United States and Europe. According to a New York Times article, “… Continue reading →

Posted in Uncategorized | Tagged CASBs, encryption, identity management, privacy

Encryption Isn’t a Silver Bullet

Published July 6, 2015 | By Dan Blum

Last week’s encryption gold standard post has a nice reference model for encryption, but it neglects to explain that encryption isn’t the be-all, end-all solution for data protection. If you’re not careful, encryption can be a… Continue reading →

Posted in Dan Blum | Tagged encryption, identity management

Is there a Gold Standard for Data-at-Rest Encryption?

Published June 25, 2015 | By Dan Blum

So you had a breach – was your data encrypted? NO? Let the media shaming and lawsuits begin. So it has gone with recent breaches, and many organizations are responding with new encryption projects. Summary of discussion: Encrypt… Continue reading →

Posted in Dan Blum | Tagged database encryption, encryption, FDE, privacy

Encryption Probably Wouldn’t Have Prevented the Anthem Breach

Published February 14, 2015 | By Dan Blum

Anthem’s announcement of a breach to 80 million customer medical identity records in early February motivates an update to my After the Breach series and my 10-year U.S. breach table. The series is also morphing into… Continue reading →

Posted in Dan Blum | Tagged Anthem, APT, breach, encryption, privileged identity management

encryption

Source: Wikipedia – “SubBytes – one of the four rounds of AES”

Subscribe to Blog Notifications... HERE