Data Protection Thrives on a Comprehensive Approach to Security
Data protection requires effectively coordinating good practices across many security domains. It is actually a large subset of the overall security program. Take a look:
If you’re familiar with Security Architects Partners, you’ll know we’re both broad and deep in… Continue reading
CASB from the Horse’s Mouth
CASB as a market was born of Neil MacDonald’s Gartner research notes. It’s grown to comprise 20-30 very different types of vendors. According to MacDonald, the CASB crew is already pulling down an estimated $180 million in annual revenue.… Continue reading
Can the CASB Unify Cloud Security Policy Enforcement?
The Cloud Access Security Broker (CASB) is an architectural concept become an over-sized security market category. Many of the pieces in the CASB model are necessary for coherent cloud security policy enforcement. But is a unified CASB solution as presently… Continue reading
Building Up Data-at-Rest Encryption
Previously, Security Architects Partners posted “Is there a Gold Standard for Data-At-Rest Encryption?” We noted that enterprises are under pressure to encrypt data, but the compliance landscape is confusing and the risks or threats actually mitigated through cryptography… Continue reading
Does Size Matter? AES 128-Bit Encryption is (Probably) Good Enough
Recently, I was asked to opine on whether AES 128-bit encryption was adequate, or if the customer’s cryptography standard should require 256-bit operation.
Source: Wikipedia – “SubBytes – one of the four rounds of AES”
Background
I’m not a… Continue reading
Safe Harbor is Dead – Now What?
Tuesday October 6, 2015 the European Court of Justice struck down Safe Harbor, an international agreement that allowed companies to move digital information between the the United States and Europe. According to a New York Times article, “… Continue reading
Encryption Isn’t a Silver Bullet
Is there a Gold Standard for Data-at-Rest Encryption?
So you had a breach – was your data encrypted? NO? Let the media shaming and lawsuits begin. So it has gone with recent breaches, and many organizations are responding with new encryption projects. Summary of discussion: Encrypt… Continue reading