Data Loss Prevention
SAFECode Releases Software Security Guidance for Agile Practitioners – Podcast #238
Software security industry consortium SAFECode recently released a comprehensive set of guidelines and tools for software developers everywhere employing Agile software development methods. SAFECode members Reeny Sohndi of EMC and Edward Bonver of Symantec talk through the highlights and numerous benefits of SAFECode’s latest “Software Security Guidance for Agile Practitioners” white paper.
Enhancing Security Controls Using RSA Solutions with Microsoft Windows Server 2012
By Matthew Gardiner, Sr. Manager, RSA Unless you have been hiding under a rock in another universe, you are aware that Microsoft is soon to be releasing the latest major round of the Windows franchise, namely Windows 8 and its cousin Windows Server 2012. In fact at the upcoming TechEd North America 2012, this latest [...]
Time to Change the Game Plan on DLP
I was at a customer event recently and was party to a discussion on the ‘disappointment’ or disillusionment in deploying Data Loss Prevention and comments like ‘well, it just doesn’t do what it’s supposed to do’ or ‘it’s too tricky to deploy’. Well, the truth is DLP technology is not something that comes off the shelf in a one size fits all package. Here are the things DLP is not going to do for you:
Learning to cook – Bake a Trusted Cloud Part 2
Proving that physical and virtual infrastructure of the cloud can be trusted can be prohibitively difficult, especially when it comes to cloud services from external service providers. Verifying secure conditions in the foundations of the cloud is important for a simple reason: If organizations can’t trust the safety of their computing infrastructure, the security of all the information, applications and services running on top of that falls into doubt.
Time to Push the Reset Button?
Payment security is back in the public eye with the recent disclosure of a cardholder data breach at a leading US payment processor. While initial reaction to this latest incident has been unfortunately predictable, characterized by plenty of uninformed speculation, outrage, and a general lack of understanding of the workings of the payments industry, the story that is ultimately written about this latest incident might be one that is completely unexpected.
SOC Analysts as African Safari Guides
The SOC analysts’ goal is to hunt for malware, rogue insiders, misplaced sensitive data, advanced attacks, and other threats on a huge enterprise network terrain and help to guide-in colleagues to execute the digital hunt. Successful SOC analysts do this by leveraging their experience and their understanding of sensitive corporate systems and data, and by constantly surveying their environment, looking at tracks (logs), keeping in contact with the global security community (via various feeds and Websites), and even using a form of video surveillance (full network packet capture) to see where the “animals” are lurking, in as close to real-time as possible.
Protecting IP with RSA DLP Policy Workflow Manager
Whether its data that’s governed by regulations or vital to a company’s competitive advantage, every organization has information they’d like to protect from outsiders. One logical place to start when looking to protect this information is with a Data Loss Prevention (DLP) tool. But, what many companies struggle with is how to figure out what information is sensitive for different groups and how it should be handled. Everyone knows that there is highly sensitive data across the organization that needs to be protected, but how do business managers let the IT security team know what specific data needs to be protected?
