Last week, I once again had the pleasure and privilege of attending the RSA Conference in San Francisco. I heard estimates of a record breaking 40,000 attendees. It didn’t seem much busier than previous years but as another participant pointed out to me, that might be because it was better organized, with pre-registration for the sessions, this year. This year I focused my sessions on the Cloud.
Just imagine that day one at WinMagic started with the arrival of an innocuous letter from yet another company who had “lost” my personal data. How ironic!
I’ve known about WinMagic for two decades, most of that time I considered them a deadly competitor – in the data protection space, my company, SafeBoot and WinMagic were two of the “big four” leaders – yet despite vying for the same customers WinMagic and SafeBoot had a cordial relationship, in fact I must confess I was always envious of their ability to launch new features way faster than I could, and in exchange, in the early days the WinMagic team were envious of my sales reach.
The RSA Conference began in 1991 as a forum for cryptographers to gather and share the latest industry knowledge. In 1997 – just 6 years later – WinMagic launched into the data security market – offering software full disk encryption. Since then, similar to the RSA Conference agenda, WinMagic has continued to push the art of security forward, bringing encryption and intelligent key management to new markets and new heights. As we celebrate our 20th year anniversary, we have the same mindset we had when we started out – to protect data no matter where it resides. However now, more so than ever, data has become the lifeblood of the modern world – from banking to education – it’s everywhere. And the surface area of data has expanded across a wide variety of devices, platforms and operating systems, making it more and more difficult to secure.
Data Privacy Day is a reminder that the privacy of data – corporate and personal – increases in importance year after year. And it’s amazing that this year, on January 28th, Data Privacy Day turns 10. You may recall another interesting announcement that occurred in January 2007 – the introduction of the Apple iPhone. Perhaps this was sheer coincidence, or maybe this was the foresight to know that the dawn of rapid data collection and sharing by individuals was about to create an evolution of data security challenges we’d never witnessed before.
Today’s IT leaders have to ensure that desktops, laptops, and tablets are secure, which is not any easy feat when they all run on different operating systems – and that is just the beginning. As most organizations move to the cloud, there is a new set of security considerations to tackle. An organization needs to ensure that every confidential piece of data is protected no matter where it resides.
‘Tis the season to be jolly! We wanted to share the 5 best seasonal posts about security to help everyone stay safe because this is, unfortunately, also the season where Cyber criminals take advantage of unsuspecting people. So let’s make data protection a priority, and end this year on a high note.
The EU General Data Protection Regulation was adopted in April 2016 and will, after two-years of transition, be applied starting May 2018. As we head fast into 2017, it would be easy to start thinking that there is still over a year left before your company must be compliant, but how much have you done to get ready in the last eight months? Probably in all reality, not as much as you would like.
Today is Black Friday. Many retail stores in North American have customers lining up outside for hours to get the best deals. In 2015, 74.2 million people shopped on this day for your great deals! And around 30% of annual retail sales happen during the Black Friday through Boxing Day season, according to the National Retail Federation. With all this excitement of dropping prices and advertising to invite consumers to your stores, you are also potentially inviting cyber criminals that have been waiting for an opportunity to get information on your consumer data.
There are many Encryption Challenges in the Tech world today. We know that encryption is one of the fastest emerging data security options today. An increasing number of organizations worldwide are adopting encryption to address the growing concerns of data safety and data privacy for compliance regulations. Data Encryption is a time-tested tool that can severely hinder attackers in their goal to steal confidential user and customer data, trade secrets, and more. In addition, to the complex regulations, the increasing adoption of new technologies such as mobility, cloud and virtualization have also found the need for encryption more than ever before.
If you have been following our blogs you know that the ideal FDE architecture has two main components. The actual encryption component is a separate layer from the key management. The encryption can be done by the OS (e.g. BitLocker for Windows or FileVault2 for Mac), by Self-Encrypting Drives (SEDs) or by ISVs such as WinMagic’s FIPS140-2 validated software cryptographic engine.
If you’re like most people, you use tools like DropBox or Box to send and share your files via the Cloud. But how do you know that the files you share via these tools are safe? Do you trust the Cloud service provider and the security measures they’ve put in place? How sure are you that these security measures are foolproof?
In a previous blog I wrote that at Black Hat Europe 2015, two forensics experts from KPMG Canada presented their findings in a presentation titled “Bypassing Self-Encrypting Drives (SED) in Enterprise Environments”.
When you move into a new place, one of the first things you do is change all the locks. It’s important to your sense of security that you control who has access to your home. Changing the locks just makes logical and practical sense. This same logic should also be applied to your business thinking when you are looking to secure your sensitive information in a new environment or an environment you don’t fully control.