We get a lot of questions and concerns around encryption and how the implementation will affect the organization. Although people recognize the benefits of encryption, there are a lot of misconceptions around the notion of encryption and its impact within an organization. It’s not to say that these misconceptions hadn’t been true once upon a time but with the evolution of technology, many of these “facts” have truly turned into something of the past.
We have seen large password hacks recently including: LinkedIn, eHarmony, and Yahoo. Hacks so large some in the industry call this the Password Wars. Unfortunately for the general public—we are losing. However, before the trumpets play, let’s give them a fight. Our feature blogger Darren Leroux has touched on this subject before and inspired me to really take a look at innovations that may change the way you secure your information.
The TCG is hosting its annual security workshop at the RSA Security Conference on Mon Feb 25th in San Francisco. I have attended for the last 5 years and always found the panels and speakers well worth the time invested to attend.
As Data breaches become more and more prevalent in today’s world it is worthwhile for Marketing and IT departments to band together to make a case for the implementation of full disk encryption in an effort to protect both privacy issues as well as brand equity. In my experience, most stakeholders understand data breaches can and should be avoided; but if they do occur, and and organization is viewed as having inadequate protection of customer and employee records, stakeholders and the public at large can be ruthlessly unforgiving. That’s where the rubber meets the road and companies can suffer a significant bottom-line impact of brand deterioration.
WinMagic has a long and successful history of data encryption – pretty sure I’ve said this before. One of the key things we work to ensure is compliance and certification with things such as the Cryptographic Module Validation Program (CMVP) which is managed by the National Institute of Standards and Technology (NIST).
Late last year we introduced SecureDoc 6.1 and introduced a whole host of new features including MDM, FileVault 2 management capabilities, a Web-based console and more. As with any new release there are kinks that can be worked out and we’ve been working hard to address any minor bugs customers have noticed.
Much like January marks the annual tradition of consumer electronics companies embarking on a trip to Las Vegas for the mother of all technology tradeshows, February is the time of year all security companies gather together in San Francisco for the RSA Conference.
Learning a multiplicity of acronyms is pretty much a requirement for navigating any discipline. Every field has its own set of acronyms and the sequence of 3 or 4 letters that usually make up the acronym most likely has a completely different meaning from discipline to discipline. Even within a discipline it is common to see the acronyms muddled together.
If you have been reading the various blog posts we’ve published over that past few months you’ve seen us talk about: smart cards, cloud computing security, BYOD, MDM, FDE, FEE and more. What we really haven’t delved into is one of the main differentiators we offer in the market and the fact no one has be able to offer the same level of security – Pre-Boot Network-Based Authentication.
I know I’m a little late to the party, but recently I’ve been giving more and more thought to the passwords I use to access the various sites and tools I use on a day to day basis. The main reason I started thinking about this is because of Google’s introduction of the 2-step verification process and a recent article in Wired in which Google has declared ‘war’ on the Password.
Earlier this month I wrote a blog about it being ‘A new year, same mistakes.’ Little did I know that things would continue to snowball with more data breaches – specifically in Canada – happening as a result of unsecured removable media.
There are plenty of ways to secure data and all have pretty acronyms: Full Disk Encryption (FDE), File and Folder Encryption (FFE), Removable Media Encryption (RME) and so on. These three are the ‘meat’ of any good encryption solution. The question an organization has to ask itself is – which is best for me?
There’s nothing like being melodramatic at the beginning of the week. Today Gartner Inc. released the latest worldwide PC shipment numbers and it looks like things are declining. Gartner is attributing much of this decline to a shift to Tablet devices.
In a previous post, Rethinking Data Security in the Public Cloud, I alluded to a Private Cloud management post. So in spirit of SecureDoc Version 6.1—let’s talk Private Cloud (or #PrivateCloud to all of you Twitter geeks like me).
It’s always interesting to get into the Mac vs. Windows debate as it relates to the Enterprise. For the longest time, the corporate IT stack was predominately Windows-based, but not any more. With the introduction of the iPhone and iPad, Apple has seen its reach within the enterprise slowly grow over the past few years.
As I mentioned in my previous blog post, I used to run a small encryption team at a large organization before I came to work for WinMagic. One of the key responsibilities we had was to generate FISMA (Federal Information Security Management Act) compliance reports for NIST SP 800-53, AC-3 and SC-13 controls. What does that mean? Essentially, these are reports that ensure key security standard requirements are met within the organization for Government regulatory purposes.