It’s not as hard as you might think

I was reading an article from ITWorld this week that touched on the recent data breach at the South Carolina Department of Revenue. While I find this type of thing fascinating, I also find it scary when someone says something like this:

“The industry standard is that most SSNs are not encrypted… A lot of banks don’t encrypt, a lot of those agencies that you think might encrypt Social Security Numbers actually don’t, because it is very complicated. It is cumbersome and there’s a lot of numbers involved with it.” – South Carolina Governor Nikki Haley

Windows 8 is here! Now what?

As someone that’s worked in IT for the better part of 14 years, I’ve seen my fair share of product launches. When it comes to operating systems, it’s always a cyclical engine; big flurry of attention at launch followed by mixed reaction to the product.

Smart Cards, 10 Years Later – Part 2

In my last blog, I left off talking about the different forms of authentication and the abundance of solutions available to enable multi-factor authentication (based on the directive to increase security for user authentication into laptops).

Smart Cards, 10 Years Later – Part 1

Over the last decade we have seen technology advancements grow in all sectors.  For most of us, this is an “expectation” we look forward to:  what’s the next cool gadget this year and how does it work?  For businesses however, these new technologies are often viewed as:  a new requirement that we have to now meet in order to be compliant.  This usually means the solution is mandated to address one key design phase – “security”.  Security alone doesn’t advance technology; solutions must be innovative, easy to use, manageable, and sometimes even  cool!

Annual TCG Members Meeting: The Slow March of Progress

I attended the TCG (Trusted Computing Group) annual members meeting last week in beautiful Vancouver and thought I would share a couple of observations.

First of all, a little background – The TCG is an organization whose mandate is to set security standards for commercial use.  The scope ranges from small mobile devices to large disk drives used in the enterprise.  Key participants (about 100 in person this year) include: the PC OEMs (e.g. Lenovo, HP, Dell, etc.), OSVs (e.g. Microsoft), component manufacturers (e.g. disk drives, TPMs…), governments and ISVs.   That’s where WinMagic comes in.   We are an Independent Software Vendor and a member of the Storage Work Group (SWG).   The SWG is responsible for the “Opal” specification for self-encrypting hard drives (SEDs), as well as, the specification for the larger “enterprise” drives.

WinMagic Launches New Website – Faster, Better, Easier to Navigate

Last Wednesday, we officially launched our new WinMagic website and we’re very excited to have had some great feedback already, from our customers and partners around the globe.   Our new website features a complete redesign with an easier navigation structure to allow our visitors to find the content they are looking for quickly and easily.  We’ve also remodeled the WinMagic home page so that our most popular content relating to the latest and greatest in the security and encryption world is prominently displayed. 

Nothing is ever ‘free’

Last week I attended SC Congress in New York and did a presentation talking about the results of our study with the Ponemon Institute and the cost of data encryption solutions.

It was a good event, well attended and there was great turnout at the session I presented at. What really resonated though was the nodding heads when walking through the information. Engaging the audience is always important when presenting, but getting agreement on key findings and data in general, is always refreshing if not comforting. It helps validate what we did, why we did it and why we think it’s important.