The familiar line from World War II is as relevant today as it was 65 years ago. The release of confidential information can have a devastating impact on an organization. In the normal course of doing business critical information will leak out into the wild. This may occur intentionally or unintentionally, but either way it is critical to know that a breach occurred at the earliest possible moment. Data Loss Detection enables companies to routinely perform customized profile searches that detect specific information on internet sites. The search crawler detects confidential data, files, posts and discussions that should not be in the public domain. Read More
Let’s Just Call It A Service
The world of ____ (fill in the blank) as a Service is exploding. Especially the acronyms. Here are just a few:
- Software as a Service
- Platform as a Service
- Infrastructure as a Service
- Communication as a Service
- Security as a Service
- Everything as a Service
And how about Software + Services? Last week I had a plumber come to my house to replace a corroded valve in my basement. I could say I bought Plumbing as a Service (another PaaS). When I pay my electric bill, I buy Electricity as a Service. And when I pay my cable and internet bill, maybe I am buying Fun as a Service.
Read More
Another day, another breach
Sounds like a bad title for a movie, but unfortunately it seems to be business as usual for companies and the US government. A recent Inspector General audit came out showing that some Department of Defense (DoD) groups didn’t scrub data from computers before disposing of them. Sensitive information might get into the wild and either compromise DoD security or result in identity theft. Read More
Lack of computer skills may cause data leaks
A lot of security problems are attributed to insider threats. A lot of it may be due to the oops factor; we do it accidentally. Most of us don’t willingly comprise our company or personal security, but sometimes it happens because of a lack of knowledge.Read More
Privacy and Social Media
Sounds like an oxymoron, but this debate has been raging since the words social media popped into the ether. “Don’t tell people anything or someone will get you” sounds like the old story of the boogeyman in your closet. There of course is a legitimate concern about giving details of your private life away so people can steal things or harm you. But how about in the business world?Read More
SaaS and Higher Ed
I was listening to a podcast on Why the Internet will NOT tear apart colleges and I started thinking about using SaaS in Higher Education. The podcast said people are worried that using Internet technologies will make going to college obsolete. If I can do e-learning over the web, why bother going to some buildings to get an education? They pointed out that there is a lot more to going to college than ingesting information. Living away from home, maturing as a person, doing research in a lab, collaborating on projects, attending sports games and socializing are just a few of the benefits of actually being at a college.Read More
Private cloud is an oxymoron
In Phil Wainewright’s recent column Survival of the fit-most he talks about sharing and collaboration on the Web versus keeping things private. The essence and value of the internet is to make it easy to share information and collaborate. People and businesses benefit most when we collaborate. Many cloud and SaaS providers are providing a private cloud solution for customers who are skittish about moving applications to the cloud. This seems to be a reversal of the benefits of cloud computing and SaaS. If I create a private cloud in my data center using virtualization, is it really a cloud?Read More
Track it before it gets into the wild
I was reading an article in Information Week entitled 5 Security Lessons From Real-World Data Breaches that talks about data security and how companies can harden their external and internal defenses. There was a lot of good information about security infrastructure, including firewalls, network intrusion systems, data loss prevention tools and numerous others. Most of these tools address data at rest or data in transit. They tend to exclude data in use.
What is data in use? It’s what it sounds like. If a hacker steals a document by exploiting inadequate defenses, they now can use the data they stole. Most people focus on making sure the data doesn’t get out in the wild, but what do you do when it does. Encryption techniques help ensure that if a sensitive document gets out, it is unusable by the hacker. Read More
GMail, SaaS and Choice
Yesterday GMail went down for about 1.5 hours. If you followed this on Twitter, you thought the world had ended. It was all over CNN, MSNBC and numerous other media outlets. According to the GMail blog, the outage affected the web interface to GMail, not POP3 or IMAP clients. People accessing GMail through their iPhones or Blackberrys were also fine. The outage was because of some routine maintenance that overloaded a few of the routers. Read More
Sending secure emails
I spent this week training on Fasoo’s Enterprise Digital Rights Management products. Each product helps protect documents at rest, in transit and in use. The last one is the most important since most organizations don’t know what happens to a document once it leaves their four walls. The class had a great time trying to come up with real world scenarios to test out; we also tried to break things.Read More