The risks of data privacy, residency, security and regulatory compliance remain significant barriers to cloud adoption for many enterprises. While encryption seems like an obvious solution, historically the technology produced usability issues for cloud applications. To complicate matters, putting encryption into the hands of cloud service providers still left the enterprise open to risks such as insider fraud, hacking and disclosure demands from law enforcement.
Last October a large company revealed that an employee mistakenly sent an email to an unauthorized recipient containing the names and Social Security numbers of former employees. Six months earlier, a larage Texas university accidentally exposed personal information about as many as 4,000 alumni in an electronic file accidentally attached to an email sent to one person who had requested a transcript. That's just the tip of the iceberg in insider-triggered security breaches.
Any horror movie fan can tell you the scariest threats are the ones you don't see coming, and the same is true when it comes to threats to cloud data. IT has decades of experience protecting on-premise resources. Virtually no one has even one decade of experience running major SaaS applications, so we should be prepared for some surprises.
Earlier this week Richard Stiennon published an article that questions the value of risk management in IT, and I would argue that, although risk management presents challenges to IT, best practice-driven approaches leveraging aspects of risk management are essential to good security.
Concerned about sensitive corporate data that lives on employees' iPads finding their way to places they shouldn't? Symantec says it has an answer to that risk, and it won't get in users' way. In early 2012, it plans to deliver an extension to its data loss prevention (DLP) product that enables DLP filtering from the iPad or, more precisely, from files, emails, and any other communication sent via HTTP and HTTPS from an iPad through the network.
Australia’s data loss prevention and encryption vendors will no doubt be salivating at the Defence’s confirmation that a USB stick allegedly found by a radio announcer on a Qantas flight does indeed contain Defence information.
A major upgrade of ICT security is on the cards at Centrelink, with the welfare agency planning to implement data loss prevention (DLP) and endpoint protection (EP) for a whopping 28,000 users and 42,000 workstations.
Confidential information released via Wikileaks has sent governments around the world into a spin and put businesses on high alert but one Sydney-based software developer claims to have a solution to the perennial problem of data leakage.
The good, the bad and the ugly of data-loss prevention tools and technologies got a solid once over from Gartner analyst Eric Ouellet, who spared no punches during his presentation on the topic during the first day of Gartner's Security and Risk Management Summit.
Several years ago, Flextronics was struggling with a thorny security issue: figuring out how to prevent sensitive and proprietary information from going astray once it was in the hands of authorized users.
Websense Tuesday announced Triton, a unified security architecture, which merges its data-loss prevention and e-mail security products, keeping much of the security-as-a-service approach it already supports, but with a common management and reporting console.
Las Vegas: Microsoft CEO Steve Ballmer characterized the recent Sidekick data loss episode as "not good," and said he believes all the data will be recovered, but added that Microsoft will have to be more forthcoming in explaining to enterprise customers why a similar situation won’t occur with Microsoft’s online services.