No one hides in a bunker for five months to avoid cold-and-flu season. And most people wouldn’t confine themselves to bed for four weeks over a sprained ankle. It would be ridiculous to disrupt your life to such degrees. You’ve got stuff to do. So you bulk up on hand sanitizer or elastic bandages and... more
RSA Week is that hallowed time of the year when every security professional seeks to learn and discover the latest technology and tricks of the trade that allow them to be more efficient at their jobs. I would like to propose a simple yet holistic solution to their perennial problem – detect and protect. Discover: ... more
In my previous blog on The Importance of Test Data Management for DevOps Part 1, I discussed how Test Data Management tools complement test management and automation tools to support DevOps. I discussed the following key capabilities of Test Data Management that fills the gaps left by test automation solutions: Sensitive Data Protection Test data... more
Now that the European Union has passed the General Data Protection Regulation (GDPR) many Communications Service Providers (CSPs) are taking steps to ensure they are ready for the regulations and protected from the risk of a data breach. In general the telecoms industry has been focused on security for a long time but the focus... more
Have you ever tried to read out a credit card number from your credit card statement? You can’t. Give it a try. Why did we fail to read 16-digit numbers from our own statement? Because the statement report has obscured some or all of the 16 digits. In the data security world, the mechanism of... more
Updated 2021 by the data privacy team A common misconception among data governance and data privacy stewards when considering data anonymization solutions is that encryption for data security is a form of data masking. Data masking and data encryption are two technically distinct data privacy solutions. Data encryption, at the structured data field level, is a data... more
Updated 2021 by the data privacy team Introduction to data masking and data encryption Here’s a test: Are you able to obscure the heading of this post correctly using data encryption vs. data masking techniques? For example, “opjuqzsdof bube vs data ;8^)!#g.” Let’s move ahead and we will revisit it again. Of course, if you’re a... more
When trying to protect your data from the nefarious souls that would like access to it (?), there are several options available that apply to very specific use cases. In order for us to talk about the different solutions – it is important to define all of the terms: PII – Personally Identifiable Information –... more
To determine what is the appropriate sensitive data protection method to use, you should first answer the following questions regarding the requirements: Do you need to protect data at rest (in storage), during transmission, and/or when accessed? Do some privileged users still need the ability to view the original sensitive data or does sensitive data... more
I’m often asked to share my thoughts about protecting sensitive data. The questions that typically come up include: Which types of data should be protected? Which data should be classified as “sensitive?” Where is this sensitive data located? Which groups of users should have access to this data? Because these questions come up frequently, it... more