No one hides in a bunker for five months to avoid cold-and-flu season. And most people wouldn’t confine themselves to bed for four weeks over a sprained ankle. It would be ridiculous to disrupt your life to such degrees. You’ve got stuff to do. So you bulk up on hand sanitizer or elastic bandages and... more
RSA Week is that hallowed time of the year when every security professional seeks to learn and discover the latest technology and tricks of the trade that allow them to be more efficient at their jobs. I would like to propose a simple yet holistic solution to their perennial problem – detect and protect. Discover: ... more
In my previous blog on The Importance of Test Data Management for DevOps Part 1, I discussed how Test Data Management tools complement test management and automation tools to support DevOps. I discussed the following key capabilities of Test Data Management that fills the gaps left by test automation solutions: Sensitive Data Protection Test data... more
Now that the European Union has passed the General Data Protection Regulation (GDPR) many Communications Service Providers (CSPs) are taking steps to ensure they are ready for the regulations and protected from the risk of a data breach. In general the telecoms industry has been focused on security for a long time but the focus... more
Have you ever tried to read out a credit card number from your credit card statement? You can’t. Give it a try. Why did we fail to read 16-digit numbers from our own statement? Because the statement report has obscured some or all of the 16 digits. In the data security world, the mechanism of... more
A common misconception within the data community is that encryption is considered a form of data masking. Even worse is that there are some that erroneously identify both as one and the same. Data masking and Data encryption are two technically distinct processes. Encryption at the field level is considered a data masking function. There are many... more
Did you spell out the heading of this post correctly? I bet you did not. I am talking about “opjuqzsdof bube vs da** ma*****”. Let’s move ahead and we will revisit it again. The main agenda of this post is to understand the intricacy of this jumbled and starred raw text. In the data security... more
When trying to protect your data from the nefarious souls that would like access to it (?), there are several options available that apply to very specific use cases. In order for us to talk about the different solutions – it is important to define all of the terms: PII – Personally Identifiable Information –... more
To determine what is the appropriate sensitive data protection method to use, you should first answer the following questions regarding the requirements: Do you need to protect data at rest (in storage), during transmission, and/or when accessed? Do some privileged users still need the ability to view the original sensitive data or does sensitive data... more
I’m often asked to share my thoughts about protecting sensitive data. The questions that typically come up include: Which types of data should be protected? Which data should be classified as “sensitive?” Where is this sensitive data located? Which groups of users should have access to this data? Because these questions come up frequently, it... more