PRE-BOOT AUTHENTICATION PAIN Let’s shift gears to pre-boot authentication (PBA). That’s the step in which the user first powers up their system and types in the authentication. They’re telling the system, “Yes, it really is me. Please continue booting and unlock all of the data.” However, if you’ve lived with a pre-boot system before, you know that it can have some real challenges. If it requires the user to learn a new step, or have a different password than they normally use, they’re typing on their domain. If there are IT processes that don’t have a pre-boot authentication step and then that system might apply patches because it can potentially get broken by the pre-boot authentication step. First of all, self-encrypting drives (SEDs) implement PBA a little differently from software based full disk encryption. It’s a little simpler to hook into. As a result, you have good SED management capabilities…
Read More »
SED? WHAT’S THAT? A self-encrypting drive (SED) is a disk that has built-in hardware-based encryption. It’s essentially a drive that is enabled to encrypt all the information that gets written to it and that encryption is done by specialized hardware that has a number of really important and significant implications for how to use it, where to use it, how to manage it and so on. They’re made by a number of manufacturers – Hitachi, Toshiba, Seagate, and Samsung, to name a few. There’s a number of organizations that are drive manufacturers that are building out their capability to supply self-encrypting drives. And the reason is that they are becoming very, very popular. Both from the perspective of people wanting to put them in, but also I think from the perspective of organizations looking at them for the first time or maybe coming back and revisiting them. The Trusted Computing…
Read More »
There are many inaccurate assumptions on the differences between software and hardware encryption, management and even the benefits. Self-encrypting drives (SEDs) can be an effective tool in your data protection arsenal. The launch of Credant Manager for Self-Encrypting Drives (part of Credant Enterprise Edition 7.3) was significant in a couple of ways, and it’s something I hear from both inside and outside the organization as our customers start to look at it and make plans to upgrade. The first is that it recognizes a growing trend in the IT security industry – the re-evaluation of hardware-based encryption like self-encrypting drives (SEDs) as not only a viable choice to keep data secure, but a sensible and economic one too. SEDs are very powerful tools, but like all security tools they need self-encrypting drive management, and it’s the lack of well integrated and simple to use management tools that has been partly…
Read More »
Let’s look at best practices for integrating BitLocker into your security solution, and how to do so as you plan your migration to Windows 7. A lot of organizations have either started or are starting to migrate to Windows 7. With that comes BitLocker – and I’ll take a look here at some of the strengths of BitLocker – and some of the areas to be aware of. I’d like to give you some tips and tricks as well, and some of the things that you ought to bear in mind as you plan for your BitLocker rollout, and as you plan for management of BitLocker within your broader security environment. WINDOWS 7 MIGRATION As I look at Windows 7 migrations and what’s happening in the market, in general, most organizations seem to be on about a 4 to 6 year cycle for refreshing hardware. That means there’s a lot of…
Read More »
So what does all this stuff mean? I’ve thrown a lot of numbers and stats at you. I think there are really three significant trends that we see when we talk to organizations about what are they worried about from a security perspective. First, we’ve got of all this change what traditional IT has to encompass. We’ve got Bring Your Own Devices, consumerization, virtualization and we’ve got cloud services. We have all of these things occurring right now and sort of churning the infrastructure of IT. All of those things are increasing the complexity of management of these systems and that’s not a good thing. We know that makes things harder to track. Harder to keep safe. Harder to report on and prove compliance. At the same time, the physical implantation of IT is changing. The way that the information is used is also changing. There’s an incredible increase in…
Read More »
Let’s get back to looking at some of the biggest perceived data threats coming our way in 2012. Data is now increasingly mobile, but that mobility is coming at a cost. Taking a look at the Department of Health and Human Services, 39 percent of all of the protective healthcare breaches covered by HIPAA and HITECH occurred on a laptop or other portable device. Naturally, more people are going to portable devices because they’re easy to move around and easy to move information to and from. However, they’re difficult to manage especially when they’re owned by someone other than the organization. And they’re very, very, very easy to lose. CREDANT recently conducted a hotel survey that found that of the thousands of devices that are lost, 81 percent are smart phones or tablets. Interestingly, 45 percent of lost devices were never claimed. Data is more readily lost and is extraordinarily…
Read More »
As we look down the road at what the next year holds, let’s take a look at the biggest perceived data threats in 2012. It’s hard not to think about Roland Emmerich’s movie 2012, but hopefully our predictions for potential threats will be a little less apocalyptic than the ones in the movie. Perhaps a little more sensible and realistic. There are some excellent reports out there on this topic – the Ponemon Institute released “The 2012 State of the Endpoint Report” and “Aftermath of a Data Breach.” Great resources. In general, confidence in security is not doing very well. Sixty-six percent of people, according to the studies, felt that they are not more secure than they have been in previous years or are at least unsure about their level of security. And, that may or may not be an accurate reflection of the reality. Maybe it’s in part…
Read More »
We’ve recently added some videos where I cover a number of the key questions we see coming up when we talk to both our current customers and organizations that are starting to think about the best approaches to protecting sensitive information. So the first question really revolves around the role of encryption in the event of a breach. As I say in the video it’s an unfortunate fact, but breaches are going to happen to even the best protected organization. Laptops get stolen, removable media gets lost, and people make mistakes. So the question then is, what happens next? And that’s where we see the real value of encryption. Because even if a breach occurs, encrypted data is still safe data. Encryption may not stop the breach from occurring, but it will certainly eliminate much of the pain (and cost) when one does. embedded by Embedded Video In the second…
Read More »
If you think the holiday shopping frenzy has died down until the day after Christmas, you may want to stay away from any sort of establishment where you receive things in exchange for cash or the swipe of a card. Because the truth is, you’re sadly mistaken. But, you’re not alone. Most holiday shoppers think that Black Friday is the busiest shopping day of the year, however, the weekend before Christmas Day is actually the busiest, with sales nearly four times as large as those on Black Friday. Let’s admit it: we’re a society of chronic procrastinators. So naturally, many people wait until the last couple of days in the holiday shopping season to buy gifts. Along with crowded department stores and jam-packed malls, Internet connections are getting a run for their money this time of year, too, whether shoppers are at home, in the office, or on the…
Read More »
One of the key responsibilities of a CFO is to identify the risks of an organization, assess the potential impact of these risks to the organization and weigh the costs and benefits of taking steps to minimize the risks. A typical example of this is insurance policies. There are risks to the organization due to workers compensation claims and property damage. As a result, CFOs commonly purchase insurance policies to minimize the risk of these activities having a negative impact to the organization. So how do CFOs view the risks of the data? Some of you may be questioning the “risk of data.” You may be saying: “Data is not a risk.” “It is the lifeblood of our company.” “Our IT organization spends lots of money to make sure people have access to the information they need to perform their job.” “The CIO or CISO is responsible for ensuring the protection of…
Read More »
RSS