Tag: Encryption

  • Encryption, a buzzword, not a silver bullet

    Encryption,  buzzword, not a silver bullet for protecting data on your servers. In order to determine how encryption fits into server data protection, consider 4 encryption components on the server side: passwords, tables, partitions and  inter-tier socket communications. In these 4 components of a application / database server encryption policy, note that some countermeasures are […]

  • Are passwords dead?

    A recent article on CSO online ponders the question of whether or not passwords are dead – since they are not much of a security countermeasure anyhow (or so the article intimates). The article quotes a person who seems to believe that SQL injection attacks have to do with password security. Christopher Frenz, CTO at […]

  • Data at rest encryption

    Two days in the same week to run into FCPA issues is strange. A prospect in Poland (ENEA) recently acquired Euro 6 million worth of disks from Hitachi and explained the purchase as a data loss prevention measure (Hitachi has data at rest encryption- i.e. the controller encrypts the data on the disk, which makes […]

  • When should you encrypt email?

    A while back, a colleague asked me what is the best way to encrypt internal email. My first question to him was – what is the threat,  who is  the attacker and what is the asset you are protecting? Are you trying to encrypt business communications between employees and vendors/customers to protect from eavesdroppers or […]