Data security and privacy

Secure data storage, data loss prevention and encryption are must-have components of any enterprise security strategy, especially as data threats and breaches become increasingly common. Get advice on these topics, along with the latest data security strategies, data backup and recovery info, and more.

Top Stories

Podcast 20 Nov 2024
Risk & Repeat: China hacks major telecom companies

The FBI and CISA confirmed reports that Salt Typhoon breached several major telecom companies and accessed data related to law enforcement requests. Continue Reading
By
- Alexander Culafi, Senior News Writer
Tip 19 Nov 2024
Biometric privacy and security challenges to know

Fingerprints and facial scans can make identity access more convenient than passwords, but biometric tools present significant ethical and legal challenges. Continue Reading
By
- Mary K. Pratt

Tip 30 Mar 2017
1024-bit encryption keys: How 'trapdoored' primes have caused insecurity

Encryption algorithms using 1024-bit keys are no longer secure, due to the emergence of 'trapdoored' primes. Expert Michael Cobb explains how the encryption backdoor works. Continue Reading
By
- Michael Cobb
Tip 30 Mar 2017
DLP systems: Spotting weaknesses and improving management

DLP systems are becoming a necessity, but their weaknesses need to be tightened to ensure enterprise asset security. Expert Kevin Beaver explains what areas to focus on. Continue Reading
By
- Kevin Beaver, Principle Logic, LLC
Feature 13 Mar 2017
RSA Data Loss Prevention Suite: Product overview

Expert Bill Hayes examines the RSA Data Loss Prevention Suite, which covers data in use, in transit and at rest for corporate networks, mobile devices and cloud services. Continue Reading
By
- Bill Hayes
Answer 09 Mar 2017
CJIS Security Policy: How can companies ensure FIPS compliance?

Companies and government agencies handling criminal justice information need to comply with CJIS Security Policy. Expert Michael Cobb explains the cryptographic modules to use. Continue Reading
By
- Michael Cobb
Podcast 03 Mar 2017
Risk & Repeat: Cloudflare bug poses incident response challenges

In this episode of SearchSecurity's Risk & Repeat podcast, editors discuss the recent Cloudflare bug that leaked an undetermined amount of customer data over several months. Continue Reading
By
- Rob Wright, Senior News Director
News 03 Mar 2017
Cloudflare security team calms fears over Cloudbleed bug

Cloudflare security researchers continue investigations as CEO calms fears over potential exposure of sensitive personal data by the Cloudbleed bug, though doubts remain. Continue Reading
By
- Peter Loshin, Former Senior Technology Editor
News 02 Mar 2017
Employees knew about Yahoo security breach years ago, per new SEC filing

A new SEC filing details who knew about the major Yahoo security breach in 2014, but experts are confused by the repercussions of the announcement. Continue Reading
By
- Michael Heller, TechTarget
Answer 10 Feb 2017
What caused the ClixSense privacy breach that exposed user data?

A privacy breach at ClixSense led to user account details being put up for sale. Expert Michael Cobb explains how companies should be held accountable for their security practices. Continue Reading
By
- Michael Cobb
Answer 31 Jan 2017
Which encryption tools can secure data on IoT devices?

Protecting the data that moves through the internet of things can be a challenge for enterprises. Expert Judith Myerson offers several encryption tools for the task. Continue Reading
By
- Judith Myerson
Answer 20 Jan 2017
How serious are the flaws in St. Jude Medical's IoT medical devices?

MedSec and Muddy Waters Capital revealed serious flaws in IoT medical devices manufactured by St. Jude Medical. Expert Nick Lewis explains the severity of these vulnerabilities. Continue Reading
By
- Nick Lewis
Tip 19 Jan 2017
Big data frameworks: Making their use in enterprises more secure

Many enterprises apply big data techniques to their security systems. But are these methods secure? Expert John Burke explains some of the efforts to secure big data analysis. Continue Reading
By
- John Burke, Nemertes Research
Answer 17 Jan 2017
How does USBee turn USB storage devices into covert channels?

USB storage devices can be turned into covert channels with a software tool called USBee. Expert Nick Lewis explains how to protect your enterprise data from this attack. Continue Reading
By
- Nick Lewis
Answer 16 Jan 2017
How do man-in-the-middle attacks on PIN pads expose credit card data?

Passive man-in-the-middle attacks on PIN pads can lead to attackers stealing credit card details. Expert Nick Lewis explains how companies can mitigate these attacks. Continue Reading
By
- Nick Lewis
News 12 Jan 2017
Google Cloud KMS simplifies the key management service, but lacks features

Experts are impressed with the simplicity of Google's Cloud KMS even if it doesn't separate itself from the key management service competition. Continue Reading
By
- Michael Heller, TechTarget
News 09 Jan 2017
Git repos hide secret keys, rooted out by Truffle Hog

Truffle Hog utility roots out and detects text blobs with enough entropy to be secret keys -- even those buried deep in old Git repositories -- to prevent exploits. Continue Reading
By
- Peter Loshin, Former Senior Technology Editor
Answer 21 Dec 2016
Should one cybersecurity mistake mean the end of a CEO's career?

In one case, a tenured CEO made one cybersecurity mistake and was fired. Expert Mike O. Villegas discusses whether this sets a precedence for enterprises going forward. Continue Reading
By
- Mike O. Villegas, K3DES LLC
Quiz 01 Dec 2016
Test your privileged user management knowledge

Test your proficiency in privileged user management. Take this quiz to determine your ability to keep privileged access secure across your organization. Continue Reading
By
- Michael Cobb
Feature 23 Nov 2016
Digital Guardian for Data Loss Prevention: Product overview

Expert Bill Hayes examines Digital Guardian for Data Loss Prevention and more of the vendor's DLP product lineup, which cover data in use, data in transit and data in the cloud. Continue Reading
By
- Bill Hayes
Feature 16 Nov 2016
CA Technologies Data Protection: DLP product overview

Expert Bill Hayes examines CA Technologies Data Protection, a data loss prevention suite designed to protect data at rest, in transit and in use across enterprise devices, networks and cloud services. Continue Reading
By
- Bill Hayes
Answer 25 Oct 2016
Can an HTML5 document with a digital signature be authenticated?

A digital signature on an HTML5 document cannot be authenticated the same way a PDF can. Expert Michael Cobb explains how enterprises should address this issue. Continue Reading
By
- Michael Cobb
Feature 11 Oct 2016
Splunk Enterprise Security: Product overview

Expert Dan Sullivan explores how Splunk Enterprise Security uses big data security analytics to incorporate multiple methods of data integration to identify malicious events. Continue Reading
By
- Dan Sullivan
Feature 25 Aug 2016
Blue Coat DLP: Data loss prevention product overview

Expert Bill Hayes takes a look at Blue Coat DLP, a single appliance data loss prevention system that works with the company's web security gateway products. Continue Reading
By
- Bill Hayes
Feature 24 Aug 2016
Blue Coat Security Analytics Platform: Product overview

Expert Dan Sullivan takes a look at the Blue Coat Security Analytics Platform, which is designed to capture comprehensive network information and apply targeted security analytics. Continue Reading
By
- Dan Sullivan
Feature 17 Aug 2016
WinMagic SecureDoc: Full-disk encryption product overview

Expert Karen Scarfone examines the features of WinMagic's SecureDoc, a full-disk encryption product for laptops, desktops, mobile devices and servers. Continue Reading
By
- Karen Scarfone, Scarfone Cybersecurity
Buyer's Guide 26 May 2016

The best email encryption products: A comprehensive buyer's guide

Email encryption is a critical component of enterprise security. In this buyer's guide, expert Karen Scarfone breaks down what you need to know to find the best email encryption software for your organization. Continue Reading
Feature 14 Apr 2016
Voltage SecureMail encryption tool: Product overview

Expert contributor Karen Scarfone takes a look at Voltage SecureMail for encrypting email messages in the enterprise. Continue Reading
By
- Karen Scarfone, Scarfone Cybersecurity
Feature 12 Apr 2016
Symantec Desktop Email Encryption: Product overview

Expert contributor Karen Scarfone examines Symantec Desktop Email Encryption, a tool for encrypting email messages for individuals within the enterprise. Continue Reading
By
- Karen Scarfone, Scarfone Cybersecurity
Feature 17 Feb 2016
Comparing the top big data security analytics tools

Expert Dan Sullivan compares how the top-rated big data security analytics tools measure up against each other to help you select the right one for your organization. Continue Reading
By
- Dan Sullivan
Answer 10 Feb 2016
What privacy regulations should enterprises follow?

The U.S. government has been criticized for its lack of updated privacy regulations. Expert Mike Chapple advises enterprises that want to bolster their privacy policies. Continue Reading
By
- Mike Chapple, University of Notre Dame
Feature 17 Nov 2015
Introduction to big data security analytics in the enterprise

Expert Dan Sullivan explains what big data security analytics is and how these tools are applied to security monitoring to enable broader and more in-depth event analysis for better enterprise protection. Continue Reading
By
- Dan Sullivan
Tip 30 Oct 2015
Secure Hash Algorithm-3: How SHA-3 is a next-gen security tool

Expert Michael Cobb details the changes in SHA-3, including how it differs from its predecessors and the additional security it offers, and what steps enterprises should take. Continue Reading
By
- Michael Cobb
Feature 27 Oct 2015
Vormetric Transparent Encryption: Product overview

Expert Ed Tittel takes a look at Vormetric Transparent Encryption, a component of Vormetric's Data Security Platform that encrypts data and does access control for that data. Continue Reading
By
- Ed Tittel
Feature 27 Oct 2015
HP Security Voltage's SecureData Enterprise: Product overview

Expert Ed Tittel examines SecureData Enterprise, which is a part of the HP Security Voltage platform, a scalable database security product that encrypts both structured and unstructured data, tokenizing data to prevent viewing and more. Continue Reading
By
- Ed Tittel
Feature 25 Oct 2015
Protegrity Database Protector: Database security tool overview

Expert Ed Tittel examines Protegrity Database Protector, a database security add-on product that provides column- and field-level protection of confidential and sensitive data stored in nearly any type of relational database. Continue Reading
By
- Ed Tittel
Feature 25 Oct 2015
Oracle Advanced Security: Database security tool overview

Expert Ed Tittel examines Oracle Advanced Security, a database security add-on product with transparent data encryption (TDE) and data redaction features. Continue Reading
By
- Ed Tittel
Feature 25 Oct 2015
McAfee Database Activity Monitoring: Database security tool overview

Expert Ed Tittel takes a look at McAfee Database Activity Monitoring and McAfee Vulnerability Manager for Databases to see how they protect enterprises' databases and corporate data. Continue Reading
By
- Ed Tittel
Feature 25 Oct 2015
Imperva SecureSphere: Database security tool overview

Expert Ed Tittel examines Imperva SecureSphere Database Activity Monitoring and Database Assessment, products that are deployed as an inline bridge or as a lightweight agent to assess and monitor local database access. Continue Reading
By
- Ed Tittel
Feature 25 Oct 2015
IBM Guardium: Database security tool overview

Expert Ed Tittel examines IBM Guardium, a security product that offers continuous, real-time, policy-based monitoring of database activities. Continue Reading
By
- Ed Tittel
Tip 10 Sep 2015
Improve corporate data protection with foresight, action

Better corporate data protection demands foresight and concrete action. Learn why breach training, monitoring and early detection capabilities can minimize damage when hackers attack. Continue Reading
By
- David Sherry, Brown University
Answer 17 Aug 2015
Can a new encryption trick prevent reverse engineering?

Expert Michael Cobb explains how reverse engineering can be made more difficult with an approach called Hardened Anti-Reverse Engineering System or HARES. Continue Reading
By
- Michael Cobb
Feature 13 Aug 2015
Comparing the top database security tools

Expert Ed Tittel examines the strengths and weaknesses of top-rated database security tools -- from database activity monitoring to transparent database encryption -- to help enterprises make the right purchasing decision. Continue Reading
By
- Ed Tittel
Feature 01 Jul 2015
Tips for creating a data classification policy

Before deploying and implementing a data loss prevention product, enterprises should have an effective data classification policy in place. Expert Bill Hayes explains how that can be done. Continue Reading
By
- Bill Hayes
Feature 25 Jun 2015
How to keep track of sensitive data with a data flow map

Expert Bill Hayes describes how to create a data flow map to visualize where sensitive data is processed, how it transits the network and where it's stored. Continue Reading
By
- Bill Hayes
Feature 16 Jun 2015
Introduction to database security tools for the enterprise

Expert Adrian Lane explains why database security tools play a significant, if not the majority, role in protecting data in the enterprise data center. Continue Reading
By
- Adrian Lane, Securosis
Feature 26 May 2015
Six criteria for procuring security analytics software

Security analytics software can be beneficial to enterprises. Expert Dan Sullivan explains how to select the right product to fit your organization's needs. Continue Reading
By
- Dan Sullivan
Feature 10 Apr 2015
Symantec Endpoint Encryption: Full disk encryption product overview

Expert Karen Scarfone examines the features of Symantec Endpoint Encryption, a full disk encryption product for Windows laptops, desktops and servers. Continue Reading
By
- Karen Scarfone, Scarfone Cybersecurity
Feature 10 Apr 2015
Sophos SafeGuard: Full disk encryption product overview

Expert Karen Scarfone examines the features of Sophos SafeGuard, a full disk encryption product for laptops, desktops and servers. Continue Reading
By
- Karen Scarfone, Scarfone Cybersecurity
Feature 10 Apr 2015
Microsoft BitLocker: Full disk encryption software overview

Expert Karen Scarfone examines the features of BitLocker, Microsoft's native full disk encryption software for Windows laptops, desktops and servers. Continue Reading
By
- Karen Scarfone, Scarfone Cybersecurity
Feature 10 Apr 2015
McAfee Complete Data Protection: Full disk encryption product overview

Expert Karen Scarfone examines the features of McAfee Complete Data Protection, a full disk encryption product for securing client-side computers and servers. Continue Reading
By
- Karen Scarfone, Scarfone Cybersecurity
Feature 10 Apr 2015
Dell Data Protection | Encryption: Full disk encryption product overview

Expert Karen Scarfone examines the features of Dell Data Protection | Encryption, a full disk encryption product for securing client-side devices. Continue Reading
By
- Karen Scarfone, Scarfone Cybersecurity
Feature 10 Apr 2015
Check Point Full Disk Encryption product overview

Expert Karen Scarfone examines the features of Check Point Full Disk Encryption, an FDE product for securing client devices such as laptops and desktops. Continue Reading
By
- Karen Scarfone, Scarfone Cybersecurity
Feature 10 Apr 2015
Apple FileVault 2: Full disk encryption software overview

Expert Karen Scarfone examines the features of Apple's bundled full disk encryption software for Mac OS X, FileVault 2. Continue Reading
By
- Karen Scarfone, Scarfone Cybersecurity
Feature 10 Apr 2015
The top full disk encryption products on the market today

Full disk encryption can be a key component of an enterprise's desktop and laptop security strategy. Here's a look at some of the top FDE products in the industry. Continue Reading
By
- James Alan Miller, Senior Executive Editor
Feature 23 Mar 2015
Introduction to security analytics tools in the enterprise

Expert Dan Sullivan explains how security analysis and analytics tools work, and how they provide enterprises with valuable information about impending attacks or threats. Continue Reading
By
- Dan Sullivan
Tip 27 Jan 2015
A CISO's introduction to enterprise data governance strategy

Every enterprise must have a viable strategy for protecting high-value data. See if your plan aligns with Francoise Gilbert's advice on top priorities to consider when defining data governance plans. Continue Reading
By
- Francoise Gilbert, Greenberg Traurig
Feature 23 Jan 2015
The importance of email encryption software in the enterprise

Expert Karen Scarfone explains how email encryption software protects messages and attachments from malfeasance. Continue Reading
By
- Karen Scarfone, Scarfone Cybersecurity
Feature 05 Dec 2014
The fundamentals of FDE: Comparing the top full disk encryption products

Expert Karen Scarfone examines the top full disk encryption products to determine which one may be best for your organization. Continue Reading
By
- Karen Scarfone, Scarfone Cybersecurity
Feature 25 Nov 2014
The fundamentals of FDE: Procuring full-disk encryption software

Expert Karen Scarfone examines the most important criteria for evaluating full disk encryption options for deployment within an enterprise. Continue Reading
By
- Karen Scarfone, Scarfone Cybersecurity
Feature 20 Nov 2014
The fundamentals of FDE: The business case for full disk encryption

Expert Karen Scarfone outlines the benefits of FDE to help businesses decide if the storage encryption technology is right for their organization. Continue Reading
By
- Karen Scarfone, Scarfone Cybersecurity
Feature 12 Nov 2014
The fundamentals of FDE: Full disk encryption in the enterprise

Expert Karen Scarfone examines full disk encryption, or FDE, tools and describes how the security technology protects data at rest on a laptop or desktop computer. Continue Reading
By
- Karen Scarfone, Scarfone Cybersecurity
Tip 10 Nov 2014
Inside the four main elements of DLP tools

Security expert Rich Mogull outlines the four elements of a DLP tool: the central management server, network monitoring, storage and endpoint DLP. Continue Reading
By
- Rich Mogull, Securosis
Feature 01 Aug 2014
The NoSQL challenge: What's in store for big data and security

Big data offers horizontal scalability, but how do you get your database security to scale along with it? Continue Reading
By
- Adrian Lane, Securosis
News 05 Feb 2014
Amid Microsoft MD5 deprecation, experts warn against SHA-1 algorithm

With Microsoft's MD5 deprecation set for next week, experts say companies must be careful to avoid other weak protocols, like SHA-1. Continue Reading
By
- Brandan Blevins
Quiz 30 May 2013
Quiz: Database security issues

This 10-question quiz will test your knowledge of the key points we’ve covered in the webcast, podcast and tip in this database security school lesson. Continue Reading
By
- Michael Cobb
Feature 26 Feb 2013
Managing big data privacy concerns: Tactics for proactive enterprises

The growing use of big data analytics has created big data privacy concerns, yet viable tactics exist for proactive enterprises to help companies get smarter while keeping consumers happy. Continue Reading
By
- Lynn Goodendorf
Answer 12 Feb 2013
What risk does the Apple UDID security leak pose to iOS users?

Expert Michael Cobb details Apple's Unique Device Identifiers, plus why iOS users should be concerned about the Anonymous UDID security leak. Continue Reading
By
- Michael Cobb
Tip 08 Jan 2013
Windows Server 2012 security: Is it time to upgrade?

Expert Michael Cobb wades through the security features of Windows Server 2012 to find out what's new and beneficial in Microsoft's latest release. Continue Reading
By
- Michael Cobb
Opinion 01 Nov 2012
Protecting Intellectual Property: Best Practices

Organizations need to implement best practices to protect their trade secrets from both internal and external threats. Continue Reading
By
- Peter J. Toren
Tip 06 Dec 2011
P2P encryption: Pros and cons of point-to-point encryption

P2P encryption is an emerging technology; one that may be helpful for many companies, especially merchants. Mike Chapple dissects the pros and cons. Continue Reading
By
- Mike Chapple, University of Notre Dame
Answer 17 Oct 2011
Comparing relational database security and NoSQL security

In this introduction to database security, expert Michael Cobb explains the differences between relational database and NoSQL security. Continue Reading
By
- Michael Cobb
Tip 05 Nov 2010
Outsourcing data center services: SMB security best practices

Learn best practices for outsourcing data center services and about the security and compliance considerations that influence whether an SMB should outsource data center services. Continue Reading
By
- Joe Malec, Contributor
Tip 18 Oct 2010
Data classification best practices in financial services

Data classification is critical in the highly regulated financial industry. Learn key steps for data classification. Continue Reading
By
- Dave Shackleford, Voodoo Security
Tip 14 Jun 2010
Your USB port management options

When it comes to managing USB ports, the choice is yours. Mike Chapple reviews your three best options. Continue Reading
By
- Mike Chapple, University of Notre Dame
Answer 19 May 2010
MD5 security: Time to migrate to SHA-1 hash algorithm?

Many organizations have been replacing the MD5 hash algorithm with the SHA-1 hash function, but can the MD5 hash algorithm still be used securely? Continue Reading
By
- Michael Cobb
Answer 17 Dec 2009
Personally identifiable information guidelines for U.S. passport numbers

Do U.S. passport numbers count as personally identifiable information? Learn more about guidelines for PII in this security management expert response from David Mortman. Continue Reading
By
- David Mortman, Dell
Answer 03 Nov 2009
How to protect employee information in email paystubs

Many companies are moving to a system of paperless paystubs. Learn how to protect the information contained in these email paystubs with the use of secure email in this expert response. Continue Reading
By
- David Mortman, Dell
Answer 23 Oct 2009
What is an encryption collision?

Michael Cobb reviews how encryption collision attacks on cryptographic hash functions could compromise the security of all kinds of digital systems. Continue Reading
By
- Michael Cobb
Answer 28 Aug 2009
What are new and commonly used public-key cryptography algorithms?

Expert Michael Cobb breaks down a variety of encryption algorithms and reviews the use cases for several types of cryptography. Continue Reading
By
- Michael Cobb
Answer 25 Aug 2009
What are the export limitations for AES data encryption?

Although AES is free for any use public or private, commercial or non-commercial programs that provide encryption capabilities are subject to U.S. export controls. Expert Michael Cobb reviews the limitations. Continue Reading
By
- Michael Cobb
Answer 09 Jan 2009
Comparing FTP vs. TFTP

There are some differences between FTP and TFTP, but here's the catch: both are inherently insecure protocols. Continue Reading
By
- Mike Chapple, University of Notre Dame
Tip 05 Nov 2008
Lessons learned: The Countrywide Financial breach

The data breach at Countrywide Financial Corp. seems like something out of a TV crime drama: Two men regularly copied customer data and secretly sold it as leads to other mortgage brokers. The tale suggests that data theft is, more often than not, an inside job. Robert Mullins reviews internal threats, and the authorization and access control practices that can stop them. Continue Reading
By
- Robert Mullins, Contributor
Answer 27 Mar 2008
Is Triple DES a more secure encryption scheme than DUKPT?

Both DES and TDES use a symmetric key, but Michael Cobb explains their separate and distinct roles in protecting financial transactions. Continue Reading
By
- Michael Cobb
Answer 07 Nov 2007
What are the security risks of a corporate divestiture?

Security management expert Mike Rothman discusses the data protection issues involved with a corporate divestiture . Continue Reading
By
- Mike Rothman, Securosis
Answer 01 Oct 2007
How should sensitive customer data, such as driver's license information, be handled?

In this Q&A, Identity management and access control expert Joel Dubin discusses how to properly protect the personal data of a driver's license. Continue Reading
By
- Joel Dubin
Answer 31 May 2007
What should be done with a RAID-5 array's failed drives?

Even one failed drive in a RAID-5 array can present an enterprise with serious data protection concerns. In this SearchSecurity.com Q&A, expert Michael Cobb explains which policies can protect and recover RAID-5 data. Continue Reading
By
- Michael Cobb
Answer 24 May 2007
What are the alternatives to RC4 and symmetric cryptography systems?

In this SearchSecurity.com Q&A, network security expert Mike Chapple explains how RC4 encryption stacks up against public key cryptography. Continue Reading
By
- Mike Chapple, University of Notre Dame
Answer 18 Apr 2007
How to verify 140-2 (FIPS 140-2) compliance

In this SearchSecurity.com Q&A, identity management and access control expert, Joel Dubin, discuses several ways to verify that Federal Information Processing Standard 140-2 is being enforced. Continue Reading
By
- Joel Dubin