VA Installs Only a Small Percentage of its Encryption Licenses—With the Challenges of Deploying Software FDE, are We Really that Surprised?

A report from the Office of Inspector General confirmed that the Veterans Affairs (VA) Department failed to make good on its hard drive encryption policy, installing and activating only 65,000 of the encryption licenses it bought since its widely publicized data breach in 2006. The breach involved records of 26.5 million active duty troops, veterans and their family members.

The 2006 incident made the VA the poster child for data breach and became the catalyst for new measures to protect Personally Identifiable Information (PII), as well as prompting a slew of laws and regulations in the US and Europe –and now expanding across the globe.

Read More …

Miles of Files – All of it Unprotected in the Cloud

Enterprises are incorporating—and even promoting—the use of social networking applications such as Facebook, Twitter and LinkedIn as a key, if not primary, method for communicating and disseminating information. Indeed, social networking could one day supplant traditional email messaging—in large part owing to its instantaneous one-to-many dissemination feature.

Simultaneously, there’s been a trend to move information to the Cloud. It’s more cost-effective and accessible—but introduces the potential for data exposure, leakage and breach, due to the nascent state of cloud “security.”

It begs the question: What assurances does the enterprise have that documents containing intellectual property or personally identifiable data are actually safe in the Cloud?

Read More …

Windows 8 Brings Hardware-Based Security to the Mainstream

Despite the emergence of Advanced Persistent Threats (APTs) software security has consistently failed to detect threats that target the pre-boot stage of the device. However, all is not lost as enterprises have in-built security in their employees’ devices already – it just needs to be activated and managed. Hardware-based security is the most effective way to secure data and is increasingly moving into the mainstream via Windows 8.

For some time, layering security software on top of a device has been the approach that thousands of enterprises (and software security providers) have relied on in their quest to protect information and evade network threats. It’s easy to see why – it’s the approach that’s been sold to them.

Read More …

Windows 8 Shows Microsoft Still has the Chops to Reshape the Future of Computing

Windows 8 is nothing short of the most dramatic overhaul of the world’s most dominant operating system in 17 years. Much of the most talked-about features include a dual user interface (UI) consisting of a “Metro” side designed for use on slates and tables and the more classic “desktop” Windows 7-like UI.

But we’ll leave the discussions of the glossier aspects of Win 8 to the pundits.

No, for us Win 8 is the catalyst we’ve been waiting for – when the industry finally woke up to the promise of better security. It’s what Wave, and our colleagues in the Trusted Computing Group, have espoused and championed for nearly a decade: embedded hardware security built on industry standards.

Read More …

September 2012 Denial of Service Attacks on the Banks were Avoidable

Retail customers of Bank of America, JPMorgan Chase, Wells Fargo, U.S. Bank, and PNC Bank were unable to get to their accounts for days in the last two weeks of September. There is no telling how many people missed payments, and Twitter was filled with tweets expressing frustration over the banks’ inability to serve their valued customers. Many banks suggested that their customers do their banking in person, although some also mentioned that their mobile phone applications would still work.

Read More …