Filter By:

Recent Blogs & Podcasts


\ Data Protection 

September 14, 2017 | Encryption, Digital Signatures, Certificates, Tokenization
By Dave Shackleford, IANS Faculty

 Apply Blockchain Technology to Enterprise Security

Blockchain has been the focus of many hype cycles of late, and it seems to be making inroads into every technology area under the sun - but how enterprise-ready is it? In this report, IANS Lead Faculty Dave Shackleford examines how the technology works and details its current and future use cases in security.

Read More »

September 8, 2017 | Data Classification
By Michael Pinch, IANS Faculty

 Data Classification: Design for the Human, Enforce with Technology

Data classification policies can be difficult for end users to interpret, leaving organizations open to data leakage issues and more. In this Ask-an-Expert live interaction, IANS Faculty Mike Pinch details the importance of creating human-friendly policies and ensuring employee awareness but also backstopping the process with layered technology solutions such as DLP and DRM. 

Read More »

September 7, 2017 | Data Classification
By Josh More, IANS Faculty

 Take a Phased Approach to Data Classification

End-to-end enterprise data classification/management programs are seldom successful out of the gate, but they can get there eventually. In this written Ask-an-Expert response, IANS Faculty Josh More explains the limitations of data management tool sets, and advocates for an iterative, phased approach that starts small and becomes increasingly successful over time.  

Read More »

September 1, 2017 | Data Loss Prevention (DLP)
By James Tarala, IANS Faculty

 Implement DLP Effectively

The best DLP implementations go beyond technology considerations to focus on achieving business goals. In this Ask-an-Expert written response, IANS Faculty James Tarala explains how to build an effective DLP program, from creating optimal governance and data classification policies to choosing the right keywords and vendors. 

Read More »

August 15, 2017 | Application Development and Testing
By Andrew Carroll, IANS Faculty

 Help Developers Understand the Importance of Least Privilege

Developers usually push to access any data they want anytime they want it, but unfettered access can open the whole organization up to unnecessary audit, financial and reputational risks. In this Ask-an-Expert written response, IANS Faculty Andrew Carroll suggests educating developers on the risks, implementing least privilege and layering on controls to ensure compliance.

Read More »

August 9, 2017 | Data Classification
By Rebecca Herold, IANS Faculty

 NIST’s CUI Designation Explained

Ensuring you have the right controls and policies in place to protect NIST-designated controlled unclassified information (CUI) first requires that you know what CUI is and the likely places it may reside in your organization. In this Ask-an-Expert written response, IANS Faculty Rebecca Herold defines the term and offers several concrete examples of applicable data.

Read More »

July 21, 2017 | Encryption, Digital Signatures, Certificates, Tokenization
By Aaron Turner, IANS Faculty

 Full Disk Encryption: Some Keys to Success

Full disk encryption is the best way to protect data at rest, but not all implementations are equally secure. In this Ask-an-Expert written response, IANS Faculty Aaron Turner highlights key regulatory and technology issues to consider, and provides tips for getting the deployment right.

Read More »

July 5, 2017 | Data Loss Prevention (DLP)
By Josh More, IANS Faculty

 Tips for Protecting IP When Offshoring to China

Is it possible to offshore manufacturing processes to China while fully protecting corporate intellectual property (IP)? In this Ask-an-Expert live interaction, IANS Faculty Josh More recommends some key contractual, business process and security control changes to put in place to improve the odds.

Read More »