Kick start your European privacy compliance
The CNIL’s Sanctions Committee issues a 150 000 € monetary penalty to GOOGLE Inc. On 3 January 2014, the CNIL’s Sanctions Committee issued a 150 000 € monetary penalty to GOOGLE Inc. upon considering that the privacy policy implemented since 1 March 2012 does not comply with the French Data Protection Act. It ordered the company […]
Moving your data to the cloud – sense and sensibility
Data governance is a sine qua non to protect your data in the cloud. Data governance is of particular importance for the cloud service delivery model which is philosophically different from the traditional IT product delivery model. In a product delivery model, it is difficult for a corporate IT group to quantify asset value and data […]
Database activity monitoring
If you deploy or are considering data security technology from Websense, Fidelis, Verdasys , Guardium, Imperva or Sentrigo – do you give a DAM ? It seems that DLP (data loss prevention) vendors are moving up the food chain into DAM (database activity monitoring)? As customers deploy two products in parallel (for example Imperva and […]
Data security case study
A lot of companies do V/A (vulnerability assessments) with scanners like Beyond Security or Nessus. We took a hybrid approach for an internal security assessment using a Fidelis Security Systems network DLP appliance for detecting data loss vulnerabilities and structured human interviews to identify assets and analyze business threats such as competitors who might steal […]
The worst bugs are the simplest bugs
It is a truism of security that the worst vulnerabilities are usually the simplest – many are configuration bugs or simple design flaws like leaving temp files world read. Many Open Source projects such as Open Clinica use the excellent PostgreSQL database. You get 90% of Oracle at 10% of the weight and for free. […]
