Dealing with DLP and privacy
Dealing with DLP and privacy It’s a long hot summer here in the Middle East and with 2/3 of the office out on vacation, you have some time to reflect on data security. Or on the humidity. Or on a cold beer. Maybe you are working on building a business case for DLP technology like Websense or Symantec or Verdasys, or Mcafee or Fidelis in […]
Securing Web services in the cloud
Almost every SaaS (software as a service) is based on REST or XML Web services. In this post, I’d like to provide a brief introduction to some typical threats and security countermeasures to protect Web services; Malicious Attack on the message The beauty of HTTP Web Services is that traffic flows through port 80 and […]
What is security?
So what is security anyhow? Security is not about awareness. A lot of folks talk about the people factor and how investing in security awareness training is key for data protection. I think that investing in formal security awareness training, internal advertising campaigns and all kinds of fancy booklets and cards for employees is a […]
Why the Europeans are not buying DLP
It’s one of those things that European-based information security consultants must ask themselves at times – why isn’t my phone ringing off the hook for DLP solutions if the European Data protection directives are so clear on the requirement to protect privacy? The central guideline is the EU Data Protection Directive – and reading the […]
Is your DLP project a failure?
Are we in the same valley of death that held content management applications in the 90s? Where companies spent 6-7 figures on content management from companies like Vignette and over 50% of the projects never got off the ground? Tell me what you think in this Linked In poll – DLP success or failure
Learning about change and changing your security
Reading through the trade press, DLP vendor marketing collateral and various forums on information security, the conventional wisdom is that the key threat to an organization is trusted insiders. This is arguable – since it depends on your organization, the size of the business and type of operation. However – This is certainly true […]
Data security for an SMB – Flying First Class on a budget
A talk I give recently at one of our Thursday online workshops on data security More data security presentations from danny lieberman
Free agent DLP from Sophos
Sophos has announced that they will soon include endpoint data loss prevention functionality in their anti-virus software. Developed in-house, Sophos will have an independent offering – unlike Websense, RSA, Symantec, Trend Micro and McAfee (who all purchased DLP technology) and have integrated it into their product lines with various levels of success (or not). The […]
The Americanization of IT Research
The Burton Group have released the results of their research that concludes that Symantec (Vontu), RSA (Tablus) and Websense (Port Authority) are the leading DLP vendors. Burton’s choice is indicative of the Americanization of the information security space, where government compliance regulation and large security vendor marketing agendas appear to drive US customer security decisions. […]
Data security for SMB
Yesterday, I gave a talk at our Thursday security Webinar about data security for SMB (small to mid-sized businesses). I’ve been thinking about DLP solutions for SMB for a couple of years now; the market didn’t seem mature or perhaps SMB customer awareness was low, but with the continued wave of data security breaches, everyone […]
