Data Security Topic Center
What you need to know about data security and protecting sensitive information
A new webmail service called Lavaboom promises to provide easy-to-use email encryption without ever learning its users' private encryption keys or message contents.
Canada's tax authority and a popular British parenting website both lost user data after attackers exploited the Heartbleed SSL vulnerability, they said Monday.
Websites that use encryption could be elevated in Google search results sometime in the future, according to The Wall Street Journal.
Jose Vildoza's 62-year-old father was using his old Windows computer when a warning in broken English flashed on the screen: your files have been encrypted.
A new variant of the Gameover computer Trojan is targeting job seekers and recruiters by attempting to steal log-in credentials for Monster.com and CareerBuilder.com accounts.
Two banks that claim to have suffered losses from the recent data breach at Target have sued Trustwave Holdings Inc., the company that was responsible for validating Target's compliance with the Payment Card Industry Data Security Standard.
In the wake of revelations exposed in classified National Security Agency documents leaked to reporters by Edward Snowden, Facebook must show its users that their data is safe from the prying eyes of government spies.
Encryption technologies can be a powerful tool against government surveillance, but the most effective techniques are still largely out of reach to the average Internet user, Edward Snowden said Monday.
The first Cebit trade show in the post-Snowden era will focus on security, showing off locally developed bug-proof phones and messaging systems, as well as the ability to protect mobile devices using smartcards.
That someone had to take the fall for the massive breach at Target is neither surprising nor unexpected. The only question is whether more heads will roll in the aftermath of one the biggest data compromises in retail history.
Melissa Andrews, a resident of Canada, is a cyber security "cop" for Payza, an international e-commerce payment platform operating in 97 countries. Her job, described by the company's public relations firm as "the worst security job on the Internet," is to protect the public from illegal, and many times revolting, content, by shutting the sites down and alerting authorities about criminal activity. She spoke with CSO this week about her job and why she is proud of what she does.
I just finished up a lengthy tour through Latin America and Asia, as described in many of my latest blogs. Most recently I was in Australia and New Zealand (ANZ). I had the opportunity to work with various government agencies, organizations within critical infrastructure and general enterprise businesses across ANZ. Their primary topic of interest: big data. More specifically, they were interested in determining what needs to be part of a successful big data security strategy.
CSOs need to take a number of steps as soon as possible to protect their organizations against the OpenSSL vulnerability that has shaken the tech industry, experts say.
Risks to enterprises are not only of the security breach variety from outside attackers, malicious insiders or even careless employees. Another comes from everybody in an organization a even its most loyal, careful, capable members.
In large-scale organizations, implementing mobile device management (MDM) is typically given. After all, with so many employees using mobile devices that either contain or connect to sources of sensitive information, there needs to be some way to keep everything in check. But what about those companies that aren't big enough to be able to afford an MDM implementation and a full-sized IT department to manage it? Without a means to centralize the control of mobile devices, how can these smaller companies protect their data?
Online tracking is on the rise, but efforts to create a practical Do Not Track policy have slowed to a crawl. Meanwhile, users and browser companies are taking matters into their own hands.
The data breach suffered by Target could make it easier for our manager to make some needed changes in his company's vendor management processes.
Pen tester Mark Wolfgang argues segmenting for security is a key piece of an overall defense-in-depth strategy. Here he explains why and how to accomplish it in your organization (registration required)
How do you know your employees retain what you teach them in company-required security awareness training? You don't -- unless you regularly test their security savvy and effectively address their mistakes during post-test follow-up sessions.
Not all the proven practices of the past work in today's interconnected, heterogeneous world. Here's what you need to do differently
Our new weekly Consumerization of IT newsletter covers a wide range of trends including BYOD, smartphones, tablets, MDM, cloud, social and what it all means for IT. Subscribe now and stay up to date!
- IT Certification Study Tips
- Register for this Computerworld Insider Study Tip guide and gain access to hundreds of premium content articles, cheat sheets, product reviews and more.
- Path Selection Infographic
- Path Selection Infographic
- Hyperconvergence Infographic
- A wide range of observers agree that data centers are now entering an era of "hyperconvergence" that will raise network traffic levels faster...
- Preparing Your Infrastructure for the Hyperconvergence Era
- From cloud computing and virtualization to mobility and unified communications, an array of innovative technologies is transforming today's data centers.
- How WAN Optimization Helps Enterprises Reduce Costs
- If you wanted to break down innovation into a tidy equation, it might go something like this: Technology + Connectivity = Productivity. Productivity...
- Cloud Computing eGuide
- In this eGuide, CIO, Computerworld, and InfoWorld offer advice, tips, news, and predictions regarding cloud implementations in the coming year and beyond. Read... All Data Security White Papers
- Druva inSync: Endpoint Data Protection & Governance CLICK HERE to watch this video about protecting corporate data on laptops and mobile devices, sponsored by Druva.
- LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy...
- Mobile Security: Containerizing Enterprise Data In this on-demand webinar, Fixmo's Lee Cocking, VP of corporate strategy, explains why Apple-ization trends like mobility and "bring-your-own-device" (BYOD) are driving the...
- Endpoint Data Management: Protecting the Perimeter of the Internet of Things Not surprisingly, "Internet of Things" (IoT) and Big Data present new challenges AND opportunities for enterprise IT. Teams need to harness, secure and...
- All Data Security Webcasts