XML Key Management Specification (XKMS) XML (Extensible Markup Language), the flexible data framework that allows applications to communicate on the internet, has become the preferred infrastructure for e-commerce applications. XML-based standards and specifications have been in development for use in the field of key management systems. One such specification is the XML Key Management Specification…
Month: July 2021
Encryption Key Management
In the old traditional banking environments, a safe required two people with keys to open it; this led to a reduced number of thefts, crimes, and bank robberies. Encryption, as with bank processes, should never be handled or addressed by a single person. Encryption and segregation of duties should always go hand in hand. Key…
Data Rights Management (DRM)
Data rights management (DRM) is a technology aimed at controlling the use of digital content. DRM technology was originally invented by publishers to control media such as audio and video rights. To design and implement data rights management within an organization, traditional security approaches such as access control and data classification have been used to…
Cloud Data Encryption Architecture and Options
Encryption architecture is very much dependent on the goals of the encryption solutions, along with the cloud delivery mechanism. Protecting data at rest from local compromise or unauthorized access differs significantly from protecting data in motion into the cloud. Adding additional controls to protect the integrity and availability of data can further complicate the process….
Is your Sensitive Data hiding from you?
The modern enterprise has evolved into a giant producer and consumer of data. Despite the large volume of controls and efforts to protect various data types, very few organizations can map exactly where their sensitive data is located and what security controls are deployed to guard it. Structured data types that are centrally managed allow…
When is one Cloud a better fit than others?
All major Cloud Service Providers follow the same best practices when building, managing, and delivering cloud services. So, how does one choose the right provider if they are almost identical? It all comes down to the workload you plan to move or create in the cloud. Let’s take an example – you are tasked with…
QuickGuide: Encryption
Symmetric Encryption There are two primary forms of cryptography in use today: symmetric and asymmetric cryptographies. Symmetric algorithms operate with a single cryptographic key that is used for both encryption and decryption of the message. For this reason, it is often called single, same, or shared key encryption. It can also be called secret or…
Data Loss Prevention (DLP)
Data loss prevention and data leakage prevention are terms used interchangeably to describe the controls put in place by an organization to ensure that certain types of data (structured and unstructured) remain under organizational controls, in line with policies, standards, and procedures. Controls to protect data form the foundation of organizational security and enable the…
Data Anonymization
Direct identifiers and indirect identifiers form two primary components for identification of individuals, users, or personal information. Direct identifiers are fields that uniquely identify the subject (usually name, address, etc.) and are usually referred to as personally identifiable information. Masking solutions are usually used to protect direct identifiers. Indirect identifiers typically consist of demographic or…
Data Masking/Obfuscation
Data masking or data obfuscation is the process of hiding, replacing, or omitting sensitive information from a specific data set. Data masking is usually used to protect specific data sets such as PII or commercially sensitive data or to comply with certain regulations such as HIPAA or PCI DSS. Data masking or obfuscation is also…