Data classification as a part of the information lifecycle management (ILM) process can be defined as a tool for categorization of data to help an organization to effectively answer the following questions: What data types are available? Where is certain data located? What access levels are implemented? What protection level is implemented, and does it…
Category: security
Challenges with Data Discovery in the Cloud
As a cloud security professional, you need to be prepared to generate solutions to overcome these obstacles: Identifying where your data is: The idea of data in the cloud is at once both liberating and terrifying. The ability to have data available “on real-time demand,” across almost any platform and access mechanism, is an incredible…
Implementation of Data Discovery
The implementation of data discovery solutions provides an operative foundation for effective application and governance for any of the P&DP (Privacy and Data Protection) compliance. From the customer’s perspective: The customers, in the role of data controllers, have full responsibility for compliance with the P&DP laws’ obligations. The implementation of data discovery solutions and data…
Data Deletion and Media Sanitization
Data represents a very important enterprise asset. That makes the use of cloud-based services a significant risk. To mitigate that risk, organizations must consider options for removing their data from the cloud should the requirement arise. These environments host multiple types, structures, and components of data among various resources. For components within a multitenant environment,…
Emerging Cryptographic Technologies
Bit Splitting Bit splitting usually involves splitting up and storing encrypted information across different cloud storage services. Depending on how the bit splitting system is implemented, some or all parts of the data set are required to be available to decrypt and read the data. If a RAID 5 solution is used as part of…
Key Management in Software Environments
Typically, cloud service providers protect keys using software-based solutions in order to avoid the additional cost and overhead of hardware-based security models. Note that software-based key management solutions do not meet the physical security requirements specified in the National Institute of Standards and Technology (NIST) Federal Information Processing Standards (FIPS) Publication 140-2 or 140-3 specifications….
Key Management: Common Approaches on the Cloud
For cloud-computing key management services, the following two approaches are most utilized: Remote key management service: This is where the customer maintains the key management service (KMS) on premises. Ideally, the customer will own, operate, and maintain the KMS, resulting in the customer controlling the information confidentiality, while the cloud provider can focus on the…
Key Management Options
XML Key Management Specification (XKMS) XML (Extensible Markup Language), the flexible data framework that allows applications to communicate on the internet, has become the preferred infrastructure for e-commerce applications. XML-based standards and specifications have been in development for use in the field of key management systems. One such specification is the XML Key Management Specification…
Encryption Key Management
In the old traditional banking environments, a safe required two people with keys to open it; this led to a reduced number of thefts, crimes, and bank robberies. Encryption, as with bank processes, should never be handled or addressed by a single person. Encryption and segregation of duties should always go hand in hand. Key…
Data Rights Management (DRM)
Data rights management (DRM) is a technology aimed at controlling the use of digital content. DRM technology was originally invented by publishers to control media such as audio and video rights. To design and implement data rights management within an organization, traditional security approaches such as access control and data classification have been used to…