Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.
Encryption Blog
Showing posts tagged with Symantec Endpoint Encryption - Device Control
Showing posts in English
Doug McLean | 09 Mar 2009 | 0 comments

Cost per Record U.S.

Every year PGP Corporation sponsors a series of research projects to determine trends and costs of data breach. These projects are carried out by the Ponemon Institute. Currently, this research is carried out in the U.S., UK and Germany. This week’s G-Blog illuminates the cost per breached record for the last four years.  The full reports are available here.

Brian Tokuyoshi | 09 Mar 2009 | 0 comments

Brian Tokuyoshi - Product Marketing Manager

I had a recent conversation with a friend who just opened a new checking account at a major national bank. My friend was complaining about the difficulty remembering her PIN (personal identification number) for her ATM card because of the policies for the number.

It’s usually passwords that people complain about when it comes to difficult policies.  Typical policies usually require that passwords cannot be shorter than 6 characters, and must have a mix of upper/lower case, numbers, or symbols. Often, such policies make the password computationally safe from a dictionary attack, but users find the resulting password so difficult to memorize that they need a written reminder in order to recall it at a later date.

So I found it interesting that this is a scenario where the PIN was difficult to use.  PIN numbers for ATMs are typically numeric only, so there isn’t the same complexity...

Doug McLean | 04 Mar 2009 | 0 comments

Q: I'm installing PGP Desktop 9.9 in a fairly large office this week. The boss is hardly ever in the office and the secretary needs to read his email and send email on his behalf. How do you configure PGP Desktop in this situation?

The only option I see is importing the boss's private key into the secretary's PGP desktop but this doesn't feel right. Private keys should be private right? Are there other solutions or is this one the only way to go?

A: This is one way of doing it, but is not recommended because letting someone else have your private key lets them  impersonate you (lets them make your digital signatures).  But, if you want the secretary to be able to sign the email as if she were the boss, there isn't much other choice.  If your concern is more that she be able to decrypt and read his email, you might want to consider making her key an ADK (Additional Decryption Key) for his key - you...

Brian Tokuyoshi | 03 Mar 2009 | 0 comments

Brian Tokuyoshi - Product Marketing Manager

As the Academy Awards wrap up, I’m reminded of the film Amadeus, which won the Oscar for Best Picture in 1985. The eponymous film is a dramatization about the life of Wolfgang Amadeus Mozart. In a famous scene, Emperor Joseph II, offering his opinion on Mozart’s new symphony, comments that,  “There are simply too many notes”, without providing any deeper insight into which particular sequence trouble him.

Enterprises today are facing a related situation, except the issue should be called “too many encryption keys” as well as its closely related issue called “too many encryption products”. Let’s take a common example. Growing concerns about data breach notification laws lead ACME company to deploy a disk encryption product. Over time new requirements emerge, and ACME realizes that they need to...

Doug McLean | 02 Mar 2009 | 0 comments

Top Seven Causes of Data Breach 2008

Sources of Breach - UK


Every year PGP Corporation sponsors a series of research projects to determine trends and costs of data breach. These projects are carried out by the Ponemon Institute. Currently, this research is carried out in the U.S., UK and Germany. This week’s G-Blog illuminates the top sources of data breaches in the UK in 2008.  The full reports are available...

Doug McLean | 25 Feb 2009 | 0 comments

I wrote about this case in October and thought at the time it represented a case of prosecutorial indulgence. The issue at stake here is whether or not an undocumented immigrant that uses false identification can be charged with identity theft if the data on the false documentation actually belongs to someone else.

To be clear, the case does not address the issues associated with immigrating illegally or using false documents to obtain work or social benefits. Even the defendent's counsel concedes his client is guilty of those infractions. The sole issue in question here is if you create or purchase a fake Social Security card with an I.D. number on it that belongs to someone else, have you in addition committed identity theft.  It seems like a reach to me and  in October the Supreme Court agreed to hear the case. Based on this...

Doug McLean | 23 Feb 2009 | 0 comments

Cost of Breach by Industry
Every year PGP Corporation sponsors a series of research projects to determine trends and costs of data breach. These projects are carried out by the Ponemon Institute. Currently, this research is carried out in the U.S., UK and Germany. This week’s G-Blog illuminates the cost of breach per record for five industrial sectors.  The full reports are available here.

Doug McLean | 22 Feb 2009 | 1 comment

WARNING: This posting is off topic.  It's going to happen occasionally.

To be clear, I've never met Peggy Noonan, nor do I ever expect to. As such it's not really Ms. Noonan herself with whom I'm in love. It's her writing. For the last year or more, my regular Saturday morning routine has included reading her column on the op-ed page of the Wall Street Journal. Normally, Ms. Noonan covers political matters, but this week's column focuses on the impact of an apparently still deepening recession. I'll get back to this week's column in a minute, but first let me tell you a few things about Ms. Noonan.

Peggy Noonan first came to national prominence as Ronald Reagan's speech writer. Her book on the experience, What I Saw at the Revolution, is considered one of...

Doug McLean | 16 Feb 2009 | 0 comments

Average Cost of Breach Per Record

Cost of Breach by Industry UK

Every year PGP Corporation sponsors a series of research projects to determine trends and costs of data breach. These projects are carried out by the Ponemon Institute. Currently, this research is carried out in the U.S., UK and Germany. This week’s G-Blog illuminates the cost of data breach on a per record basis for each of nine sectors.  The full reports are available...