Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.
Encryption Blog
Showing posts tagged with Symantec Endpoint Encryption - Device Control
Showing posts in English
Shilpi Dey | 26 May 2009 | 0 comments

sdeyShilpi Dey - Product Marketing Manager

There is no doubt that firewalls are no longer sufficient as the sole security strategy of choice. Whether it’s your telecommuting employees, consultants, vendors, or your sales force in the field, securing those endpoints is more crucial than ever.

It seems everywhere you turn, there is a new endpoint solution or better yet, an endpoint security suite that is sure to make you, the security administrator’s, life easy with a comprehensive endpoint protection offering. Most of these solutions offer anti-virus, host intrusion prevention, VPN, and data encryption all rolled into a convenient client and centrally managed by the same administration interface. These solutions are often tempting to procure and deploy, especially given...

Kevin Albright | 19 May 2009 | 0 comments

Kevin AlbrightA recent data breach at Johns Hopkins Hospital was announced that resulted from a single employee working in patient registration who accessed more than 10,000 pieces of personally identifying information. Reports of fraud started back in January and have been traced to records at Johns Hopkins.

The employee in question has been linked to a larger driver’s license fraud scheme in nearby Virginia. These types of incidents have been appearing more and more; while we protect against attacks coming across the internet with firewalls, and malware...

Doug McLean | 16 May 2009 | 0 comments

The Data Loss Database is a record of data breaches going back to 1995. As such it is one of the most comprehensive records of global breaches. Maintained by the Open Security Foundation, the DataLoss DB is published monthly.

Below is the classification of all recorded breaches by type since 1995.

 

Historical Data Loss by Type

Doug McLean | 15 May 2009 | 0 comments

dmclean_webfinalWe spend a lot of space on our blogs talking about the hard and soft costs of data breaches. PGP Corporation also sponsors the annual Ponemon surveys of this topic. I don't tend to focus on it in my blog because I find the crimes that cause breaches so interesting, but last week I saw some new numbers that are truly startling.  Heartland Payment Systems released their Q1 earnings report. According to this story at Forbes.com, Heartland has so far spent $12.6 million to remediate the breach they experienced in December. The...

Brian Tokuyoshi | 15 May 2009 | 1 comment

Brian Tokuyoshi - Product Marketing Manager btokuyoshi_webfinal

One of the problems of the Payment Card Industry Data Security Standard is that it will never reach a state of completion. That’s because PCI DSS it defines protections against known security risks, and then maps out a list of things that it must do to meet the minimum requirement for an acceptable level of security.

The goals of PCI DSS are noble, for it establishes practices for handling of sensitive data, and thus ensures security experts address the issues that can’t be taken for granted anymore.

The problem, though, is that PCI DSS sets up the requirements in a way that creates checklists of technology to deploy, which prescribes protection against the known threats. You can’t prescribe...

Brian Tokuyoshi | 12 May 2009 | 0 comments

Brian Tokuyoshi - Product Marketing Manager btokuyoshi_webfinal

The PGP® Universal Server delivers the administrative functions for the PGP Encryption Platform. It’s the console that’s used by our largest customers to keep tabs on their applications, enforce policy, and provide logging capabilities without having to deploy multiple consoles. PGP uses this platform, as well as 3rd parties who develop applications that support PGP Universal Server so that they do not have to write their own management console. While the administrative functions for PGP Universal Server are well understood, what’s not so commonly known is that PGP...

Doug McLean | 08 May 2009 | 0 comments

There have been a number of calls lately for the creation of an agency like the Federal Emergency Management Agency (FEMA) focused on the Internet. The theory is that by integrating the currently fragmented cyber-security efforts of the Departments of Defense, Homeland Security, OMB and a half dozen other agencies, that we’ll be better able to respond to cyber-attacks from predators foreign and domestic. While such integration is surely needed and is very effectively documented in the recent report by the Center for Strategic and International Studies (CSIS), I’m not sure that a “Cyber-FEMA” is enough to address the threats now bearing down on the nation’s Internet infrastructure.

While FEMA’s charter is formally defined to be both proactive and reactive, the fact is that it’s core mission is to react when disasters both natural and man-made occur. While it’s easy to build a case that...

Brian Tokuyoshi | 07 May 2009 | 0 comments

Brian Tokuyoshi - Product Marketing Manager

btokuyoshi_webfinalIn the pursuit of providing protection for enterprise data, many organizations make the mistake of thinking that their responsibilities to protect data start and end with the deployment of an encryption application. What often happens, in the rush to secure data, is that the need for strategic key management can be overlooked. This often occurs when there’s been an imperative driving the need, such as a new compliance mandate or the revelation of a data breach. These types of incidents can often create a singular focus to deploying encryption products that can unfortunately prove to be short sighted.

For compliance initiatives, sometimes even the best intentioned efforts to protect data can lead to unforeseen...

Shilpi Dey | 01 May 2009 | 0 comments

sdeyShilpi Dey- Product Marketing Manager

PGP Corporation recently announced a new product - PGP® Whole Disk Encryption Workgroup Edition which is specifically tailored to protect small companies and enterprise workgroup’s data on laptops, desktops and USB devices while supporting compliance requirements. PGP Whole Disk Encryption Workgroup Edition provides administrators a simple, intuitive and easy-to-use solution to manage and deploy full disk encryption.  The beauty of this solution is that there is no need to manage servers or databases nor does it require additional dedicated hardware.

PGP Whole Disk Encryption Workgroup Edition consists of a management application (PGP® Whole Disk Encryption Controller) and PGP® Whole Disk...

Doug McLean | 14 Apr 2009 | 2 comments

dmcleanEarlier this month, Senators John Rockefeller (D, West Virgina) and Olympia Snowe (R, Maine) introduced S.773, the Cybersecurity Act of 2009. It's actually a companion bill to one they proposed a few days earlier to create a cabinet level Cybersecurity Czar. It's S.773,  however, that contains all of the meat in the Senate's attempt to legislate better cybersecurity. We've seen half-hearted attempts to do this in the past, but as Chairman of Senate Committee that overseas Commerce, Science and Transportation, Senator Rockefeller's bill will be seriously considered and Senator Snowe's presence on the co-sponsor list indicates that it will also have at least some bipartisan support.

At 53...