Data Breach

Allowing consumer-grade file sharing technologies is risky business

Looking back at 2011, we saw more and more employees using consumer-grade (and often personally owned) file sharing technologies such as USB drives, smartphones, personal email accounts, and file sharing websites to move sensitive company information.  We’ve learned that employees will “do what they need to do” to be productive […]

Also posted in Enforcement, MOVEit, Person-to-Person, Security, Visibility, WS_FTP Server | Tagged , , , , , , , , , , | Leave a comment

Encryption: Transport versus File

This morning I was asked if I recommended using transport encryption or file encryption to protect company files and data. My answer:  “Use both of them, together!” For starters, here’s a real quick summary of both encryption types: Transport encryption (“data-in-transit”) protects the file as it travels over protocols such […]

Also posted in Compliance, FTP, Managed File Transfer, Security | Tagged , , , , , , , , , | Leave a comment

Data Breach Primer – What Does it all Mean?

Hey SEC, it’s Frank Kenney at Ipswitch. I don’t mean to rock the boat but I had a few quick questions regarding your recent announcement that you are requiring companies to notify their customers of a breach or risk of breach. What’s a “breach”? Does it mean the bad guys […]

Also posted in File Security, Security, Visibility | Tagged , , , , , , | Leave a comment

Senator to businesses: Protect data or pay

As George Hulme recently wrote, the vision of Senator Richard Blumenthal’s data breach legislation is simple enough:  Protect individuals’ personally identifiable information from data theft, and penalize firms that don’t adequately secure their customers’ information. Clearly, there’s a need for organizations to better secure confidential and private customer information.  It […]

Also posted in Enforcement, File Security, Managed File Transfer, Management, Security, Visibility | Tagged , , , , , , | Leave a comment

Caution: Web-searchable servers and databases

August 2011:  Yale University announced that 43,000 social security numbers posted to an insecure FTP server have been available to Google search engine users for the past 10-months. May 2011:  Southern California Medical-Legal Consultants (SCMLC) disclosed that the medical records of 300,000 injured workers were available online to the public […]

Also posted in Auditing, Compliance, Enforcement, File Security, Security, Visibility | Tagged , , , , , , , , | Leave a comment

Citi fined $500K

Citi was recently fined $500,000 by the Financial Industry Regulatory Authority (FINRA) for its failure to pick up on an employee skimming over $750,000 from the accounts of 22 Citi customers over the last eight years . When I first read the headline, my initial thought was that this was […]

Also posted in Auditing, Enforcement, Security, Visibility | Tagged , , , | Leave a comment

When transferring files, isn’t all encryption the same?

Definitely not. To begin with, there are numerous kinds of encryption—some of which can actually be broken quite easily. One of the earlier common forms of encryption (around 1996) relied on encryption keys that were 40 bits in length; surprisingly, many technologies and products continue to use this older, weaker form of encryption. […]

Also posted in Auditing, Compliance, Enforcement, File Security, FTP, Integration, Interactions, Ipswitch, Ipswitch Products and Services, Managed File Transfer, Management, MessageWay, MOVEit, Person-to-Person, Security, Technology and Software, Visibility, WS_FTP Professional, WS_FTP Server | Tagged , , , , , , , , , , , , , , , | Leave a comment