Compliance

Ipswitch Conversations at RSA Conference

There is so much to absorb at RSA Conference.  The largest gathering of security vendors, solution providers and practitioners in the U.S. certainly didn’t disappoint as the Moscone Center was buzzing with security education and of course lots of thought provoking conversations. Many of the people I spoke with shared […]

Also posted in Cloud Computing, Customers, Data Breach, Managed File Transfer, Person-to-Person, RSA, Security, Visibility | Tagged , , , , , , , | Leave a comment

Encryption: Transport versus File

This morning I was asked if I recommended using transport encryption or file encryption to protect company files and data. My answer:  “Use both of them, together!” For starters, here’s a real quick summary of both encryption types: Transport encryption (“data-in-transit”) protects the file as it travels over protocols such […]

Also posted in Data Breach, FTP, Managed File Transfer, Security | Tagged , , , , , , , , , | Leave a comment

Caution: Web-searchable servers and databases

August 2011:  Yale University announced that 43,000 social security numbers posted to an insecure FTP server have been available to Google search engine users for the past 10-months. May 2011:  Southern California Medical-Legal Consultants (SCMLC) disclosed that the medical records of 300,000 injured workers were available online to the public […]

Also posted in Auditing, Data Breach, Enforcement, File Security, Security, Visibility | Tagged , , , , , , , , | Leave a comment

Can a file transfer system enable central management and control?

You might say that the entire point of a Managed File Transfer (MFT) system is to do exactly that: provide centralized management and control. For example, let’s say that your company is subject to the Payment Card Industry Data Security Standard (PCI DSS). Requirement 4 of PCI DSS is to “encrypt […]

Also posted in Advanced File Services, Auditing, Enforcement, FTP, Integration, Interactions, Ipswitch, Ipswitch Products and Services, Managed File Transfer, Management, MessageWay, MOVEit, Person-to-Person, Security, Visibility, WS_FTP Server | Tagged , , , , , , , , , | Leave a comment

When transferring files, isn’t all encryption the same?

Definitely not. To begin with, there are numerous kinds of encryption—some of which can actually be broken quite easily. One of the earlier common forms of encryption (around 1996) relied on encryption keys that were 40 bits in length; surprisingly, many technologies and products continue to use this older, weaker form of encryption. […]

Also posted in Auditing, Data Breach, Enforcement, File Security, FTP, Integration, Interactions, Ipswitch, Ipswitch Products and Services, Managed File Transfer, Management, MessageWay, MOVEit, Person-to-Person, Security, Technology and Software, Visibility, WS_FTP Professional, WS_FTP Server | Tagged , , , , , , , , , , , , , , , | Leave a comment

Sony data breach biggest ever; Lawsuit filed

Last week’s Sony data breach shattered TJX’s longstanding record for the largest customer data theft ever, a dubious honor that TJX has held since 2007. The massive Sony breach leaves millions and millions of credit cards at risk.  Details still aren’t clear yet, but the Sony breach *may* have included […]

Also posted in Auditing, Data Breach, Enforcement, File Security, Security | Tagged , , , , , , | 1 Response

Takeaways from Verizon’s 2011 Data Breach Investigations Report

Many thanks to the Verizon RISK Team (along with the U.S. Secret Service and the Dutch High Tech Crime Unit) for publishing their 7th annual analysis of data breaches.  Compromised data continues to plague organizations worldwide, and studies like the 2011 Data Breach Investigations Report can help us all avoid […]

Also posted in Data Breach, Enforcement, File Security, Managed File Transfer, Management, Security, Visibility | Tagged , , , , , , , , , , , | Leave a comment