SEARCH RESULTS
 
Showing 1-10 of 60 records
 
Expand article

Data-centric security: How far do you de-perimeter your perimeter?

2007-12-18 14:30:00 by Michael Concordia in Data Protection, Management and Leakage
 
...centric security. While I dont think the tide is completely shifting away from end-point security, such as firewalls, full disk encryption or port control, more people are recognizing that device or perimeter-focused solutions are no longer fully adequate for their purposes. They must be paired with secondary (and tertiary, etc.) defenses ...
 
Tags: data, data-centric security, data-centric models, business, business rules, defenses, hard perimeter defenses, opteron battle, people
 
 
 
 
Expand article

Information Centric Security is dead!

2008-05-22 06:11:00 by Allen Baranov, CISSP in Security Thoughts
 
...Centric Security So, what do I elect to replace this with? Process-centric Security I think that as we get closer to Information Security Nivana (and isn't that what we really want?) we will start to get closer to the point where we look at Business and how it uses Information to do what it does. We define processes, work out what...
 
Tags: information, information security blogger, information centric security, information security nivana, information classification, process-centric security, process, dead, define processes
 
 
 
 
Expand article

RSA and Information-centric security

2008-04-15 13:22:00 by Manu Namboodiri in Data Protection, Management and Leakage
 
...centric security. Check out John Thompson, CEO of Symantec as he expounds on this during the opening key note. Very cool! This aligns a lot with what I also think is the future of security. We cannot have device-centric or perimeter focused security for much longer - data has to be protected at its fundamental level More soon as soon as I...
 
Tags: security, conference, rsa conference, microsoft partner pavilion, lot, key note, fundamental level, john thompson, symantec
 
 
 
 
Expand article

Virtualization and information-centric security

2008-07-21 16:33:00 by Manu Namboodiri in Data Protection, Management and Leakage
 
...centric security paradigm becomes even more important There are no devices to lock down (these will be virtual - appearing and dissapearing as required). Much of the data will be accessed from virtual containers. Therefore, protecting the data itself, regardless of the applications, the devices, the networks will become crucial in this...
 
Tags: security, data, data protection implications, core, security paradigm, core infrastructure strategy, virtual containers, virtual, devices
 
 
 
 
Expand article

Information Centric Security and Virtualization

2008-07-21 19:00:00 by Adrian Lane in Information Centric Security
 
With Information Centric Security, you create a virtual container, wrapper or 'universe' for the data and the business rules. You no longer care if some of the infrastructure has been compromised as you may still be able to keep data secure even if it has been copied or vMotion'ed off to some other place outside your control
 
Tags: information centric security, data, data secure, business rules, virtual container, infrastructure, care, vmotion, wrapper
 
 
 
 
Expand article

Keeping corporate secrets - the data centric security approach

2008-07-28 20:13:00 by Manu Namboodiri in Data Protection, Management and Leakage
 
...centric - "Secure the message as well as the medium" and "Address data at rest, in flight and in use In particular I like this paragraph Even with SSL (Secure Sockets Layer) and VPN, strong passwords, fire walls and a flood of security patches, the medium (the network and the attached servers) should be considered inherently insecure. The...
 
Tags: data, security, address data, gargantuan data breach, security patches, secure, secure sockets layer, data-centric, security technology
 
 
 
 
Expand article

RSA 2008 Keynote: John Thompson

The Article has images
2008-04-09 23:02:00 by jrjones in Jeff Jones Security Blog
...Centric Security: The Next Wave On one hand, this was one of the more interesting sessions of the morning, because John brought up his Research Labs VP, Steve Trilling, who shared lots of interesting security factoids from their research 70% of malware during the latter half of 2007 stole PII Symantec believes we may have reached an...
 
Tags: security, security professionals, security factoids, security product folks, john, john thompson, information centric security, information, thompson
 
 
 
 
Expand article

EIC 2008: Takeaways from Europe's biggest identity event

The Article has images
2008-06-13 08:19:15 by Bill Nagel in Security & Risk Management
...centric identity, SOA, entitlement management, and information risk management all commanded their own tracks. But some unifying themes emerged, chief among them that well-planned and -implemented identity and access management (IAM) is increasingly a must-have if we want to have effective information security, information risk management,...
 
Tags: identity, information, information risk management, user-centric identity, iam, iam implementation, effective information security, implement iam, holistic iam context
 
 
 
 
Expand article

Data security and the "chasm of protection"

2008-06-17 13:25:00 by Manu Namboodiri in Data Protection, Management and Leakage
 
...centric or information-centric security and why this is absolutely the future of data protection Say you are a retailer. You have data in your POS devices, encrypted with the POS application as cards are read in. As this data is required by another application, it has to be first decrypted so this in-store application can read it. It may...
 
Tags: protection, data, data protection, data centers, data element, application, pos application, data-centric, in-store application