Latest Data management and data security News

Ounce Labs Founder and CTO Jack Danahy To Present at RSA Conference 2008
posted on 31/03/2008

Jack Danahy, founder and CTO for Ounce Labs, the industry leader in software risk analysis, will present a session titled ‘Beyond the Coding Errors: The Complete View of Software Security’ at the RSA Conference 2008 next week. Jack Danahy is founder and chief technology officer of Ounce Labs as well as one of the industry’s advocates for software security assurance. Mr. Danahy will present on Tuesday, April 8th at 5:40 p.m. PT in Red Room 309 While security professionals and vendors typically focus on vulnerabilities caused by coding errors, they often overlook improper implementation of critical design elements that may cause even greater risk of exposure. This session will offer a checklist of baseline security and design policies as well as a step-by-step look at how to assess software security before it is deployed. The conference is being held on April 7-11 at the Moscone Center in San Francisco, CA. ... [more]

Protect from identity fraud with a professional information destruction company
posted on 28/03/2008

As businesses look to clear out confidential records at the end of the financial year, the British Security Industry Association is advising businesses to protect themselves and their customers from identity fraud by using a professional information destruction company. The BSIA has produced a Security Waste Audit that will help businesses assess whether their confidential waste is being disposed of securely. By making sure that you have stringent confidential waste disposal procedures in place, you will protect not only your business, but also your customers and suppliers from the risk of identity fraud. All BSIA information destruction section members must hold ISO 9001:2000 accreditation and will be inspected to BS 8470, the British Standard for the destruction of confidential material. “During the lead up to the start of a new financial year, businesses are clearing out old files which often contain confidential and sensitive information,” says Anthony Pearlgood, BSIA Informati... [more]

Comodo secures the Obama'08 website and encrypts sensitive data
posted on 27/03/2008

The Obama'08 campaign has selected Comodo to secure the Obama'08 website with Comodo SSL certificates. The Obama'08 site has deployed Comodo InstantSSL certificates to provide online contributors reassurance that their information is encrypted and secure. The Comodo seal on the site provides additional visual confirmation to online visitors that the site can be trusted. The need for increased vigilance in site security for government agencies, not for profit organizations and political campaigns is acute because fraudsters pretending to be these types of organizations have been steadily and alarmingly increasing since 2006. A new report entitled, "Online Financial Fraud and Identity Theft Report," discloses that in 2007, over 900 new brands were first time targets of phishing attacks. This is over a 100 percent increase in new phishing targets compared to 2005 and 2006 combined. Criminals often focused their attacks on specific sites that have high traffic spikes, such as the IRS dur... [more]

Top Tips to Mobile Data Security
posted on 19/03/2008

Every day sees another headline that illustrates how data protection has been ignored resulting in vital data that has been exposed or lost. Yet it is common knowledge that enterprises have a vested interest, and a legal obligation to effectively protect data. Companies must understand, and account, for any mishaps and by merely adopting a security policy alone will only provide a false sense of data protection and potentially lead to the cost, embarrassment and humiliation of notifying customers, shareholders and competitors when data does go missing. When you think of data security, it would be wrong to think of it as a static problem. Today’s working lifestyle typically means data is mobile and carried across a multitude of devices including desktop PCs, laptops, notebooks, smartphones, PDAs, USB drives and CDs, and not just those meant to carry data - essentially any kind of endpoint computing device such as iPods, MP3 players and even digital cameras. A better way to view data ... [more]

Harvard University hack could have been avoided
posted on 17/03/2008

In February, hacker have attacked Harvard University servers, accessed the personal information of more than 10,000 graduate students and applicants to the Graduate School of Arts and Sciences and posted part of this confidential information on the Web. Cyber-Ark commented that the Harvard University hack could have been avoided if the university had protected its student data. "The systems hack, which resulted in details of more than 10,000 graduate students and applicants being viewed by the hackers, is notable as the university is reputed to have some of the best security systems installed on an educational computer system in North America," said Calum Macleod, Cyber-Ark's European director. "It seems that the hackers are hell-bent on embarrassing the university as, following their attack last month, they posted part of the information they downloaded on the students and applications to the Internet," he added. According to Macleod, since the student and application's informatio... [more]

Other Security news and resources