Becrypt signs new SME partnership with Atos UK » London, UK:  Becrypt has entered into a partnership with Atos UK as part of the Atos SME Harbour pro... itSoft extends its security-as-a-service offerin... » Clavister has announced that itSoft, a leading ISP and cloud managed services provider in Croatia, h... AppRiver quarantines 200 million malicious emails ... » Gulf Breeze, FL and London, UK: AppRiver, LLC has released its Q1 Global Security Report, a detailed... DDoS attacks pose biggest threat yet to European... » LONDON, UK: Neustar, Inc has announced findings from its third annual DDoS Attacks & Impact Report. ... SearchYourCloud announces enhanced search and se... » SearchYourCloud: has announced a relationship with Pivotal, the software company at the intersection... EnterpriseDB’s new Postgres Cloud Database expan... » Bedford, MA:  EnterpriseDB (EDB) has announced expanded data encryption for its Postgres Plus Cloud ... Cubic to exhibit Next-Generation Virtual Training ... » SAN DIEGO, Calif.: Cubic Global Defense will demonstrate a range of innovative technologies and solu... Adapt and Alert Logic partner to bring SaaS soluti... » Adapt and Alert Logic have joined forces to bring Adapt customers a suite of advanced managed securi... Cryptzone is a 2015 top company to watch in the Cy... » Boston, MA: With cybercrime on the rise and costing organizations billions of dollars annually, it’s... Dimension Data launches new assessment to help org... » Fleet, Hants, UK:  Dimension Data has announced a new assessment offering that helps organisations a...

CLICK HERE TO

Advertise with Vigilance

Got News?

Got news for Vigilance?

Have you got news/articles for us? We welcome news stories and articles from security experts, intelligence analysts, industry players, security correspondents in the main stream media and our numerous readers across the globe.

READ MORE

Subscribe to Vigilance Weekly

Information Security Header

“The takeout for me is that this saga highlights the critical need to obfuscate or de-identify the sensitive information in your organisation, wherever it is stored and however it is used across your company” -- Dave Anderson, Voltage Security

 

Commenting on the Internal Revenue Service’s accidental exposure of thousands of Social Security numbers on the Internet – which were spotted by a California-based archivist – Voltage Security says this highlights the need for encryption and tokenisation of any sensitive data to protect any organisation against the negative impact of data exposure.

The problem with modern IT systems, says Dave Anderson, a senior director with the data-centric security specialist, is that data can be replicated, shared and moved across multiple systems – quite literally - at the touch of a button. This requires data to be protected across its entire lifecycle, not only when it is stored away.

And with cross-platform systems and topologies making it difficult to know whether an IT resource is local, remote or cloud/outsourced, controlling data held in the clear has become an almost impossible task, he adds.

“This breach further highlights the issues around effective data security, and re-iterates the need to implement robust encryption, tokenisation and data masking controls on the data itself in order to provide comprehensive protection. This is the only way to protect sensitive information as it moves throughout an extended enterprise,” he said.

“The takeout for me, however, is that this saga highlights the need to obfuscate or de-identify the sensitive information in your organisation, wherever it is stored and however it is used and moved. The problem with multi-dimensional data – especially spreadsheet or SQL database files – is that it is very difficult to understand which elements contain private data. For this reason, encryption and tokenisation of all data becomes a driving imperative,” he added.