Security

Readers of previous posts are aware of my reservations on the current ubiquitous drive to connect absolutely everything (from the frivolous to the useful) to the internet but there is no denying that the trend will continue unabated. This will create security risks that...

Privacy is something that every organization needs to take seriously. When customers and clients trust an organization with their private information, that trust needs to be respected. As with healthcare, the insurance industry needs to adhere to significant regulation.

Nearly a million servers around the world still run the unsecure legacy FTP protocol and are actually configured for ‘anonymous’ access. Not good.

With OpenSSH, you can remote into any operating system from any operating system. This is a wonderful thing!

FIPS 140-2 is a requirements document that sets the minimum strength level for data encryption used in Sensitive But Unclassified (SBU) federal operating environments. But its influence goes far beyond this significant but delimited area.

Network Security has multiple concepts. One such model is the Before-During-After concept, which I will break out into different phases. Specific to incident and problem management in IT, this methodology plays an important role for IT teams.

For the purposes of this post, we are concerned with two relevant options, namely File Transfer Protocol (FTP) and Managed File Transfer (MFT). The second, being managed, obviously offers more features than a standard file transfer solution. But, which solution is best...

Attackers wanting to steal your information online are some of the most creative people alive. It’s amazing how many ways they can come up with to steal your information. One of those ways is through a technique called cross-site scripting or XSS for short.

We’re living in the age of information. In both the world of the enterprise and in our own personal lives, we expect speed first and foremost. The exchange of data between customers, employees, and partners is become a critical component of business operations. Shadow IT...

Nobody likes to be audited. It’s invasive and unpleasant, but being prepared for it can make the process much easier.

If you work in IT for a regulated industry, security is one of your top priorities. Especially when working for the government, healthcare or finance, it is extremely important that products and services adhere to government-approved security requirements to ensure that...

External file transfers of digital assets are risky for everyone—no matter if you’re a healthcare organization, financial institution, insurance company, retail store, manufacturer or in education.

In this episode of Defrag This, we discuss the repercussions the new California Consumer Privacy Act will have on US data privacy laws and how and if it relates to the GDPR.

In your efforts to secure critical business and personal data, don't forget your file transfer and data sharing systems. One often overlooked area that can leave you vulnerable to cyber attack are outdated or under-managed FTP servers.

Open source is cool. But when it comes to FTP client solutions, it may be hip to be square. Here's why proprietary software might be best for your company.

CIOs, CISOs, data protection officers and compliance managers who work for businesses that interact with citizens in the European Union (EU) now need to be on-guard. The countdown for the General Data Protection Regulation (GDPR), which went into effect May 25, is over.

So you decided that they want to pursue a career in information security. Of course, the first thought may be to go to school or study to pass certification exams such as Security+, CISSP, or CEH. However, there is an increasing argument that you can’t just walk right...

Healthcare companies in the US have had to protect sensitive personal data for a long time to satisfy HIPAA compliance rules. But are healthcare companies on the hook in light of the GDPR?

In the previous articles, we focused on MOVEit Automation's REST API, but it’s now time to focus on MOVEit Transfer.

The personal data of 380,000 customers of Hong Kong Broadband Network (HKBN), has been hacked, according to a statement from the company.