Corporate Information Security News

CSO Information Security Journal

Subscribe to CSO Information Security Journal: eMailAlertsEmail Alerts newslettersWeekly Newsletters
Get CSO Information Security Journal: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn

Top Stories

Jersey City, NJ, September 10, 2009 - At no extra charge, enterprise IT managers can now deploy Comodo Disk Encryption with Comodo's Endpoint Security Manager, a centralized administration console for business networks. 12,000 laptops are lost or stolen in US airports every week, according to a study by the Ponemon Institute. Many of them belong to corporate travelers, whose IT professionals are left to worry that the lost information they contained might be misused. If the organization had deployed disk encryption, they might have spared themselves hours of agony and financial penalties. Root encryption, and whole- or partial-disk encryption settings allow IT managers to protect stored information. With Comodo Endpoint Security Manager, every computer in the company can now be encrypted and protected. Encryption uses a mathematical algorithm to change computer files i... (more)

Public-Key Encryption

How secure are your applications? Public-Key encryption may be the solution when security really matters. If you have developed an application that requires user authentication, you have undoubtedly wrestled with varying levels of security. At a basic level, most security models revolve around membership, authentication, and authorization functions. Secure socket layers (SSL) is a popular method for securing the transmission of data between Web server and client. ColdFusion MX and ColdFusion 6.1 have very good integration with Java's Secure Socket Extensions Library, which is ca... (more)

The Security Challenge

This article focuses on the value of Web services security. It is important to understand what Web services are and their challenges, particularly related to security. Traditionally, companies have relied on conventional, transport-level security but this approach has its limitations. The market now offers complementary XML-based solutions designed to secure documents used in Web services requests and responses. We will explore these solutions and outline "typical case scenarios" to provide a comprehensive landscape on the current offering of Web services security solutions. Web... (more)

Enterprise Messaging Security

JMS-based enterprise messaging has emerged as the ideal backbone for mission-critical and business-sensitive data across the extended enterprise. As the need for more robust security measures arises, SSL is frequently used to secure messaging communications. But is this using a sledgehammer to crack a nut? System architects have choices when considering techniques that strike the right balance between performance and security. One of the main concerns of any middleware security solution is encryption. This article discusses different encryption technologies that are used to secure... (more)

dataguise Expands Sensitive Data Discovery and Masking for Enterprises

dataguise (, an innovator of security solutions for protecting sensitive data across the enterprise, today announced the next generation of the company's popular dataguise security solution - dgdiscoverTM 3.0 and dgmaskerTM 3.0. Version 3.0 is the industry's first integrated solution for comprehensive sensitive data discovery and masking. It is designed to find structured database repositories across the network, search and discover sensitive data in structured databases, and then mask or de-identify to protect sensitive data. With dataguise, organizatio... (more)

CSOs: Are You a Groundhog or a Giraffe?

Through a great deal of research on enterprise cloud adoption and security, I've learned something telling. As you would expect, CISOs' opinions about cloud strategy are quite varied. While many folks recognize their company's use of SaaS for HR, sales, communication, and other applications, they are fairly divided about the use of Infrastructure as a Service (IaaS) and how secure these environments are in keeping company data safeguarded. After many talks with these technology leaders, I've determined that each fall into three distinct categories. The "Server Huggers" The firs... (more)