Every time I see the phrase “reduce your risk by X%,” I break out in hives. I agree that it is critical to think about risk (which to me is really about economic loss), but everyone has a different definition of risk. And to say anyone can reduce risk by a certain percentage triggers my bullcrap filter.
With the two girls at sleepaway camp, the Boss and I weren’t sure how the Boy would handle it. After all, he’s pretty much always surrounded by someone. Having a twin sister will do that to you. If he’s not at school, with his buddies, or doing an activity, he’s usually playing with one of his sisters. In fact, we think his ability to tune out almost everything directly correlates to always being around people.
Securing Personal Health Records (PHR) for healthcare providers is supposed to be the next frontier for many security technologies. Security vendors market solutions for Protected Health Information (PHI) because HIPAA and HITECH impose data security and privacy requirements. Should a healthcare provider fail in their custodial duty to protect patient data, they face penalties – theoretically at least – so they are motivated to secure the data that fuels their business. Tokenization is one of…
Every company I have worked for has had some degree of friction between sales and marketing teams. While their organizational charters are to support one another, sales always has some disagreement about how products are positioned, the quality of competitive intelligence, the quality of leads, and the lack of
A few weeks ago I posted on different methods for encrypting IaaS volumes, which tends to be one of the top questions I get about data security in the cloud. Also high on that list is encrypting (or tokenizing) for SaaS and (some) PaaS. I call this the “Salesforce.com Problem”, because more often than not I’m talking to someone on the larger side, specifically about Salesforce.com.
In my last post I discussed how tokenization is being deployed to solve payment data security issues. It is a niche technology used almost exclusively to solve a single problem: protecting credit card data. As a technology, data tokenization has yet to cross the chasm, but our research indicates it is being used to protect personal information. In this post I will talk about using tokens to protect PII – Social Security numbers, driver’s license numbers, and other sensitive personal information.…
I have to admit that some days I have no idea what will resonate with readers. For example, my latest column over at Dark Reading seems to be generating a lot more interest than I expected.
The US is playing ‘catchup’ in contactless security. The US lags in smart identity card technology adoption. We lag in payment card security. It’s frustrating for Americans to travel in Europe. We have rudimentary ePassport technology, and it has been almost a decade since the first draft of the HSPD-12 PIV standards. We’re behind. We are laggards.
As while back, I spent some time categorizing tactics vendors use to create Fear, Uncertainty, and Doubt (FUD) as a buying catalyst for their products. We followed up with a survey trying to understand what kinds of security marketing content is useful at different stages of the sales cycle.
As mentioned last week, our girls are off at sleepaway camp. They seem to be having a great time, but you can’t really know. Obviously if there was a serious issue, the camp would call us. Since we dealt with the nit-uation, we have heard from the guidance counselor that XX2 is doing great, and from the administrator that XX2 needs more stationary. Evidently she is a prolific writer, although our daily mailbox vigil has yielded nothing thus far. We’ll save a spot for her at Securosis, since by…