Information security practice has evolved to be pretty good at granting and managing access to confidential information - by people. But automation is taking over, requiring a shift in how we think about securing our infrastructure and applications.
With the news stories of possible data breaches at enterprises like Target, and the current trend of companies migrating to cloud environments for the flexibility, scalability, agility, and cost-effectiveness they offer, CIOs have been asking hard questions about cloud security.
Dennis Sosnoski explains how supposedly-secure connections can be downgraded to the point where they are easily broken and how even at full strength most forms of encryption are vulnerable to data capture and later decryption if your private keys are exposed. In this article you'll learn some ways of making it more difficult for anyone to see or alter your data exchanges.
This article defines a Data Encryption Infrastructure (DEI) which encompasses technology components and an application architecture that governs the protection of sensitive data within an enterprise. 1