External hackers and insider threats. Customer expectations and government mandates.
Data protection is a complex challenge, and it demands attention at every level of an organization. PKWARE's in-house experts are here to help you stay up to date on best practices, emerging trends, and new resources for enterprise data security.
Every year, more organizations adopt encryption to protect their sensitive data. According to the 2019 Ponemon Institute Global Encryption Trends Study, the percentage of companies with enterprise-wide encryption strategies has tripled in the last 15 years. With regulations like GDPR and the California Consumer Privacy Act providing incentives for companies to encrypt customer data, that trend will likely accelerate in 2020 and beyond.
Organizations considering encryption have many options to choose from, ranging from solutions that protect single hard drives to those that facilitate company-wide protection. One of the most important distinctions to consider is between transparent encryption and persistent encryption.
2020 will be an eventful year in the world of payment card security. PCI DSS compliance declined for the fourth consecutive year in 2019, while data breaches continued to make headlines. With an updated set of requirements on the horizon, organizations with PCI obligations should be taking a close look at their compliance strategies and technology.
A new impact brief from Aite Group provides key insights into the current state of PCI DSS compliance, and takes a look at how automated data redaction can help organizations prepare for PCI 4.0, which is expected to be released in late 2020.
It’s been nearly ten years since Forrester Research first published a paper recommending the "zero trust" model of information security. The time had come, the paper argued, to abandon the idea of an unbreakable network perimeter, and to deal with the reality that intruders will inevitably find their way into protected networks.
In the years since, the zero trust model has changed the way many organizations design and operate their networks. However, in order to live up to its full potential, zero trust architecture must be paired with a corresponding strategy for protecting the thing hackers are really after: sensitive data itself.
Moving to the cloud is supposed to make everything better. Costs go down, efficiency goes up, and collaboration gets easier.
Security is supposed to be easier, too. Cloud providers and managed service providers offer streamlined architecture, up-to-date systems, and economies of scale that let them devote more resources to security than their customers could afford on their own. However, as the massive Cloud Hopper breach has shown, cloud-based security is not a complete answer.
Data security has become synonymous with cloud security. Now that more than 90% of companies have adopted cloud services, and (according to some projections) more than half of all IT workloads are being handled in the cloud, protecting data requires a "cloud first" mentality. The need to exploit cloud capabilities while keeping data safe has security professionals, industry analysts, and even cloud providers trying to answer the same question:
How should data be encrypted in the cloud, and who should hold the keys?
Automotive suppliers must meet TISAX data security standards in order to do business with any major German automobile company. PKWARE helps companies simplify TISAX compliance by providing a wide range of capabilities to address multiple requirements. In our TISAX blog series, we're examining the requirements auto industry suppliers and service providers must meet, and how PKWARE is helping organizations meet those requirements.
Today's topic: event logging.
Automotive suppliers must meet TISAX data security standards in order to do business with any major German automobile company. PKWARE helps companies simplify TISAX compliance by providing a wide range of capabilities to address multiple requirements. In our TISAX blog series, we're examining the requirements auto industry suppliers and service providers must meet, and how PKWARE is helping organizations meet those requirements.
Today's topic: encryption, and how to implement it.
Updated November 2019
In one of the most significant cybersecurity developments of recent years, the California Consumer Privacy Act (CCPA) is bringing the key concepts of Europe’s GDPR onto American shores.