Cloud Security – Protecting data at rest and in transit – Information Risk Management for the Cloud

By Sudhindra Kumar, Principal Software Engineer at NextLabs

In my previous blog, we discussed about Data Governance Policies and Regulatory Compliance.

In this post, we’ll see some of the options available to protect data at rest and in transit. A few years ago, protecting data in transit was considered more important than protecting data at rest. However, with the proliferation of Internet and cloud technologies, and the subsequent issues related to data breaches have put the spotlight on protecting data at rest as well. Let us take a look at different solutions for protecting data at rest and in transit: more “Cloud Security – Protecting data at rest and in transit – Information Risk Management for the Cloud”

Attributes is the new role?

By Sandeep Chopra.

“Attributes” is the new Role?

In the last Gartner Identity and Access Summit in Nov 2013, Gregg Kreizmann, Research VP in Gartner, made a prediction that by 2020, 70% of all businesses will use attribute-based access control (ABAC) as the dominant mechanism to protect critical assets, up from <5% today.

In Oct 2013, NIST published their report titled “Guide to Attribute-based Access Control Definition and Consideration”, which we discussed in an earlier blog. This is recognition that organizations, including the federal government, need to govern how information is shared across systems, applications, and organizations. more “Attributes is the new role?”

What the Snowden affair taught us…the Super User problem

By Anand Kotti

With use of computer networks and information systems comes security risks. The risks range from unauthorized access, to lost, stolen and cyber-attack on sensitive data. In the recent past, there has been an increase in security breach by insiders, threatening to leak the information confidential to US federal authorities, which caught us completely off guard. more “What the Snowden affair taught us…the Super User problem”

Export Control in the News: AeroFlex’s ITAR Settlement and Standards for Export Compliance

The latest A&D news: Aeroflex’s $8 million dollar settlement with the U.S. Department of State for violations of the Arms Export Control Act (AECA) and the International Traffic in Arms Regulations (ITAR).

The State Department reported it conducted an “extensive compliance review” and discovered “inadequate corporate oversight and a systemic and corporate-wide failure” which resulted in unauthorized exports and re-exports of electronics, microelectronics and related technical data that are subject to ITAR. more “Export Control in the News: AeroFlex’s ITAR Settlement and Standards for Export Compliance”

The Politics of Export Control Reform: Why Less Licensing = More Complexity

by Gary Stanley

Just as with past export control reform efforts in the Clinton and Bush II years, the Obama Administration started with the best of intentions to make U.S. export and re-export control rules more straightforward and less burdensome.  Without dispute, it has pushed through broader changes than any of its predecessors.

Like its predecessors’ changes, however, the Obama Administration’s may have reduced the licensing burden, but at the expense of making U.S. export and re-export controls more difficult to understand and administer.  The reason lies in the politics of U.S. export controls. more “The Politics of Export Control Reform: Why Less Licensing = More Complexity”