Security

Data Security Topic Center

What you need to know about data security and protecting sensitive information

Outsourcing Allows Utility to Refocus IT

Consumers Energy has hired an outsourcer to take over some of its IT operations. The utility hopes the move will allow its own data center workers to focus on projects that directly impact the bottom line.
Read more...

UNC Charlotte: 350,000 SSNs exposed in decade-long breach

Two issues exposed financial data and Social Security numbers for 350,000 people, although it is thought the information has not been abused, the University of North Carolina at Charlotte said.

Microsoft boots Chinese firm for leaking Windows exploit

Microsoft identified a Chinese security partner as the source of a leak last March in its highly restricted vulnerability information-sharing program.

One in 10 secondhand hard drives in U.K. contain personal data

Britain's Information Commissioner's Office has discovered that more than one in every 10 secondhand hard drives contains recoverable personal information of the original owner.

StubHub scalps fraudsters

Whenever a list of log-on credentials is dumped onto the Web, retailers get hit with waves of automated attacks. Here's how ticket marketplace StubHub fights the threat. Insider (registration required)

Nissan, Under Armor report breaches of employee information

Nissan Motor Co. and apparel maker Under Armor have disclosed recent data breaches involving the potential compromise of employee information.

Most IT, security pros see Anonymous as serious threat

The majority of IT and security professionals believe that Anonymous and hacktivists are among the groups that are most likely to attack their organizations during the next six months, according to the results of a survey sponsored by security vendor Bit9.

Workers did not exceed authorization when data stolen, says appeals court

In a somewhat startling decision, the U.S. Court of Appeals for the Ninth Circuit last week ruled that several employees at an executive recruitment firm did not exceed their authorized access to their company's database when they logged into the system and stole confidential data from it.

Mind the Byte seeks secure clouds to transmit research

Pharmaceutical and chemical research firm Mind the Byte is using vCider, which aims to take the sting out of managing and securing virtual private clouds across different infrastructure providers. Insider (registration required)

Weak passwords still the downfall of enterprise security

A recent data breach that exposed the Social Security numbers of more than 255,000 people in Utah has once again highlighted the longstanding but often underestimated risks posed to organizations by weak and default passwords.

Is Your Cloud Provider Exposing Remnants of Your Data?

Security researchers report that incorrectly configured hypervisors can lead to a separation of data issue in multi-tenant environments that can expose data remnants. However, you can prevent hosting your data on 'dirty disks.'

Red Sky Alliance: An experiment in information sharing

Chris Camacho, information security officer at The World Bank Group in Washington D.C., explains how the Red Sky alliance helps member organizations safely share information.

Master MySQL in the Amazon cloud

Amazon Web Services offer new challenges and flexibility for database admins -- here's how to avoid the pitfalls and tune for performance

Embedded data, not breasts, brought down hacker

FBI tracks down Higinio Ochoa using geo-tagged photos

Who's Got Your Mail?

When a chance discovery reveals that anyone in the company can access one executive's email, the brainstorming begins.

How to Implement Next-Generation Storage Infrastructure for Big Data

Managing the petabyte-scale and larger data stores that are a fact of life with Big Data is a different beast than managing traditional large-scale data infrastructures. Online photo site Shutterfly--which manages more than 30 petabytes of data--shares its strategy for taming the storage beast.

How to tell if you're caught in the giant Global Payments credit card fraud

Fallout from the Global Payments fiasco that could affect potentially millions of credit cardholders continues. First, Visa over the weekend dropped the Atlanta-based credit card processor from its ranks as a partner "compliant" in accepted industry data security standards.

How to get a hot job in big data

The big data revolution is creating a new breed of business-IT jobs -- and threatening to destabilize dyed-in-the-wool IT careers

APT in action: The Heartland breach

Heartland Payment Systems CTO Kris Herrin talks about the attack that changed his views on data security

A clear-eyed look at APT

Setting aside the hype, advanced persistent threats do present CISOs with a few to-dos