Data Security

XPrivacy- Dealing with Data Leakage in Android Apps

XPrivacy- Dealing with Data Leakage in Android Apps

There has been a significant increase in the number of Android users across the globe in the recent years. And all the end users depend on Google’s Play Store for installation of applications. Google’s Play Store is considered to be a trusted repository of applications, because Google verifies the app’s content, author etc. certifies it to be safe and then hosts it on the Play Store.

Virtual private network - A deep insight

What is a virtual private network

There are many potential threats to a Network, specifically when exposed over Internet. Often times these threats are perceived as external, whereby some outside entity (i.e. a hacker or cracker) attempts to break-in to a network to steal data or read confidential information with an organization’s business operations. While these external entities pose a significant threat to network security, more frequently internal entities pose a far greater threat and typically are not addressed by network security defence mechanisms.

 

To explore the full article, please open the attached pdf

                                                                                                                                                         Authored by - Megha Goyal
TCS Enterprise Security and Risk Management

Tackling the Data Security of Ever-Growing Data Footprint

Tackling the Data Security of Ever-Growing Data Footprint

Business Problem

Organizations are generating the heaps of data every day in the form of structured, semi-structured and unstructured format and storing it on the platforms like Big Data and Cloud based storage apart from the conventional on-premise data storages like Relational Databases and File Servers. As per the published statistics, 80 % of this data is in unstructured format with limited capability of searching, querying and analysis. Typical examples of such data includes word files, emails, PDFs, spreadsheets, presentations, audio files and images.

These format of documents are spread across the various storages system within and outside organization including document management system, end user systems, email servers and external storage. Such distinct formats making it difficult for organizations to keep a track of this data and enforce consistent data protection control across these data sets.

Need a focus change : From infrastructure centric to data centric protection

Need a focus change : From infrastructure centric to data centric protection

Business Problem

In today’s world of ever diminishing IT perimeters, trends like increased adoption of cloud based services, shadow IT setups created by businesses to meet product GTM pressures, and increasing reliance on partners to deliver critical services is making the traditional model of infrastructure centric security inadequate and less relevant. Pace of information creation is also accelerating where Organization is generating the heaps of data in various formats (structured, semi-structured and unstructured) as it is becoming information centric and traversing towards digital.

As a result of this blurred perimeters and digital journey, organization data is changing the hands between the internal and external entities and often finds itself residing in new/unknown repositories. The data life cycle of ‘creation, update, transfer, retain, archive, delete’ is getting extended outside the organization and making it difficult to track the data existence.

Data Privacy Vs Data Protection

The Terms Data privacy and Data security are close cousins and often used as synonyms, in reality they can have very different meanings depending on the country laws, jurisdiction and Firms or Market Sector.
 
Maintaining the Data Security Policy is Critical to ensure the Data Privacy, Particularly for the Public and Private Institutions who involves more with Privacy Data handling.An Effective Data Security Policy should be in place to ensure the Personal Information is protected.
 
Data Protection focusses on ways to protect the Personal data from Malicious Attacks and Unauthorized disclosure.
 
A Privacy Breach will be a huge defacement for a Business Firms or Market Sector, and also the business may face class action suits, Financial Loss, Reputational Defacement, Business Credibility and Lack of Trust.
 
Data Security

Infosec 2016 technical roadmap - Make a choice ÔÇô Based on your business constraints and technological realities !!!

Infosec 2016 technical roadmap - Make a choice ÔÇô Based on your business constraints and technological realities

When we go for security solution design, it is important that we understand the business problem, need or opportunity. Our approach and methodologies should be based on that. Also we need to optimize architecture across customer needs, business constraints, and technological realities. For that we need to follow the industry trends and standards, both from a business and technical standpoint.

As a Security team, we need to closely watch the technology developments to ensure that our organization is effectively positioned to respond to any of the security threats. We need to develop technical roadmaps for future implementations across the enterprise to ensure the soundness of the solution. We also need to maintain a forward looking perspective on emerging technology developments and their relevance to both business and technology strategies.

Are security and privacy one and the same?

security and privacy

We are faced with this question many times, so what are the similarities and differences between security and privacy let’s start by looking at their definition.
Privacy is an individual’s right to safeguard his or her information shared with third party from un-acceptable disclosure other than the reasons for which the information is shared with third party. Many countries have enacted laws to ensure data privacy. Examples of data covered under privacy include health records, credit card data, and financial data.
Security is protection of information to prevent it from, unauthorized access which may lead to information loss (leakage, deletion) resulting financial loss, reputation or legal litigations. Security is to ensure confidentiality, integrity and availability of any type of data which may include personal data.

PC for sale? DonÔÇÖt leave a trail !

PC for sale? DonÔÇÖt leave a trail!

Ever since World Wide Web dropped into our lives in 1991, rapid growth has taken place in the personal, professional, and CRIMINAL use of computers/digital devices. Considering our current society, interaction with electronic devices is inevitable. Most of us interact with them hundreds or may be thousands, of times a day. And most of these devices are “smart” enough to retain information about who you are, and where you were, when you interacted. In essence, the article will discuss about ‘footprints’ that these smart devices leave.

Pages

Subscribe to RSS - Data Security