Entries by digitalpathway

Secure Email

Why Secure Email Sending traditional email has the confidentiality of a postcard. The ICO (www.ico.org.uk) talk heavily about email encryption and why it should be used. We know from experience that many organisations send a lot of sensitive information about staff, contracts, mergers and IP information via email. Often this email is sent from online […]

Smart and Removable Disk Encryption

Why worry about Smart and Removable Device Encryption There are many advantages to using removable media, chief among which is the quick and convenient means by which users can copy, transfer and backup data. This same ease of use is part of the problem, however, as malware is able to easily replicate and distribute themselves […]

Cloud Encryption

What is Cloud Encryption Compliance requirements and the penalties associated with them remain perhaps the single greatest set of drivers towards the adoption of cloud security technology. This includes the requirements for Data Privacy, the European Community General Data Protection Regulation 2016/679 (GDPR), other requirements which flow from compliance such as data residency. Compliance is […]

Database Encryption

What is Database Encryption Security auditors look for airtight security systems that prevent exploitation of vulnerabilities by adhering to a system of checks and balances to prevent the bypass of security controls. Implementation of strict security principles and adherence to organisational security policy may require that the Data Base Administrator (DBA) is prevented from accessing […]

Tokenization

What is Tokenization Tokenization makes it easy to use format-preserving tokenization to protect sensitive fields in databases. The solution features a Token Server, which is a virtual appliance for tokenizing records and managing access to tokens and clear-text data. With our Token Server, applications use REST APIs applied to the application being used to send […]

Pseudonymisation

What is Pseudonymisation Pseudonymisation is generally associated with the European Union’s General Data Protection Regulation (GDPR), which calls for pseudonymisation to protect personally identifiable information and is the only technology specifically mentioned within the Act under “Article 4, Definitions”: ‘Pseudonymisation’ means the processing of personal data in such a manner that the personal data can […]

Data at Rest Encryption

What is Data at Rest Encryption Data at rest encryption is a term used for the application of encryption technology to data that sits within databases, file systems and other storage devices. It specifically does not deal with data in transit. How to use Data at Rest Encryption Transparent Data Encryption (TDE) is one of […]

Key Management

How to handle Encryption Keys Applying encryption to secure data is a strong way to protect it. However, without strong key management, the control can be ineffective. The concept of key management covers the secure storage, generation, rotation and deletion of the encryption keys. Key management can be a local activity relating to the specific […]

Application Encryption

What is Application Level Encryption Application level encryption takes a different approach than the more commonly adopted data at rest encryption. Application encryption occurs within the designated application and as such, often requires more preparatory work before being able to be deployed. This means that data is encrypted before it reaches the database. Application encryption […]

Folder and File Encryption

What is Folder and File Encryption Folder and file encryption is applied only to individual files or folders, also referred to as containers. The benefit of using this method of encryption is that only those files deemed as sensitive and requiring extra protection are encrypted. This means that the resource overhead is minimised. How is […]