Security Insider - Podcast Edition

By many, encryption is considered the hardest part of data security, and key management the hardest part of encryption. As such, it is far too common to see businesses not properly storing their encryption keys - for example, keeping them in a database in the clear or even burned into their application’s code. This podcast discusses the latest trends and perspectives around encryption key management and how to better protect your data. Download this podcast to learn about: The current state of encryption key management Databases/applications that natively support encryption key management Meeting evolving compliance requirements

Running VMware in IBM Cloud provides businesses a way to consolidate legacy infrastructures onto an automated and centrally managed, software-defined data center - and quickly address current resource constraints by deploying workloads. One of the things they are doing differently is providing enhanced security with bare metal servers in a hosted private cloud with provider-managed encryption of data at rest. Download this podcast to learn about: Securing data in IBM Cloud for VMware The benefits of running VMware in the Cloud Encryption key management

Like Microsoft SQL Server Enterprise Edition users, Microsoft SQL Server 2019 Standard Edition users can now easily meet compliance (PCI DSS, GDPR, CCPA, etc.) and protect private data like customer PII and intellectual property without modifying existing applications or the database. By using the database’s Transparent Data Encryption (TDE), coupled with an encryption key manager, organizations can protect their private data at a lower cost. Download this podcast to learn about: Encryption and key management in SQL Server 2019 Deploying Transparent Data Encryption (TDE) along with Extensible Key Management (EKM) Encryption key management in the cloud

MySQL is the world’s most popular open-source database and consequently stores enormous amounts of sensitive data. MySQL Enterprise Edition includes standards based encryption, along with KMIP support for key management. With the combination of these two, MySQL users can be confident that they are protecting their private data against a breach and meeting compliance requirements and security best practices. Download this podcast to learn about: Leveraging MySQL Enterprise encryption to protect PII and IP Other ways that businesses can better secure their private data - including IP and customer information

As the world of edge computing becomes more distributed, billions of connected devices live on the edge, which need to be secured, managed and automated. For many businesses, this means deploying a VMware and cloud infrastructure and using VMware vSphere, for example, to encrypt private information. While it is easy enough to encrypt data on the edge, key management has proven to be somewhat of a challenge. Download this podcast to learn about: What is special about edge computing Security considerations with edge computing Compliance considerations with edge computing

The California Consumer Privacy Act (CCPA) is a big deal. Almost no one is ready for it, so you are not alone if you are just getting familiar with the CCPA requirements. While similar to GDPR, CCPA is quite broad and extends into areas not covered under GDPR and other regulations. Join Patrick Townsend, Founder and CEO of Townsend Security, as he discusses the California Consumer Privacy Act (CCPA), which organizations are required to meet the law, rights granted to consumers, and what information it covers. Download this podcast to learn about: Which organizations are required to meet CCPA What companies can do to better protect customer information Data that needs protected under CCPA

With the introduction of vSphere encryption in 6.5 and vSAN 6.6, it has become much easier - and cost-effective - for businesses to encrypt private data. By deploying encryption to protect sensitive workloads in VMware, using the advanced cryptographic permissions in vCenter Server organizations can protect their sensitive information in their internal applications or databases that don’t natively support transparent encryption. Join Patrick Townsend, Founder and CEO of Townsend Security, as he talks about how to protect data in VMware’s vSphere and vSAN with encryption and key management. Download this podcast to learn about: Encrypting applications and databases that don't natively support encryption Encryption performance KMIP and encryption key management

Over the last several years, encryption key management has attained “essential infrastructure” status. When done properly, key management can protect encrypted data - and in the event of a data breach, can even provide a company with an exemption for a breach notification. Download this podcast to learn about: What enterprises should look for in an encryption key manager The importance of standards (FIPS 140-2, PCI DSS validation, etc.) Meeting data security compliance (PCI DSS, GDPR, HIPAA, etc.) requirements with encryption key management KMS (Key Management Server) vs. KMS (Key Management Service)

VMware virtualization has been a game-changing technology for IT, providing efficiencies and capabilities that have previously been impossible for organizations constrained within a traditional IT data center world. With vSphere version 6.5 and vSAN version 6.6 VMware customers now have the ability to encrypt VMware managed virtual machines and virtual disk. Join Patrick Townsend, Founder and CEO of Townsend Security, as he talks about how to protect data in VMware with encryption and key management. Download this podcast to learn about: vSphere and vSAN encryption Deploying multiple, redundant key servers as a part of the KMS Cluster configuration Meeting compliance regulations and security best practices (PCI DSS, GDPR, etc.)

The European General Data Protection Regulation (GDPR) is radically transforming the information technology space. Organizations of all sizes and types, and cloud service providers large and small, must adjust to the notion that people now fully own information about themselves. Join Patrick Townsend, Founder and CEO of Townsend Security, as he talks about how to use encryption and key management to help meet GDPR, the right of erasure, also known as the right to be forgotten, and how to avoid bad key management practices which will result in GDPR compliance failures. Download this podcast to learn about: Data security requirements of GDPR Right of erasure (also known as "the right to be forgotten") Meeting GDPR with encryption and key management The importance of standards and best practices

PCI DSS requiress two factor authentication (also known as multifactor authentication) - something you know and something you have. For IBM i users, this usually means a password and an authentication code provided to a token or mobile device. However, tokens are expensive and are frequently lost - and SMS messages to mobile devices have become a deprecated method. Join Patrick Townsend, Founder and CEO of Townsend Security, as he discusses the PCI recommendations, how to meet 2FA compliance requirements with a mobile based solution, and how Townsend Security is helping IBM i users meet the latest two factor authentication compliance requirements. Download this podcast to learn about: PCI DSS and NIST requirements for two factor authentication Protecting critical data on the IBM i with two factor authentication Mobile based authentication with Twilio's Authy Introduction to Alliance Two Factor Authentication

It is difficult to say big data without instantly thinking about MongoDB. As enterprises adopt MongoDB, they also bring security concerns with them. Depending on their business, they may have multiple government (HIPAA, GDPR, FFIEC, etc.) or business (PCI DSS, etc) security regulatory standards with which they need to comply. Join Patrick Townsend, Founder and CEO of Townsend Security, as he talks about leveraging the WiredTiger storage engine, achieving a strong security posture with key management, and how to easily begin encrypting data in MongoDB Enterprise. Download this podcast to learn about: Encryption using the WiredTiger storage engine - no need to buy 3rd party encryption! Easily generate a master encryption key and begin encrypting database keys using native command line operations Meeting compliance requirements (PCI DSS, HIPAA, GDPR, etc.) The importance of KMIP

While the IBM i (AS/400) is considered by many to be a secure platform, it is not immune to data breaches. For this special podcast, Clayton Weise of KeyInfo joins us to discuss running the IBM i in the cloud, maintaining a strong security posture, and common questions about cloud/on-prem hybrid networks. Download this podcast to learn about: IBM i, security, and why customers are moving to the cloud Improving IBM i security posture by moving to cloud Meeting compliance requirements in the cloud Future proofing your IBM i platform

Cyber criminals attempt to escalate their level of privilege by stealing and using administrative credentials. Because IBM i servers are accessed from user PCs across internal and external networks, credential stealing from these exposed PCs and networks is the preferred mechanism for compromising an IBM i server. Download this podcast to learn about: Identifying escalated privilege attacks on the IBM i Determining the true level of authority of a user profile Controlling and monitoring administrative level users Setting email alerts to include critical job and security information

The financial world is rapidly changing. Innovations in technology are impacting payments, lending, insurance, and even compliance. With huge amounts of private data being dealt with on a daily basis, data security is a top concern - and the best way to protect it is with encryption. Download this podcast to learn about: Encryption and key management Meeting the various compliance requirements Fintech in cloud environments Advice on selecting and evaluating a fintech vendor

The finance industry is increasingly being held accountable for the security, confidentiality and integrity of non-public customer information. By protecting nonpublic personal information (NPI) and personally identifiable information (PII), businesses in the banking and financial services industry can protect private information including: customer financial records, social security number, income, and account numbers. Organizations that experience a data breach where un-encrypted data is lost can suffer fines reaching into the millions of dollars, as well as face indirect costs like brand damage and customer loss. Download this podcast to learn about: Meeting data security compliance requirements (GLBA, FFIEC, PCI DSS, etc.) Examples of NPI and PII that need to be encrypted Encryption and key management How to take advantage of the GLBA’s “safe harbor” protection for privacy notices

As Covered Entities take electronic Protected Health Information (ePHI) move to the cloud, they need to understand the important role of having a Business Associate Agreement (BAA) in place and how to ensure that they are meeting HIPAA compliance when ePHI is outside of their walls. Download this podcast to learn about: What is considered electronic Protected Health Information (ePHI) The role of Business Associates (BA) as defined by the Department of Health and Human Services Storing ePHI in the Cloud and meeting HIPAA compliance Key takeaways that vendors can implement today for improved security

Active monitoring (sometimes referred to as Continuous Monitoring) is one of the most effective security controls that an organization can deploy - and can often detect a data breach before any information is lost. As the IBM i continues to evolve, so do sources of security logs. With logs being created from so many different sources, it is important to collect and monitor them in real-time to detect security events. Download this podcast to learn about: Current status of security logging on the IBM i The future of log collection and monitoring New logging sources in IBM i V7R3 Elements of an effective active monitoring strategy

Active monitoring (sometimes referred to as Continuous Monitoring) is a critical security control for all organizations and is one of the most effective security controls you can deploy. The large majority of security breaches occur on systems that have been compromised days, weeks, or even months before sensitive data is lost. With the release of V7R3, IBM i administrators have additional security logs to collect and monitor. Download this podcast to learn about: Log collection and monitoring on the IBM i New logging sources in IBM i V7R3 System log formats and standards Elements of an effective active monitoring strategy

Once data is encrypted, private information depends on key management to stay safe. As enterprises move to the cloud, it is important for key management solutions to provide high-availability, centralized key management to a wide range of applications and databases. Download this podcast to learn about: Encryption key management options in AWS (Key Management Service, Cloud HSM, third-party options) The different approaches to managing encryption keys Resources available to developers and managed service providers (MSPs) How Townsend Security is helping AWS customers protect their encryption keys with centralized key management