Who Holds The Keys To Your Data Kingdom?

HyTrust co-founder and president Eric Chiu recently penned an article for Wired Magazine called “Brand Damage Through Information Access”, dissecting Edward Snowden’s leak of sensitive government data and its value as a fascinating, but troubling case study for the IT sector. Eric wrote: “Every corporation now has tremendous amounts of data and resources in virtualized […]

Establishing the ‘Two-Man Rule’ and Trust in Your IT Staff

The insider threat has come into greater focus in the wake of Edward Snowden’s admission that he leaked government secrets. The director of the NSA, Gen. Keith B. Alexander, said his agency would institute “a two-man rule” that would limit the ability of each of its 1,000 system administrators to gain unfettered access to the […]

A Role for Role-Based Monitoring in the Virtualization, Cloud Space

  With the advent of virtualization and the move towards software-defined clouds, the way we perform IT and how we measure its success has changed. As a result many of the ways we traditionally secure infrastructure no longer apply or plainly come up short. Great article by our own Alan LeFort outlining what cloud and virtualization […]

How Data for One of the Biggest US Banks Got Compromised

Many merchants look to their banks and card brands for guidance to meet compliance requirements and properly store and process credit card information. Banks oblige. For example, on the merchant website of Bank of America (…) there is a clear and compelling description of the possible electronic breaches and measure that should be taken to […]

Department of Energy Access Credentials? – Sold

If I had a dollar every time I heard “we hired our administrators – we trust them” I would be able to buy a very nice car by now. Of course, this optimistic outlook can use a doze of healthy paranoia. Most administrators are good trustworthy corporate citizens. However, there are always some who get […]

We Need You! VMworld Session Voting Closes May 6

VMworld US 2012 was a fantastic event for HyTrust, our customers, partners, and friends. Now VMworld 2013 — just a few months away — will no doubt be even better. Why? Because you have the opportunity to choose the sessions you want to see come August. This is your chance to tell show organizers exactly […]

HIPAA non-compliance penalties double – now $50K per violation up to $1.5M annually

To strengthen privacy and security protections, department of health and human services have modified both HIPAA and HITECH. Both modifications are effective as of March 25, 2013. Organizations have six months grace period to comply with the new stricter rules, or until September of this year. What’s interesting is that in addition to hospitals, doctors […]

It’s Time to Rethink Security In-line with Emerging Technologies and Change the Way We Do Business

Verizon’s 2013 Data Breach Investigation Report released last week indicates that most data breaches now involve stolen credentials, back doors and brute force attacks. In addition, it confirms what HyTrust has also found — that the vast majority of breaches aren’t detected until months after compromise. This is a critical situation, and with the majority […]

Poetic Injustices of Cloud Security

Sometimes we see a cloud that’s dragonish; A vapour sometime like a bear or lion, A tower’d citadel, a pendent rock One can find a Shakspeare quotation like the above in the code of malware, modified version of Citadel trojan, distributed by a so-called “Poetry group”, a new hacker group that was first detected in […]