Posted on

Encryption Key Lifecycle Management: Tools and Best Practices

A data protection strategy is only as good as the encryption key security used. A robust cybersecurity management plan helps keep sensitive data protected and prevents data breaches. Implementing good practices and centralized tools helps effectively manage encryption key lifecycles, providing better regulatory compliance and overall security.

Encryption Key Lifecycle Management: Best Practices

Ensuring the security of cryptographic keys, tokens, and secrets involves different lifecycle management strategies and cybersecurity knowledge. Listed below are ten tips to keep your encryption keys safe and efficient.

Posted on

From Storage to Security: How to Keep Your Edge Sites Operating Smoothly

More and more companies are beginning to turn to edge computing for their data storage and processing needs as the benefits clearly outweigh those of a cloud-only configuration or corporate data center. Not only does edge computing allow for remote management, which is critical now more than ever as more people are working from home, but it also requires minimal space, is significantly less expensive, and most importantly, still allows applications to run on-site to support local applications.

Running applications on-site at the edge is a critical component to many business operations, especially for supermarkets and convenience stores, manufacturers, and IoT device developers, for example. The most important, and obvious benefit of running applications on-site through edge computing is the performance. An application can access and process data from on-site compute and storage much quicker than it can from the cloud. A point of sale system, for example, may have a slight delay when processing payment, but if all the purchase and payment information had to be transmitted to the cloud and back, we could expect that delay to be much longer. Additionally, the cost of transmission to the cloud or data center is significantly higher and security risks are greater. Data going to and from the cloud is more susceptible to breaches, but if an edge computing site is properly secured with encryption and key management, the risk of data loss is much lower than with constant transmission. 

Posted on

Building an ABAC Policy Using APIs and Java SDK From Machina Tools


Determining what data a user, application, or device can access can be one of the most important decisions an organization faces. You don’t have to be a healthcare or financial institution to be responsible for customer data. But to maintain customer trust, your organization may want to treat all customer data as such.

The data access problem is complex. Elements of policy may be driven by IT, human resources, legal, or even by finance. Policies might be enforced at different points depending on where data travels and how it is consumed. Policies might be enforced at the network layer through remote-access systems, at the database layer, within cloud infrastructure, or at endpoints like email and files. Most of these platforms inherently implement a permissive security policy.

Posted on

The Simple Path to Protecting and Controlling Your Application Data

Whether you’re a software development team lead at a prestigious financial institution assigned to redact personally identifiable information (PII) before releasing the next bankruptcy report, or you're part of a development shop that has just been contracted by a large healthcare organization to help update their systems to meet HIPAA requirements, chances are you’ve been asked to obfuscate sensitive data.

Protecting sensitive data is not an uncommon requirement when building applications. In a recent survey, 71% of companies indicated they utilized encryption for some of their data in transit; 53% utilized encryption for some of their data in storage.