CloudMask Blog

The Myth of “Staying One Step Ahead of the Hackers”

  The assumption that software security can stay ahead of the hackers is not true because the software security industry is always reacting to threats that hackers expose. Once hackers start exploiting a flaw in an application, security companies try to block the resulting threat by providing security updates for existing software or by developing new programs. Either...

The Encryption That Businesses Need, But CISOs Forget About

 By Joseph Steinberg  CEO, SecureMySocial @JosephSteinberg   Many businesspeople put their firms’ data at risk because they fail to understand several important concepts about encryption. Simply understanding that data can be protected from unauthorized parties by encrypting it is insufficient to deliver security; in order to secure information people must know when...

Why Your Data Security Strategy Should Include Data Masking

  Data Masking/Tokenization/Anonymization replaces sensitive information with fictitious data while retaining the original data format. The data masking process lets you continue to work with your data as if it were not encrypted. Databases, business applications and collaboration software continue to work as if the data was real, but unauthorized personnel only have...

Court Rulings Limit Privacy Protections From Data Residency

Jurisdictions around the world, including the European Union and Canada, are enacting laws and creating regulations forcing companies that collect personally identifiable information (PII) to store the data of their residents within their national boundaries. This concept is known as data residency and the idea is that local privacy laws will apply to data stored...

If everybody could read your email, are you secure?

Email is one of the most critical business tools and a major component of the lives of many people. At the same time, it seems to lack adequate security as the Clinton campaign email leaks and the publication of France’s Macron emails have shown. Email is at the same time insecure but used to share important and often sensitive information. While companies encrypt...

ITAR compliance: ignorance is no excuse

The ITAR (International Traffic in Arms Regulations) legislation details what measures businesses and individuals must take to comply with ITAR requirements and specifies severe penalties, both civil and criminal, for non-compliance. The reach of the regulations is broad and suppliers of all kinds may be subject to requirements to keep sensitive information secure and...

Should You Encrypt Data Before it Goes to the Cloud?

  American cloud service providers such as Microsoft are opening local data centers in foreign countries at the request of the respective foreign governments and customers located in those countries. The thinking behind this strategy is that data located in a particular country is subject to the country’s data privacy laws, which may be different from those in effect in...

Can Two-Factor Authentication Keep Your Company's Data Safe?

A lack situational awareness is hurting the ability of companies and the public sector to adequately protect sensitive information. Intellectual property, sensitive business data, personally identifiable information and infrastructure access, are at risk. Situational awareness in the context of cybersecurity involves the following three areas: Effective management of...

Security certifications (Part 2): Total product certification

Common Criteria certificate ensure that there is no gap in data protection according to the solution's security profile. According to the National Cyber Security Alliance, 556 million personal records are stolen every year, which means that 18 people experience the theft of their sensitive information every second. These statistics paint a bleak picture for businesses...

I have “nothing to hide”! Why should I care about Government surveillance?

I f you don't have anything to hide, then why would you object if the police come to your home to search and take pictures of your documents without your permission? Unfortunately for you as a consumer, the discussion regarding data protection is often focused on corporations and what they can do to prevent hackers from accessing mission-critical communications and...