Security Insider - Podcast Edition

Security Insider - Podcast Edition
By Townsend Security
About this podcast
Security Insider is your resource for information on the latest developments in data security, regulatory compliance issues, technology, and trends affecting the industry.
In this podcast

Security Insider - Podcast Edition

Security Insider

resource

These were generated by algorithms, which may be wrong. Report errors to us.
Latest episodes
Feb. 16, 2018
PCI DSS requiress two factor authentication (also known as multifactor authentication) - something you know and something you have. For IBM i users, this usually means a password and an authentication code provided to a token or mobile device. However, tokens are expensive and are frequently lost - and SMS messages to mobile devices have become a deprecated method. Join Patrick Townsend, Founder and CEO of Townsend Security, as he discusses the PCI recommendations, how to meet 2FA compliance requirements with a mobile based solution, and how Townsend Security is helping IBM i users meet the latest two factor authentication compliance requirements. Download this podcast to learn about: PCI DSS and NIST requirements for two factor authentication Protecting critical data on the IBM i with two factor authentication Mobile based authentication with Twilio's Authy Introduction to Alliance Two Factor Authentication
Jan. 23, 2018
It is difficult to say big data without instantly thinking about MongoDB. As enterprises adopt MongoDB, they also bring security concerns with them. Depending on their business, they may have multiple government (HIPAA, GDPR, FFIEC, etc.) or business (PCI DSS, etc) security regulatory standards with which they need to comply. Join Patrick Townsend, Founder and CEO of Townsend Security, as he talks about leveraging the WiredTiger storage engine, achieving a strong security posture with key management, and how to easily begin encrypting data in MongoDB Enterprise. Download this podcast to learn about: Encryption using the WiredTiger storage engine - no need to buy 3rd party encryption! Easily generate a master encryption key and begin encrypting database keys using native command line operations Meeting compliance requirements (PCI DSS, HIPAA, GDPR, etc.) The importance of KMIP
Aug. 11, 2017
While the IBM i (AS/400) is considered by many to be a secure platform, it is not immune to data breaches. For this special podcast, Clayton Weise of KeyInfo joins us to discuss running the IBM i in the cloud, maintaining a strong security posture, and common questions about cloud/on-prem hybrid networks. Download this podcast to learn about: IBM i, security, and why customers are moving to the cloud Improving IBM i security posture by moving to cloud Meeting compliance requirements in the cloud Future proofing your IBM i platform
June 27, 2017
Cyber criminals attempt to escalate their level of privilege by stealing and using administrative credentials. Because IBM i servers are accessed from user PCs across internal and external networks, credential stealing from these exposed PCs and networks is the preferred mechanism for compromising an IBM i server. Download this podcast to learn about: Identifying escalated privilege attacks on the IBM i Determining the true level of authority of a user profile Controlling and monitoring administrative level users Setting email alerts to include critical job and security information
June 12, 2017
The financial world is rapidly changing. Innovations in technology are impacting payments, lending, insurance, and even compliance. With huge amounts of private data being dealt with on a daily basis, data security is a top concern - and the best way to protect it is with encryption. Download this podcast to learn about: Encryption and key management Meeting the various compliance requirements Fintech in cloud environments Advice on selecting and evaluating a fintech vendor
March 30, 2017
The finance industry is increasingly being held accountable for the security, confidentiality and integrity of non-public customer information. By protecting nonpublic personal information (NPI) and personally identifiable information (PII), businesses in the banking and financial services industry can protect private information including: customer financial records, social security number, income, and account numbers. Organizations that experience a data breach where un-encrypted data is lost can suffer fines reaching into the millions of dollars, as well as face indirect costs like brand damage and customer loss. Download this podcast to learn about: Meeting data security compliance requirements (GLBA, FFIEC, PCI DSS, etc.) Examples of NPI and PII that need to be encrypted Encryption and key management How to take advantage of the GLBA’s “safe harbor” protection for privacy notices
Feb. 17, 2017
As Covered Entities take electronic Protected Health Information (ePHI) move to the cloud, they need to understand the important role of having a Business Associate Agreement (BAA) in place and how to ensure that they are meeting HIPAA compliance when ePHI is outside of their walls. Download this podcast to learn about: What is considered electronic Protected Health Information (ePHI) The role of Business Associates (BA) as defined by the Department of Health and Human Services Storing ePHI in the Cloud and meeting HIPAA compliance Key takeaways that vendors can implement today for improved security
Jan. 10, 2017
Active monitoring (sometimes referred to as Continuous Monitoring) is one of the most effective security controls that an organization can deploy - and can often detect a data breach before any information is lost. As the IBM i continues to evolve, so do sources of security logs. With logs being created from so many different sources, it is important to collect and monitor them in real-time to detect security events. Download this podcast to learn about: Current status of security logging on the IBM i The future of log collection and monitoring New logging sources in IBM i V7R3 Elements of an effective active monitoring strategy
Oct. 17, 2016
Active monitoring (sometimes referred to as Continuous Monitoring) is a critical security control for all organizations and is one of the most effective security controls you can deploy. The large majority of security breaches occur on systems that have been compromised days, weeks, or even months before sensitive data is lost. With the release of V7R3, IBM i administrators have additional security logs to collect and monitor. Download this podcast to learn about: Log collection and monitoring on the IBM i New logging sources in IBM i V7R3 System log formats and standards Elements of an effective active monitoring strategy
Aug. 9, 2016
Once data is encrypted, private information depends on key management to stay safe. As enterprises move to the cloud, it is important for key management solutions to provide high-availability, centralized key management to a wide range of applications and databases. Download this podcast to learn about: Encryption key management options in AWS (Key Management Service, Cloud HSM, third-party options) The different approaches to managing encryption keys Resources available to developers and managed service providers (MSPs) How Townsend Security is helping AWS customers protect their encryption keys with centralized key management