With the introduction of vSphere encryption in 6.5 and vSAN 6.6, it has become much easier - and cost-effective - for businesses to encrypt private data. By deploying encryption to protect sensitive workloads in VMware, using the advanced cryptographic permissions in vCenter Server organizations can protect their sensitive information in their inte…

Over the last several years, encryption key management has attained “essential infrastructure” status. When done properly, key management can protect encrypted data - and in the event of a data breach, can even provide a company with an exemption for a breach notification. Download this podcast to learn about: What enterprises should look for in an…

VMware virtualization has been a game-changing technology for IT, providing efficiencies and capabilities that have previously been impossible for organizations constrained within a traditional IT data center world. With vSphere version 6.5 and vSAN version 6.6 VMware customers now have the ability to encrypt VMware managed virtual machines and vir…

The European General Data Protection Regulation (GDPR) is radically transforming the information technology space. Organizations of all sizes and types, and cloud service providers large and small, must adjust to the notion that people now fully own information about themselves. Join Patrick Townsend, Founder and CEO of Townsend Security, as he tal…

PCI DSS requiress two factor authentication (also known as multifactor authentication) - something you know and something you have. For IBM i users, this usually means a password and an authentication code provided to a token or mobile device. However, tokens are expensive and are frequently lost - and SMS messages to mobile devices have become a d…

It is difficult to say big data without instantly thinking about MongoDB. As enterprises adopt MongoDB, they also bring security concerns with them. Depending on their business, they may have multiple government (HIPAA, GDPR, FFIEC, etc.) or business (PCI DSS, etc) security regulatory standards with which they need to comply. Join Patrick Townsend,…

While the IBM i (AS/400) is considered by many to be a secure platform, it is not immune to data breaches. For this special podcast, Clayton Weise of KeyInfo joins us to discuss running the IBM i in the cloud, maintaining a strong security posture, and common questions about cloud/on-prem hybrid networks. Download this podcast to learn about: IBM i…

Cyber criminals attempt to escalate their level of privilege by stealing and using administrative credentials. Because IBM i servers are accessed from user PCs across internal and external networks, credential stealing from these exposed PCs and networks is the preferred mechanism for compromising an IBM i server. Download this podcast to learn abo…

The financial world is rapidly changing. Innovations in technology are impacting payments, lending, insurance, and even compliance. With huge amounts of private data being dealt with on a daily basis, data security is a top concern - and the best way to protect it is with encryption. Download this podcast to learn about: Encryption and key manageme…

The finance industry is increasingly being held accountable for the security, confidentiality and integrity of non-public customer information. By protecting nonpublic personal information (NPI) and personally identifiable information (PII), businesses in the banking and financial services industry can protect private information including: custome…

As Covered Entities take electronic Protected Health Information (ePHI) move to the cloud, they need to understand the important role of having a Business Associate Agreement (BAA) in place and how to ensure that they are meeting HIPAA compliance when ePHI is outside of their walls. Download this podcast to learn about: What is considered electroni…

Active monitoring (sometimes referred to as Continuous Monitoring) is one of the most effective security controls that an organization can deploy - and can often detect a data breach before any information is lost. As the IBM i continues to evolve, so do sources of security logs. With logs being created from so many different sources, it is importa…

Active monitoring (sometimes referred to as Continuous Monitoring) is a critical security control for all organizations and is one of the most effective security controls you can deploy. The large majority of security breaches occur on systems that have been compromised days, weeks, or even months before sensitive data is lost. With the release of …

Once data is encrypted, private information depends on key management to stay safe. As enterprises move to the cloud, it is important for key management solutions to provide high-availability, centralized key management to a wide range of applications and databases. Download this podcast to learn about: Encryption key management options in AWS (Key…

VMware and IBM's recent partnership lets customers migrate workloads back and forth between VMware-based private clouds and IBM SoftLayer. Join Patrick Townsend as he discusses what this partnership means (from a security perspective), compliance considerations, and how organizations can better secure their data in IBM SoftLayer. Download this podc…

Prior to version 3.2 of the PCI Data Security Standard (PCI DSS), remote users were required to use multi-factor authentication for access to all systems processing, transmitting, or storing credit card data. With version 3.2, this is now extended to include ALL local users performing administrative functions in the cardholder data environment (CDE…

While the IBM DB2 Field Procedures (FieldProc) facility works quite well with native SQL applications, IBM i customers with legacy RPG applications have not been able to take full advantage of FieldProc to encrypt data in DB2 tables. In particular, the encryption of database columns, which are indexes, has been very difficult for IBM i customers us…

Encryption of data at rest, along with good security policies, can help businesses meet compliance regulations like PCI DSS and HIPAA, safeguard enterprise IP, and protect customer PII. While MongoDB provides a mechanism to encrypt data, it is still up to the users to manage encryption keys. Download this podcast to learn about: When MongoDB users …

HIPAA requires covered organizations to implement technical safeguards to protect all electronic personal healthcare information (ePHI), making specific reference to encryption, access controls, encryption key management, risk management, auditing, and monitoring of ePHI information. By knowing the relationship of HIPAA and HITRUST, covered entitie…

While Linux has a reputation as being secure, it is not immune to a data breach. Security administrators and application developers need to take a data-centric approach to protecting their private information – such as their employee data, intellectual property (IP), or customers’ PII. Without the proper controls in place, business applications and…

As compliance regulations evolve, developers are finding themselves tasked with modifying existing applications to implement new, better security, as well as creating new applications that need to follow security best practices. Listen to this podcast to learn about: Meeting compliance requirements Writing code with a security perspective Encryptin…

Collecting real-time security events on the IBM i platform is different than other platforms - logs are stored in many different places in a proprietary IBM format. This presents a challenge for administrators who need to monitor their IBM i logs. Download this podcast to learn about: Real-time security event logging on the IBM i Monitoring your mo…

As cloud storage becomes commonplace, the need to protect and encrypt data grows more important than ever. The critical question becomes, who has access to your encryption keys? Download this podcast to learn about: Download this 20-minute podcast to learn more about: Encrypting data in the cloud Why encrypted data in the cloud may not be as secure…

For SQL Server users in VMware environments, encryption and key management is easier than ever. With a ready-to-deploy OVA formatted solutions, VMware customers can launch an encryption key manager with standard VMware tools and begin securing their sensitive data in SQL Server within minutes. Download this 20-minute podcast to learn more about: • …

Every business is trying to save money and reduce complexity in their IT departments, and many are accomplishing this today by using virtual machines such as VMware. While these business's infrastructures are becoming virtual, their security threats are still very much real. Download this 20-minute podcast to learn more about: • Encrypting data in …

Data breaches are no longer a matter of “if” but “when”. When developing a data breach response plan it is important to consider the technologies you can implement to help mitigate a data breach, or prevent one from happening altogether. Download this 10-minute podcast to learn more about: * Managing risk by implementing the right technologies * Wh…

Amazon Web Services (AWS) is a deep and rich cloud platform supporting a wide variety of operating systems, services, and third-party applications. What can enterprises do to make sure their data is protected? Download this 20-minute podcast to learn more about: Protecting data in Amazon Web Services (AWS) Securing data in RDS, S3, EBS, and DynamoD…

Are there any special considerations for encryption and key management in VMware? This podcast discusses overcoming the challenges of encryption in VMware. Download this 15-minute podcast to learn more about: • Encryption and key management with VMware • How to avoid the common "gotchas" • The importance of certified solutions…

Developing secure websites in Drupal can be a challenge, especially when it comes to encrypting sensitive data and meeting compliance.Download this 20-minute podcast to learn more about:• Encrypting data in Drupal• What data needs to be encrypted• Encryption key management• Townsend Security's Drupal Developer program…

While Amazon Web Services (AWS) delivers a secure, scalable cloud computing platform, organizations may be required to deploy an additional layer of security to protect the data they store in the cloud. Download this 20-minute podcast to learn more about: • Protecting data in Amazon Web Services (AWS) • Best practices for deploying a key manager in…

Encrypting data in Microsoft SQL Server is often difficult to understand because of the different encryption options offered. Download this 20-minute podcast to learn more about: • Options for encrypting data in Microsoft SQL Server - TDE, Column-• Level, and with the .NET Framework • Managing encryption keys and using Extensible Key Management (EK…

Expensive encryption and key management solutions, losing encryption keys, and difficult deployments are now a thing of the past. Download this 20-minute podcast to learn more about: • Encryption performance impacts • Why you shouldn't worry about losing an encryption key • How encryption and key management are now easier than ever…

Drupal developers who need to protect sensitive data know that storing their encryption keys within the CMS puts their data at risk for a breach. Users who are currently encrypting sensitive data in Drupal are storing the encryption key locally in either a file protected on the server, in the database, or in Drupal’s settings file. None of these me…

As organizations are moving their applications and sensitive data to Windows Azure and leaving behind the traditional data center, they are turning to virtual machines to run their IT infrastructure. Townsend Security recently release the first encryption key manager to run in Microsoft Windows Azure, solving the data security problem that has held…

User names and passwords are no longer good enough. To protect sensitive data, businesses need another layer of security and are often turning to two factor authentication. By deploying a two factor authentication solution organizations can easily enhance their security in a cost-effective way, as well as meet compliance regulations and recommendat…

With encryption key management now being offered on hardware, virtualized, and cloud platforms, is it simply just a matter of preference or is one option better than another? Download this 20-minute podcast to learn more about: • Deploying encryption key management as an HSM, Cloud HSM, Virtual Appliance (VMware, Hyper-v, Xen) or in the cloud (Wind…

Organizations who encrypt data in the cloud regularly report that loss of control of cryptographic keys is a top concern. Advances in encryption technology have made protected sensitive data easier than ever. However, encryption key management has remained a challenge. Organizations are now able to address this problem with the recent introduction …

As more enterprises begin to outsource hosting and move confidential data to the cloud, the protection of encryption keys become the number one action that determines the true effectiveness of their encryption strategy. In this podcast, Patrick Townsend discusses the information security CIA triad (confidentiality, integrity, and availability) and …

Is Your Property Management System Really Secure? According to a new report by British insurance firm WIllis Group Holdings, insurance claims for data theft worldwide jumped 56% last year, with 38% of those attacks targeting hotels, resorts, and casinos. Property Management Systems (PMS) contain a deep well of Personally Identifiable Information (P…

Encryption and key management are now industry standards and work across both legacy and newer business systems, multi-platform and multi-tenant networks, remote access workstations, geographical offices, data centers, and third-party business partners. But how do you know what to take into consideration when deciding on an encryption key manager? …

PGP encryption has become the de facto standard for securing data in motion on the IBM i. It can help businesses meet compliance regulations such as PCI DSS by encryption credit cards and other PII as it is in transit to your trading partners. In this podcast, Patrick Townsend discusses the differences between Open PGP and Commercial PGP, which ver…

Server virtualization has been a game-changing technology for IT, providing efficiencies and capabilities that have previously been impossible for organizations constrained in a physical world. Now Organizations can deploy servers in both their data centers and the cloud using virtualization technologies such as VMware. Download this podcast to hea…

As a data security company, we see plenty of organizations think they are doing the right things to keep their data safe, but are falling down on a few key areas. For this special podcast, Patrick Botz of Botz and Associates joins Patrick Townsend to present their top three IBM i security tips to help keep your IBM i secure and data safe.…

While payment application vendors are required to certify their payment applications with PCI, compliance regulations are not set in stone and likely to change. Retail ISVs need to be aware of this, and that just because their solution was certified yesterday, their encryption and key management practices might not suffice during their next certifi…

Data security is a huge concern for retail companies who expect their point of sale (POS) system vendors to protect their customers’ data. Although POS vendors are required to certify their POS devices with the Payment Card Industry (PCI), many still scrape by with poor encryption and key management practices in their payment applications. Join Pat…

Until recently, password management has been a challenge for TrueCrypt encryption users. Enterprises can now encrypt sensitive data for any Windows application or folder with TrueCrypt and create cryptographically strong passwords with Alliance Key Manager, a FIPS 140-2 compliant key management HSM. In this 15-minute podcast Patrick Townsend discus…

With the push to make more data and business applications accessible to workers from their mobile devices, administrators have new security concerns. Security expert Patrick Botz joins us to discuss how to keep valuable data secure in the face of mobility and to offer suggestions on how to simplify this complex issue.…

With IBM ending support on V5R4 of the IBM i later this year, many organizations are in the process of upgrading their systems to V7R1. In V7R1, IBM introduced support for automatic, field-level encryption in the DB2 database called FIELDPROC (short for "Field Procedures"). This allows IBM i users to now deploy encryption without making any program…

The Department of Health and Human Services (HHS) recently released an update to its meaningful use policies about encrypting patient information. They made one thing perfectly clear – the only way to avoid the data breach notification requirement, and potential fines, is to encrypt the data. With small and mid-sized businesses increasingly the tar…

Sensitive data can now be automatically encrypted using Townsend Security's NIST-certified encryption libraries and developers can use cross-platform PHP to easily communicate with modern systems. Additionally, PHP can be used to transform complicated green screens into a familiar, simple user interface. For this special podcast, Eric Nies from NSC…