Blog

Posts Tagged ‘Zserver Suite’

Closing the Barn Door After the Horses Escape

Tuesday, April 6th, 2010

There is an old saying about closing the barn door after the horses have escaped. Obviously, that is too late.

John Muir Health is “closing the barn door after the horses escape” by implementing disk encryption software on its laptops AFTER two laptops with unencrypted data were stolen–leading to the compromise of nearly 5,500 patients’ sensitive and confidential data.

John Muir Health waited two months–the maximum amount of time allowed under the HITECH amendment to the HIPAA compliance mandate that governs data security in the health industry. Hala Helm, Muir’s vice president and chief compliance and privacy officer, is quoted explaining the delay with the justification “We wanted to make sure we had accurate information and could address questions from our patients.”

The move to encrypt the data on John Muir Health laptops is a good one–but in hindsight it is obviously a security control that should have been in place already. Had the data on the stolen laptops been encrypted, no patient data would be exposed or compromised as a result of the theft of the laptops. John Muir Health could have simply written off a few thousand dollars for the lost hardware, replaced the laptops, and carried on with business as usual.

If your organization has laptops, and those laptops have private, sensitive, or confidential data on them–ever, perhaps you should consider shutting the barn door now–while the horses are still safely inside?

Tags: , , , , , , ,
Posted in Data Storage Security | 1 Comment »

Zecurion Announces Zserver Suite 6.0

Wednesday, March 31st, 2010

Zecurion this week launched Zserver Suite 6.0–the latest version of its leading data encryption software. The new Zserver Suite has a number of updates, including new reporting capabilities, but the two biggest changes introduced in the new Zserver are EKMS and cloud data encryption.

EKMS–or Enterprise Key Management Server–automates and simplifies the arduous task of key management for encrypted data. Alexey Raevsky, CEO of Zecurion and developer of Zecurion’s patented AME (adaptive multithreaded encryption) technology, describes EKMS like this. “Keys stored by EKMS can be automatically uploaded to Zserver-protected servers, and when required, a Zserver-managed server can be configured to automatically open encrypted disks after the requested keys are obtained from EKMS.”

The second major change relates to encrypting data in the cloud. Many organizations are exploring how to take advantage of the operational and financial benefits of storing data in the cloud, however that data still needs to be protected. Using Zserver Suite 6.0, Zecurion customers can automatically encrypt entire dedicated servers in the cloud, or encrypt data on a file-by-file basis prior to transferring it to the cloud.

Check out the press release for more details about Zserver Suite 6.0, and feel free to contact Zecurion if you have any questions or need any more information.

Tags: , , , , , ,
Posted in Data Storage Security | No Comments »

Arkansas National Guard Loses Unencrypted Drive

Wednesday, March 10th, 2010

The Arkansas National Guard lost an external hard drive containing unencrypted data. The data on the drive included the Arkansas National Guard personnel file dating back to 1991–complete with names, social security numbers and other personal information which could put the affected Soldiers at risk for identity theft.

Thus far, there is no evidence to suggest foul play. The Guard remains hopeful that the drive is simply misplaced. However, the Guard is making every effort to identify those affected and alert them of the potential data risk.

That is good news–assuming that the Guard is correct and the data isn’t in the hands of anyone with malicious intent. But, what if they’re wrong? Or, what if they’re right that the drive was innocently misplaced, but someone with less-than-honorable intentions locates it before they do?

The fact is that the Arkansas National Guard–and any other organization storing sensitive or confidential information–could have avoided any potential breach of the data by encrypting it. A lost drive doesn’t have to put data at risk if the data it contains is properly protected.

Zecurion Zserver Suite protects data at rest. Zserver Storage’s hard disk encryption functions transparently, ensuring the safety and security of data even if the storage media device is removed–as is often the case for external hard drives. None of the data, including the file allocation tables or any Zserver Storage supporting files, are accessible without authorized encryption keys.

Zserver Storage encrypts most types of data storage hardware and devices including IDE and SCSI hard drives, RAID mirrored drives, CD/DVD optical disks and magnetic tapes, making Zserver Storage a viable, cost-effective alternative to other encrypted storage hardware solutions such as network storage appliances.

The bottom line is that it is unreasonable to expect users not to store sensitive or confidential data on drives–whether internal or external. It should be assumed that drives will contain such information, and organizations should proactively encrypt the data using a product like Zserver Suite to ensure it is protected from unauthorized access no matter where the drive ends up.

Tags: , , , , , ,
Posted in Data Storage Security, Security Breaches & Data Loss Incidents | No Comments »