There are no guarantees that any one security approach will be able to deal with new and innovative intrusions in increasingly complex technical and business environments. By implementing a combination of solutions presented in this article we should be in a better position to face growing...

This is a new approach to tokenize data which eliminates challenges associated with standard centralized tokenization. Particularly in high volume operations, the usual way of generating tokens is prone to issues that impact the availability and performance of the data. From a security...

As databases become networked in more complex multi-tiered applications, their vulnerability to external attack grows. We address scalability as a particularly vital problem and propose alternative solutions for data encryption as an enterprise IT infrastructure component. In this paper, we...

Encryption can provide strong security for data at rest, but developing a database encryption strategy must take many factors into consideration. Organizations must balance between the requirement for security and the desire for excellent performance. Encryption at the database level, versus...

There are three commonly accepted baseline implementation and function requirements for a successful data encryption solution. However, each system layer approach delivers an encrypted solution in a different manner and address a multitude of different requirements. These requirements are broken...

Organizations handling credit cards feel pressure building as the deadline for PCI Requirement 6.6 compliance [1] has passed and well documented breaches have heightened the public and regulatory agencies' concerns about how well companies are securing consumer-specific information. Despite some...

Data security plans often center around the quot;more is betterquot; concept. These call for locking everything down with the strongest available protection and results in unnecessary expenses and frequent availability problems and system performance lags. Alternatively, IT will sometimes shape...

With the advent of the Payment Card Industry Data Security Standard (PCI DSS), protecting stored credit card numbers is no longer optional. Any company that stores, processes, or transmits credit card information - regardless of size or volume of transactions - must secure stored credit card...

The Payment Card Security Industry Data Security Standard (PCI DSS), US State and federal laws encourage and require businesses to encrypt consumers' computerized personal information and payment data. Most state data breach notice laws do not require businesses to notify their customers when...