A new release of a popular utility for managing and securing passwords provides a place to store all your personal information.

By Chris Smith

I have written in the past of the importance of having solid passwords to protect your data. I haven't offered, however, any convenient and inexpensive utilities to manage passwords at home, in the office, or on the road. One such utility that has recently been released following a complete rewrite is Password Profiler 2. This automated password filler enables you to log into Web sites and quickly complete lengthy registration and checkout forms, allows you to save logins to frequently visited sites, and provides for multiple profiles for separating business and personal information.

These days, encryption is essential. Be sure you're doing it right.

By Patrick Townsend

Encryption key management is a crucial part of any data encryption strategy. It's designed to protect credit card numbers, social security numbers, or any other sensitive information you need to protect in data files. A failure in encryption key management can result in the loss of your sensitive data and can lead to severe penalties and legal liability. Unlike public/private key technology, which maintains the security of two separate endpoints, database encryption uses a single secret key, and its loss compromises your data. That's why good encryption key management is so important to your data security strategy.

Using a random-number generator, however, can give you an unbreakable password.

By Chris Smith

I've been writing for the past few weeks about security and encryption and ways to take care of yourself and your computer in the face of some pretty--shall we say--"obsessive behavior" by numerous people using the Internet who aren't very nice.

I have to confess that when I thought up my most common password, variations of which I use for just about everything, I imagined a classroom of sixth-graders sitting around trying to guess what it is.

Ever print out your passwords just before leaving on a trip? That's not necessary with the right password management software.

By Chris Smith

As I was getting ready to leave for COMMON in Nashville last spring, I wondered if I wouldn't need at least a few of the dozen or more passwords I have filed away that provide access to various Web sites, including the back of the MC Press Online news portal where we post articles. No password, no access to the site. No access, no news gets posted. Since passwords are usually filled in automatically by Windows, I don't have to commit them to memory (though I do know one or two).

In this article, Carol Woodbury discusses the issues surrounding compliance as well as items to address to remain in compliance.

By Carol Woodbury

I wish I had a magic formula for ensuring that your organization's security configuration was in compliance. Unfortunately, it's just not that easy. It seems that there's at least a slight twist to every organization's compliance implementation. This article endeavors to provide guidelines for you to use to determine how best to attain and remain in compliance.

With frequent reports of lost backup tapes, stolen laptops, and database breaches, it's time to look at the new laws and regulations that protect the privacy of data.

The reason we're hearing about all of the breaches and loss of data is because of a law first passed in California and then enacted by most other states that requires organizations to notify individuals when their private data (e.g., social security number, bank account number, credit card number, or driver's license number) has been lost, breached, or thought to have been breached. As of this writing, 38 states have passed some version of a breach notification law. Most states provide some form of exemption from notification if the lost or stolen data was encrypted. This has driven many organizations to consider encrypting their backup media.

There's more than one way to secure and protect your important data.

Over the last few years, hundreds of corporations have been featured in headlines for data security breaches. According to the Privacy Rights Clearinghouse, the records of over 158 million U.S. residents have been exposed by security breaches since January 2005. That's more than half of the U.S. population.

Lost or stolen backup tapes contributed to a large number of these breaches, yet protecting backup data is still often overlooked. Many companies believe that it is useless to protect these tapes because they contain "old" information only used for disaster recovery (DR), but even just one compromised backup tape can cost a company its reputation, its competitive advantage, and thousands in fines. The Ponemon Institute research firm reported that data breaches cost companies an average of $182 per compromised record in legal fees and other expenses.