Key Management and Payments Security Blog - Thales e-Security

Data Security and Key Management - Thales e-Security

  • HIMSS 2017: Data Security Highlights

    By | February 23, 2017

    With our Healthcare Data Threat Report announced just this week, I was not surprised to see that one of our key findings aligned with the topics being discussed at the HIMSS conference. Based on my observations on the exhibit floor as well as my conversations with healthcare IT professionals and security consultants, one key theme from the report bears out: When it comes to protecting electronic personal health information (ePHI), the focus for many healthcare IT teams is still on traditional security measures.

    Continue Reading
  • 5 Steps to Win over the Channel – and Best Position Your Products

    By | February 22, 2017

    It is not surprising that organizations are faced with an increasingly complex business environment. More competition, razor thin margins and increased competition yields more challenges to the business than ever before. At the same time the operating business environment has produced IT and security challenges that were often not even on the radar five years ago. Take security, for example. It was not all that long ago that hackers were the “bad outsiders” looking to develop their reputations as professional hackers by hacking into organizations and doing things like changing main web pages. Back then, it was relatively easy to thwart most threats by deploying some perimeter protection (such as firewalls and VPNs) to solve the issue. And life went on.

    Continue Reading
  • The Good (and Bad) About Healthcare Data Security in 2017

    By | February 21, 2017

    Read HC Edition of DTR FacebookIn the Healthcare Edition of the 2017 Thales data Threat report, we were able to focus down on the specific results and behaviors of healthcare enterprises not only in the U.S. this year, but also around the globe. We extended our sample size to include results from healthcare organizations in every geography that we surveyed. In this blog, I'll cover the highlights of what we found not only in the U.S., but also any contrasting results from elsewhere.

    Continue Reading
  • RSA Conference 2017: Highlights and Innovations

    By | February 15, 2017

    It goes without saying, really, but RSA Conference is the biggest cybersecurity convention of the year. From all across the world, private sector and government leaders come to San Francisco to inspect the latest innovations our industry has to offer.

    RSA Conference 2017 remains important, but I have seen a noticeable shift in the conversations our sector wishes to discuss. In the following blog post, I will examine the top four highlights and innovations I have seen so far this year.

    Continue Reading
  • It’s time for security provisions to catch up with software development

    By | February 15, 2017

    As Marc Andreessen once said, "software is eating the world".

    As technology becomes a differentiator in all market segments, we’ve seen an explosion in the development and use of software over the past decade. Driving this innovation is the ease of consumption afforded by the roll-out of high speed internet connections everywhere as well as the miniaturisation of devices that can consume digital services.

    Continue Reading
  • Quantum Resistance – Algorithm Flexibility Practicalities

    By | February 13, 2017

    In order to protect our data in the medium term the algorithms and protocols used must be resistant to developments in Quantum Computing that could result in many conventional public key algorithms becoming breakable – that is, reversible from the public key. One of the uses of public key cryptography is Key Agreement (also known as Key Exchange), which typically uses the Diffie-Hellman mechanism, and its Elliptic Curve equivalents.

    Replacement mechanisms have been proposed for Diffie-Hellman, notably New Hope, as an example. But how similar is it - and how easy will future algorithm developments fit into existing applications?

    Continue Reading
  • New Solutions and Vision for Google Cloud Platform & Microsoft Azure Key Management – RSA Conference 2017

    By | February 13, 2017

    Governments do ask cloud providers to hand over their customers’ data. Last week there was another reminder when a Federal Court said Google must turn over data in foreign servers. This reminder underlies one of the reasons it is important to not only encrypt your data in the cloud, but to assure that you are the custodian of the encryption keys. Thales is making two announcements about new cloud key management capabilities at the RSA Conference this week that will address this concern, as well as deliver other security advantages to security conscious organizations.

    Continue Reading
  • Global Data Threat Landscape – Biggest National Differences

    By | February 10, 2017

    Who is most and least vulnerableEspecially if you work in U.S. IT Security, it's often the case that people will think about the environment of attacks, threats, controls and defenses in a pretty insular manner - assuming that what's true in the U.S. is also true around the world. But it's time we lost that attitude - especially if you work in a global organization.

    Continue Reading
  • Delivering Trust for Blockchain and Distributed Ledgers

    By | February 08, 2017

    It’s no secret that blockchain was one of the most impactful technology stories of 2016. Offering game-changing benefits over legacy systems, blockchain promises fast, immutable transactions at much lower cost for settlement, clearing and payment applications.

    Blockchain gained much of its notoriety as the technological backbone of Bitcoin, which enables transactions to be made and verified on a network instantaneously without a central authority. While cryptocurrencies may have become less popular, the technology behind their use continues to gain significant traction.

    Continue Reading
  • Taking the steps towards a safer internet

    By | February 07, 2017

    Every day we are faced with scary statistics about our increasingly connected and digital world. Just recently, our Data Threat Report revealed that over two thirds of global organisations have experienced a data breach. Successful attacks on the likes of Yahoo and LinkedIn last year need not remind us of the consequences of falling victim to increasingly sophisticated hackers.

    But it’s not just global businesses facing the impending threat of hackers in today’s digital driven world – individuals are too. In the US, the number of identity fraud victims reached a record high last year, with some 15.4 million Americans falling victim to fraudsters. In the UK too, almost one in ten people experienced fraud during 2016, making online fraud the most common crime in the entire country.

    Continue Reading
View more

About this blog

Welcome to our new merged blog site, featuring key management and payments security focused content previously hosted on www.keymanagementinsights.com and www.paymentssecurity.com.

As companies look to protect their customer data and other sensitive information, encryption is being deployed more widely. Yet if an encryption key is lost then that data cannot be recovered. Avoiding this problem demands formalized processes and robust technologies for key management making the protection, management and secure use of cryptographic keys a fundamental component of modern IT security.

Thales has been applying data protection and key management expertise to the worldwide payments industry for over 25 years. Our solutions secure retail and corporate banking, integrate with all widely used credit/debit applications, and include the world's best-selling EMV data preparation system and complete PIN management for card issuers.