Category Archives: Compliance

TLS 1.3 Released: Most secure Web based communication protocol – Now Available

      No Comments on TLS 1.3 Released: Most secure Web based communication protocol – Now Available

Just saw the tweet… IETF finally released the long-awaited TLS 1.3 version of the secure Web communication, considered to be the most secure protocol specification that assures high-degree of security, privacy and also faster performance compared to its predecessor TLS 1.2. The most compelling features of TLS 1.3 : More secure, removed out-dated algorithms previously had known vulnerabilities from TLS cipher… Read more »

Encryption and Key Management in AWS – Comparing KMS vs. CloudHSM

      4 Comments on Encryption and Key Management in AWS – Comparing KMS vs. CloudHSM

A secure data protection using encryption depends more on secure key management processes than the encryption itself. Although enabling encryption looks quite trivial, managing the underlying Key management lifecycle processes and handling the associated cryptographic operations always been a daunting challenge! The challenges are too many till we really know..beginning from key generation and issuance, key ownership, key usage, privileged… Read more »

Automating Security and Compliance Assessments using SCAP – On-demand Scanning and Compliance Reporting with Remediation

      No Comments on Automating Security and Compliance Assessments using SCAP – On-demand Scanning and Compliance Reporting with Remediation

Manually assessing security controls, host and application configuration, access control policies, software patch levels and creating on-demand compliance readiness reports has always been a daunting task, especially when it is critical to adhere standards and regulatory mandates.  Not only those processes are very time consuming and they are also highly prone to human errors.  It becomes even more complicated when… Read more »

Using Hardware Security Module (HSM) for Oracle Transparent Data Encryption (TDE)

      No Comments on Using Hardware Security Module (HSM) for Oracle Transparent Data Encryption (TDE)

Hardware Security Module (HSM) plays a critical role in securing the storage of private keys and accelerating compute-intensive cryptographic processes associated with public-key encryption, symmetric-key(secret-key) encryption and digital signature applications. Using HSM in Oracle Transparent Data Encryption applications will ensure that the Key material stored on the card is protected and not exportable (never leaves the card) and all associated… Read more »