All news with #data security tag

🔒 A BlackFog survey reports that 49% of workers use AI tools at work without employer approval, often relying on free versions that may retain and use corporate data. Senior leaders appear surprisingly tolerant—69% of presidents and C-suite members and 66% of directors and senior VPs prioritize speed and efficiency over privacy. The study highlights risks to intellectual property and sensitive employee and financial data when unsanctioned tools are connected to corporate systems. It recommends audits, clear policies, vendor verification, and employee education to regain visibility and control.

🔒 The 2026 Microsoft Data Security Index explores how organizations can harness generative AI while protecting sensitive information and maintaining productivity. Based on responses from more than 1,700 security leaders, the report highlights three priorities: consolidating fragmented tools into unified platforms, managing AI-driven workflows securely, and leveraging generative AI to strengthen security operations. It recommends practical approaches using Microsoft Purview for continuous discovery and governance and Microsoft Security Copilot for automated investigation with human oversight.

🔍 Amazon S3 Storage Lens is now available in AWS GovCloud (US) Regions, providing organization-wide visibility into object storage usage and activity. S3 Storage Lens delivers cost, data protection, and performance metrics to identify inefficient access patterns, incomplete multipart uploads, and buckets with non-current object versions. Free basic metrics include 14 days of history while advanced metrics offer extended retention and greater detail.

🔐 Google is rolling out a new Personal Intelligence capability in Gemini that can access information from Gmail, Google Photos, Search, YouTube and other Google products to generate more personalized responses. The feature is opt-in, off by default, and users can choose which apps to connect, disconnect them, or turn the feature off at any time. Google illustrates uses such as pulling tire specifications from photos and emails or extracting a license plate from an image to confirm vehicle details. The functionality is launching as a U.S. beta for eligible subscribers, and Google warns that the model can still produce inaccuracies or over-personalization, inviting users to provide feedback.

🔎 Comments to SQL in BigQuery introduces an AI-driven way to write queries by placing natural-language expressions inside SQL comments. The system analyzes surrounding SQL context and translates plain English prompts into executable BigQuery SQL across SELECT, FROM, WHERE, GROUP BY and other clauses. It supports iterative refinement and aims to help both non-SQL users and experienced analysts move faster.

🔒 New 2026 analysis of 4,700 leading websites finds 64% of third-party applications access sensitive data without demonstrable business justification, rising from 51% in 2024. The report identifies recurring causes such as over-permissioned scripts, shadow deployments via tag managers, and persistent trackers. Specific tools flagged include Google Tag Manager, Shopify apps, and the Facebook Pixel, while government and education sites show marked increases in compromise. The study cautions that governance gaps and limited mitigation adoption leave organizations exposed.

🔁 AWS Glue zero-ETL now supports ongoing replication from self-managed Oracle, SQL Server, MySQL, and PostgreSQL databases into Amazon Redshift in seven additional AWS Regions. The no-code integration automatically creates and manages an ongoing replication pipeline, removing much of the setup and configuration complexity. This capability reduces operational burden and can save weeks of engineering effort for teams migrating or consolidating data into Redshift. Newly added regions include Hong Kong, Tokyo, Singapore, Sydney, London, São Paulo, and US (Virginia).

🔒 AWS Clean Rooms now supports change requests for existing collaborations, enabling participants to propose updates such as adding new members, adjusting member abilities, and modifying auto-approval behavior. All members must approve change requests before updates take effect, and every request is recorded in the collaboration change history for member review. This preserves existing privacy controls while reducing onboarding time and speeding time-to-insight—for example, a publisher can add an advertiser’s marketing agency to receive analysis results directly.

🔁 Amazon OpenSearch Service introduces a multi-tier storage option using OpenSearch Optimized (OI2) instances that combine local instance storage with Amazon S3 to enhance durability and performance. The architecture provides a hot tier for frequently accessed data and a writeable warm tier on OI2 (sizes large–8xlarge) that supports writes and automated age-based rotation via Index State Management. Warm capacity is addressable up to five times the local cache, and standard Managed Storage charges apply.

🚀 AWS DataSync Enhanced mode now supports direct transfers between on‑premises NFS/SMB file servers and Amazon S3, removing file count limits and using parallel processing to boost throughput and scalability. The mode delivers detailed transfer metrics for improved monitoring and management and accelerates use cases such as generative AI dataset movement, data lake synchronization, and large‑scale migrations. This capability is available in all AWS Regions where DataSync is offered.

🔐 Bruce Schneier warns that personal AI assistants cannot be trusted without robust integrity controls, arguing that current systems routinely push users toward bad outcomes, gaslight them, and mishandle personal context. He urges decoupling personal data stores from AI models so that cryptographic verification, access control, and auditable logs can be developed independently of model performance. Such stores should be interoperable with many models, provably accurate, under fine‑grained user control, resilient to read and write attacks, and easy to use; Schneier cites Inrupt work extending Solid and the Human Context Protocol as practical directions.

🤖 The 2025 State of AI Data Security Report shows AI is widespread in business operations while oversight remains limited. Produced by Cybersecurity Insiders with Cyera Research Labs, the survey of 921 security and IT professionals finds 83% use AI daily yet only 13% have strong visibility into how systems handle sensitive data. The report warns AI often behaves as an ungoverned non‑human identity, with frequent over‑access and limited controls for prompts and outputs.

🔒 AWS now enables AWS Clean Rooms to generate privacy-enhancing synthetic datasets for training regression and classification ML models without exposing raw records. The capability de-identifies subjects in the original data and reduces the risk of models memorizing sensitive information, allowing partners to collaborate on model training while preserving privacy. Typical use cases include campaign optimization, fraud detection, and medical research.

🔒 The NordVPN Black Friday promotion offers up to 77% off select plans, including a highlighted 27‑month Basic package priced at $80.73 and a 2‑year plan with three extra months free. Running from October 16 through December 10, the deal activates automatically via the article link with no promo codes. NordVPN emphasizes fast NordLynx speeds, a strict no‑logs policy, and bundled extras like Threat Protection and NordPass.

🔍 Amazon Quick Research now integrates specialized third-party industry datasets from S&P Global, FactSet, and IDC, alongside public patent and PubMed collections. Users with existing subscriptions can combine these authoritative sources with enterprise data and real-time web search inside a unified AI workspace. The capability compresses weeks of data discovery and analysis into minutes and helps teams move more quickly from insight to action. The integration is available in select AWS Regions.

⚡ AWS Glue 5.1 is now generally available, upgrading core engines to Apache Spark 3.5.6, Python 3.11, and Scala 2.12.18 to deliver performance and security improvements. The release refreshes open table format support (Apache Hudi 1.0.2, Apache Iceberg 1.10.0, Delta Lake 3.3.2) and adds Apache Iceberg format 3.0 features such as default column values and deletion vectors. AWS Lake Formation now enforces fine‑grained write control for Spark DDL/DML, and Glue adds full‑table access control for Hudi and Delta tables in Spark.

🔒 Amazon Aurora PostgreSQL-Compatible Edition now supports minor PostgreSQL releases 17.6, 16.10, 15.14, 14.19, and 13.22. The update introduces Dynamic Data Masking (DDM) for versions 16.10 and 17.6, masking column values at query time via role-based policies without changing stored data. It also adds a shared plan cache and delivers improved performance, faster RTO, and better Global Database switchover behavior. These versions are available in all commercial AWS Regions and AWS GovCloud (US); you can create new clusters or upgrade existing databases through the RDS console.

🔒 Amazon Aurora PostgreSQL-Compatible Edition now supports dynamic data masking using the new pg_columnmask extension, enabling column-level protection at query time. The extension complements PostgreSQL row-level security and column grants by letting administrators define SQL-based masking policies that alter how data appears to users without changing stored values. Policies can use built-in or user-defined functions to hide, partially mask, or transform data, and multiple policies can be applied with weighted precedence. pg_columnmask protects results across WHERE, JOIN, ORDER BY, and GROUP BY clauses and is available for Aurora PostgreSQL 16.10+ and 17.6+ in all regions.

🔒 CrowdStrike Falcon Data Protection for Cloud is now generally available, extending traditional DSPM into runtime to provide continuous visibility and protection for sensitive data in motion. Leveraging eBPF-powered monitoring, it detects unauthorized or risky data transfers across APIs, SaaS, containers, databases, and cloud storage without proxies or added infrastructure. The solution combines unified classification with integrated investigation and automated response, plus SIEM streaming and a lightweight Linux sensor for rapid deployment.

🔒 Amazon Keyspaces (for Apache Cassandra) now supports Logged Batches, enabling multiple INSERT, UPDATE, and DELETE operations to be executed as a single atomic transaction. This ensures that all writes in a batch succeed or none are applied, improving consistency across rows and tables for use cases such as finance, inventory, and multi-entity profile updates. The feature preserves Cassandra's atomicity guarantees, integrates with CQL, scales serverlessly with your workload, and is available today in all AWS Commercial and AWS GovCloud (US) Regions. Customers pay only for the standard write operations processed within each batch.