All news with #data security tag

🔒 Ericsson has implemented a global data governance framework using Dataplex Universal Catalog on Google Cloud to ensure data integrity, discoverability, and compliance across its Managed Services operation. The program standardized a business glossary, automated quality checks with incident-driven alerts, and visualized column-level lineage to support analytics, AI, and automation at scale. It balances defensive compliance with offensive innovation and embeds stewardship through Ericsson’s Data Operating Model.

🛡️ Data Security Posture Management (DSPM) tools help organizations discover, classify and manage sensitive data across dynamic cloud environments. They focus on locating "shadow data" in known and unknown repositories and typically collect metadata via agentless or API-based scans to avoid moving raw data. DSPM dashboards catalog findings, map lineage and assess compliance, while remediation often integrates with SOAR, SIEM or CNAPP solutions. Many vendors now combine discovery with some automated "fix it" capabilities to streamline response.

🔐 Amazon S3 now supports conditional copy operations via the CopyObject API, enabling verification of an object's existence or content in the destination bucket before copying. You can supply the HTTP If-None-Match header to ensure the destination object does not exist, or If-Match with an ETag to validate content prior to copy. Administrators can enforce these checks using s3:if-match and s3:if-none-match bucket policy condition keys. This capability is available at no additional charge in all AWS Regions and removes the need for additional client-side coordination or pre-copy validation calls.

🔔 Google Cloud previewed Bigtable tiered storage, which automatically moves less-frequently accessed data from high-performance SSD storage to an infrequent access tier while exposing the same Bigtable API. The fully managed feature integrates with Bigtable autoscaling so applications can read and write across hot and cold tiers via a single interface. Google says the infrequent access tier can be up to 85% less expensive than SSD and that a tiered-storage node offers substantially more usable capacity, making it suited for large time-series and telemetry datasets that require long-term retention for analytics or compliance.

🔒 Since ChatGPT’s 2022 debut, enterprises have rapidly launched GenAI pilots but struggle to convert experimentation into measurable value — only 3 of 37 pilots succeed. The article identifies four critical bottlenecks: security & data privacy, observability, evaluation & migration readiness, and secure business integration. It recommends targeted controls such as confidential compute, fine‑grained agent permissions, distributed tracing and replay environments, continuous evaluation pipelines and dual‑run migrations, plus policy‑aware integrations and impact analytics to move pilots into reliable production.

🔒 CSO's 2025 Security Priorities Study finds security leaders are juggling expanding responsibilities while facing greater complexity in selecting the right tools. Seventy-six percent say solution selection is more complex and 57% had trouble finding incident root causes in the past year. Top focuses are protecting sensitive data, securing cloud systems, and simplifying IT infrastructure, with 73% now more likely to consider AI-enabled security. Many plan to rely on managed service providers and maintain level budgets while driving strategic AI and governance initiatives.

🔒 This article examines what ChatGPT collects, how OpenAI processes and stores user data, and the controls available to limit use for model training. It outlines region-specific policies (EEA/UK/Switzerland vs rest of world), the types of data gathered — from account and device details to prompts and uploads — and explains memory, Temporary Chats, connectors and app integrations. Practical steps cover disabling training, deleting memories and chats, managing connectors and Work with Apps, and securing accounts with strong passwords and multi-factor authentication.

⚡ Amazon RDS for Oracle now offers zero-ETL integration with Amazon Redshift in eight additional AWS Regions, enabling near real-time analytics and ML on transactional data without building ETL pipelines. Data written to an RDS for Oracle instance is replicated to Redshift within seconds. Administrators can configure integrations via Console, API, CLI, or CloudFormation, select specific PDBs and tables, and must use Oracle Database 19c.

⚡Amazon RDS for MySQL and Amazon RDS for PostgreSQL now support zero-ETL integrations with Amazon Redshift in eight additional regions. Data written to RDS is replicated to Redshift within seconds, enabling near real-time analytics and ML on transactional datasets. You can create multiple integrations per database, apply per-integration filtering to include or exclude specific databases and tables, and automate deployment with AWS CloudFormation.

🔒 BigQuery data clean room query templates are now available in preview, enabling clean room owners to publish fixed, reusable TVF-based queries that accept table or field inputs and return only aggregated rows. Templates reduce data exfiltration risk, simplify onboarding for non-SQL users, and enforce consistent analytical and privacy controls via aggregation thresholds and approval workflows. They support single-direction and multi-party collaboration while keeping query logic hidden from subscribers.

🔒 AWS Transfer Family SFTP connectors can now route connections through your Amazon VPC, enabling secure file transfers between Amazon S3 and remote SFTP servers whether privately or publicly hosted. Connectors can present VPC CIDR IP addresses for compatibility with IP allowlists and leverage NAT Gateway bandwidth for higher-throughput internet transfers. All traffic is routed through existing VPC networking and security controls, including Transit Gateway and centralized firewalls to help meet data security mandates.

🔐 Google will transition in November 2025 from overwrite-based media sanitization to cryptographic erasure, using default encryption to render data unrecoverable by securely deleting encryption keys rather than overwriting drives. Recognized in NIST SP 800-88, this method is faster and better suited to modern storage technologies. Google says it will apply a layered, defense-in-depth model with independent verification, key rotations, and protections for device secrets to maintain strong safeguards.

🔒 This buyer’s guide explains why organizations need comprehensive data protection platforms for hybrid cloud environments and which capabilities to prioritize. It highlights core requirements such as data discovery and classification, layered protections (encryption, DLP, immutability), continuous monitoring, and automated recovery to address ransomware, misconfigurations, outages and compliance. The guide also surveys market trends and leading vendors to help IT teams evaluate DPaaS, cloud-native and on-premises options.

🔍 A majority of CISOs want full visibility into data flows across hybrid cloud environments but often lack suitable tooling. The Gigamon study CISO Insights: Recalibrating Risk in the Age of AI, surveying 1,021 security and IT leaders including 200 CISOs in early 2025, reports that network data volumes have nearly doubled due to AI and that 86% favor combining packet and metadata. However, 97% admit they must compromise on transparency, and many distrust public cloud security.

🔒 AWS Clean Rooms now supports data access budgets for tables in a collaboration, letting data owners limit how often their data can be analyzed for custom ML training, inference, SQL queries, or PySpark jobs. Administrators can set daily, weekly, or monthly refresh budgets, lifetime caps, or both; once a budget is exhausted the system blocks further analyses until the budget refreshes. Budgets may be edited or reset at any time to suit changing needs. This privacy control reduces unintended data exposure while maintaining collaborative analysis.

🧭 Cloudflare announced the Cloudflare Data Platform, combining Cloudflare Pipelines, R2 Data Catalog, and R2 SQL to ingest, store, and query analytical tables directly on R2 object storage. Built on Apache Iceberg and open standards, the platform emphasizes engine interoperability and Cloudflare’s zero-cost egress. Pipelines offers exactly-once ingestion and SQL transforms today; stateful processing is planned. The products are open betas with usage-based pricing signals ahead of GA.

⚡ R2 SQL is Cloudflare’s serverless query engine that runs SQL directly against Iceberg tables stored in R2, eliminating the need for Spark or Trino clusters. The Query Planner uses R2 Data Catalog metadata and multi-level stats to prune manifests, files, and Parquet row groups so only necessary bytes are read. Execution is distributed across Cloudflare’s network using Workers and query workers running Apache DataFusion, with results serialized via Apache Arrow. An ordered, streaming planning pipeline enables early termination for ORDER BY ... LIMIT queries; R2 SQL is currently available in open beta.

🛡️ AI's rapid enterprise adoption requires CISOs to replace inflexible bans with living governance that both protects data and accelerates innovation. The article outlines three practical components: gaining ground truth visibility with AI inventories, AIBOMs and model registries; aligning policies to the organization's speed so governance is executable; and making governance sustainable by provisioning secure tools and rewarding compliant behavior. It highlights SANS guidance and training to help operationalize these approaches.

🛡️ Generative AI is now central to enterprise work, but rapid adoption has exposed gaps in legacy security models that were not designed for last‑mile behaviors. The piece argues buyers must reframe evaluations around real-world AI use — inside browsers and across sanctioned and shadow tools — and prioritize solutions offering real-time monitoring, contextual enforcement, and low‑friction deployment. It warns against blunt blocking and promotes nuanced controls such as redaction, just‑in‑time warnings, and conditional approvals to protect data while preserving productivity.

🔒 Amazon S3 now supports conditional deletes in S3 general purpose buckets. You can include an HTTP If-Match header with an object's ETag when calling DeleteObject or DeleteObjects; S3 will only delete the object if the provided ETag matches, reducing accidental removals in high-concurrency, multi-writer environments. Administrators can also enforce conditional deletes using the s3:if-match bucket policy condition. The capability is available at no additional cost in all AWS Regions and accessible via the API, SDKs, and CLI.