Developing CSfC secure data solutions: Waivers no longer required for storage devices - Story
March 13, 2024Military and government agency program regulations require their sensitive data at rest (DAR) to be securely encrypted and stored in a variety of applications, including in uncrewed systems, servers, and other endpoint devices. Shouldn’t we be following the rules? Rules that call for highly sensitive information to be securely encrypted and stored? Unfortunately, it has been too easy to acquire exceptions to these regulations, especially when it comes to data-storage solutions, thus putting the nation’s data at risk. The NSA CSfC [National Security Agency Commercial Solutions for Classified] program was launched in 2016 to make it easier to secure data by using certified, off-the-shelf products. With the advent of new NSA-approved off-the-shelf secure storage solutions, waivers that skirt secure storage requirements no longer need to be granted.
GUEST BLOG: Five steps to take when securing your data with multi-factor authentication - Blog
September 06, 2022Computer data exists in different states at different times: data in transit (information flowing through a network); data in use (active data that is being accessed and manipulated by a computer program); and data-at-rest, known as DAR, or data that is physically housed in a storage device like a solid-state drive. Many cybersecurity solutions focus on securing data in transit and data in use, but neglect securing DAR.