From the Windows Server Update Services, Microsoft Security Bulletins, and Patch Tuesdays, Microsoft has had a long history in being a leader with security updates. In an effort to modernize the process of informing organizations with needed information, Microsoft is introducing the new Security Update Guide, which is a searchable database that you can use to find updates and filter them based on what you’re interested in. Once you find what you’re interested in, you can then download the list of updates and associated data as an Excel spreadsheet.
Well, that is one busy infographic. If you need more insight into Cybersecurity, here is a great video on securing #Office365 like a cyber security professional. This session covers the primary areas of customer responsibility with Office 365 including administrative privilege management, account and access management, and client endpoints.
I was doing some research on Security and SQL Azure Databases and found this great article form Joseph D’Antoni (Denny Cherry & Associates Consulting) and Stacia Varga (Data Inspirations) that I highly recommend. The summary states, “This paper details the security and data management features found in Microsoft Azure SQL Database. It first describes the security foundation provided by Microsoft Azure and then explains the techniques and features used to manage data access in SQL Database; to log and monitor database activity; to protect data at rest and in transit; and to build secure applications. By understanding and using these features correctly, you can remain confident that your data in the cloud is protected.”
Looking to combat today’s enterprise security threats? Want to respond to and recover from security incidents more quickly? Learn how Azure Security Center helps you prevent, detect, and respond to threats with increased visibility and control over the security of your Azure resources.
Cyberattacks cost organizations $400 billion a year. It seems nearly every week a new cyberattack is announced, against a corporation, a government agency, or a nonprofit organization. This has made cybersecurity a top issue for IT, Security, Legal and the board room. On March 29th, hear from top security experts and key Microsoft security professionals for a three-hour event Virtual Security Summit dedicated to better understanding today’s Enterprise Security industry.
If you are in any way responsible with information systems that touch the web, this course will give you an in-depth look at the top 5 risks you should be aware of and how to combat them. I personally was really interested in the SQL Injection section.
Last year (2015) was a big year for Azure Security. Microsoft released a number of new security capabilities such as Azure Disk Encryption, Azure Key Vault, SQL Transparent Data Encryption (TDE) and Column Level Encryption (CLE), Storage Client-side Encryption, and more. On the product/service side we introduced the public preview of Azure Security Center. The year passed like a whirlwind and the pace of change in Azure kept us all on our toes. Let’s take a look at what the Azure Security team and other partners have published last year to help you keep up to date.
When you build or migrate IT assets to a cloud provider, you are relying on that organization’s abilities to protect the applications and data you entrust to their services and the security controls they provide you to control the security of your cloud-based assets. Learn more about getting started with Microsoft Azure Security.
Say goodbye to passwords and say Hello to a new way of doing Multi-factor Authentication in Windows 10. Here is a 4 minute video that explains the future of security.
Key Length and Encryption Strength
The strength of encryption is related to the difficulty of discovering the key, which in turn depends on both the cipher used and the length of the key.
Encryption strength is often described in terms of the size of the keys used to perform the encryption. Generally, a longer key will provide a stronger encryption. Key length is measured in bits. For example a 128-bit key would be stronger than a 40-bit key.
However, because of the math associated with their algorithms; some ciphers can use only a subset of the possible values for a given key length, while other ciphers can use all possible values for a given key length. Therefore, different ciphers may require different key lengths to achieve the same level of encryption strength.
Here are some links to learn more about Hashing Algorithms, Symmetric Keys, and Asymmetric Keys.