Your smartphone is crammed with sensitive information about your life, from confidential business emails and mobile banking passwords to private photos and social media logins. That means you should secure it as carefully as you would your credit cards or your personal computer.

Encryption is a great way to keep your information safe. Put simply, it scrambles your data so that no one can read it unless they have the PIN code or password. This can protect you from having your information and identity stolen if your smartphone falls into the wrong hands.

Encrypting your device could slow down the performance of your device, but not to a noticeable extent if you have downloaded the latest version of your operating system and have a fairly new smartphone. Here are some tips from Alcatel on how to encrypt data on your Android smartphone:

Step 1

Open settings, go to the security menu and select encrypt phone. You will be prompted to plug your device into a charger.

Step 2

Your smartphone will ask you to set a lock screen PIN or password. Dont forget this code because youll need it to decrypt your files.

Step 3

Pay careful attention to the notifications and warnings. Its especially important not to interrupt the encryption process once it starts.

Step 4

The phone will begin encrypting your data after a reboot.

Two important points to note:

Credit: Digital Street SA

Follow this link:
The why and how of encrypting files on your Android smartphone - Phoenix Sun

The FBI Director renews the debate over encryption during a stop at the University of Texas.

Its a debate that has been going on in the aftermath of the San Bernardino Terror Attackwith the feds trying to break the encryption around the phone used by one of the terrorists.

Apple took its case against cooperating with those efforts to the publicafter federal authorities got the courts involved in the fight.

Look one of the worlds I can imagine I dont know whether this makes sense a requirement that if youre going to sell a device or market a device in the United States, you must be able to comply with judicial process you figure out how to do it Comey said Thursday Morning, admitting his interests are a bit different than those of companies looking to sell products and win shares of the market.

As those devices become off limits to judicial authoritythats a change in the way we live Comey said.

My job is to worry about public safety. Their job is to worry about innovating and selling more units I totally get that Comey said.

The FBI Director said its not for himor for companies to decide unilaterally what the process and proper standards should bebut said it is a discussion we need to haveand a question we need to answersooner rather than later.

We cant have this conversation after something really bad happens Comey said.

More here:
Comey Renews Debate Over Encryption - 550 KTSA

NeuVectors unique network-layer visibility and run-time protection combines with NGINX Plus security capabilities to safeguard business-critical container applications

NeuVector, which delivers continuous network security for containers, today announced support for NGINX Plus security capabilities into the NeuVector console.

NGINX Plus, the enterprise-grade application delivery platform from NGINX, Inc., extends open source NGINX software with advanced features for container applications such as load balancing, service discovery, and application resiliency. Complementarily, NeuVector adeptly provides the network layer visibility and security needed to oversee east-west container-to-container traffic. This is traffic that routinely crosses hosts and data center boundaries, presenting an ever-increasing concern as microservices deployment growth continues.

Providing support for NGINX Plus alleviates the issues and conflicts commonly faced when security features from different vendors overlap, instead achieving simple and effective visualization of those container connections that utilize NGINX Plus to encrypt container-to-container sessions. With NeuVector and NGINX Plus working in tandem, any attempt to bypass an NGINX Plus encrypted tunnel is instantly detected and addressed by NeuVector. At the same time, NeuVector automatically recognizes and monitors those connections not encrypted by NGINX Plus, protecting against threats or violations to those containers.

The NeuVector solution a container itself can be deployed to protect running (or brownfield) container applications as well, offering a layered security solution with NGINX Plus. Once NeuVector is deployed and the application receives traffic, the NeuVector console displays a visual map of all containers, applications, and network connections involved including indications of which containers are secured by NGINX Plus-encrypted SSL tunnels. This visualization offers quick insights into application behavior and the security of each container.

NGINX Plus provides the enhanced security controls, and monitoring and management capabilities, for delivering microservices at scale, said Paul Oh, Head of Business Development for NGINX, Inc. NeuVectors visualization of NGINX Plus security capabilities helps enterprises manage therisks associated with deploying containers in production.

The NeuVector zero-configuration solution will automatically recognize expected normal behavior in the network connections it oversees. For connections between application containers that are not encrypted by NGINX Plus, NeuVector performs automated segmentation and deep packet inspection, and then makes an informed determination as to whether those connections should be allowed. In this way, NeuVector blocks only suspicious container traffic, while safe traffic continues to the container unaffected. To complete its run-time protection suite, NeuVector also provides real-time threat detection and vulnerability scanning for hosts and containers.

Continuously defending container applications from active threats requires effective security solutions that have their eyes open, said Fei Huang, CEO, NeuVector. Too often, though, implementing security solutions from multiple providers is a reliable recipe for conflicts and IT frustration. Were proud to provide valuable visualization of the security and encryption that NGINX Plus makes available to enterprises, and to seamlessly complement that security with NeuVectors own threat detection and prevention capabilities. The result gives businesses a much more complete ability to view oncoming threats and to protect their critical container applications.

Resources

About NeuVector

NeuVector delivers a Docker container network security solution with a zero-configuration policy that adapts to the changing environment and secures containers during run-time. Founded by industry veterans from Fortinet, VMware, and Trend Micro, NeuVector has developed patent-pending behavioral learning for containers with the vision of simple, scalable network security for containers.

Here is the original post:
NeuVector Announces Container Visualization, Encryption, and Security Solution for NGINX Plus - DABCC.com

1.5M Unpatched WordPress Sites Hacked Following Vulnerability Disclosure

February 10, 2017 , 11:45 am

February 8, 2017 , 8:21 am

January 30, 2017 , 4:48 pm

February 14, 2017 , 3:44 pm

March 23, 2017 , 11:16 am

March 22, 2017 , 11:08 am

March 20, 2017 , 1:20 pm

March 17, 2017 , 11:00 am

March 14, 2017 , 8:56 am

March 10, 2017 , 10:51 am

March 9, 2017 , 12:25 pm

March 8, 2017 , 11:02 am

March 6, 2017 , 2:27 pm

March 2, 2017 , 11:25 am

March 1, 2017 , 11:47 am

February 28, 2017 , 12:22 pm

February 24, 2017 , 10:48 am

February 23, 2017 , 1:17 pm

February 22, 2017 , 1:41 pm

February 21, 2017 , 1:02 pm

February 15, 2017 , 7:00 am

February 13, 2017 , 11:00 am

February 3, 2017 , 11:20 am

February 2, 2017 , 2:57 pm

January 26, 2017 , 11:16 am

January 23, 2017 , 8:52 am

January 20, 2017 , 11:50 am

January 17, 2017 , 11:00 am

January 13, 2017 , 10:00 am

January 11, 2017 , 4:40 pm

January 10, 2017 , 11:28 am

January 6, 2017 , 12:00 pm

January 4, 2017 , 2:01 pm

January 3, 2017 , 4:28 pm

December 29, 2016 , 11:30 am

December 22, 2016 , 6:00 am

December 19, 2016 , 1:42 pm

December 13, 2016 , 3:27 pm

December 12, 2016 , 1:47 pm

December 9, 2016 , 11:00 am

December 8, 2016 , 9:15 am

December 6, 2016 , 11:24 am

December 5, 2016 , 2:10 pm

December 1, 2016 , 12:00 pm

November 30, 2016 , 12:44 pm

November 28, 2016 , 3:30 pm

November 8, 2016 , 2:57 pm

November 1, 2016 , 5:50 pm

October 29, 2016 , 6:00 am

October 27, 2016 , 4:27 pm

October 25, 2016 , 3:00 pm

October 22, 2016 , 6:00 am

October 21, 2016 , 10:01 am

October 20, 2016 , 7:00 am

October 18, 2016 , 4:58 pm

October 14, 2016 , 9:00 am

October 5, 2016 , 8:51 am

October 3, 2016 , 5:00 am

September 26, 2016 , 10:45 am

September 22, 2016 , 3:47 pm

September 22, 2016 , 12:31 pm

September 20, 2016 , 2:41 pm

September 15, 2016 , 11:15 am

September 13, 2016 , 9:14 am

September 9, 2016 , 2:06 pm

September 8, 2016 , 3:43 pm

September 2, 2016 , 9:00 am

September 1, 2016 , 1:08 pm

August 29, 2016 , 9:58 am

August 24, 2016 , 5:53 pm

August 24, 2016 , 8:00 am

August 17, 2016 , 4:06 pm

August 17, 2016 , 12:58 pm

August 8, 2016 , 1:40 pm

August 4, 2016 , 3:26 pm

August 4, 2016 , 10:00 am

August 3, 2016 , 10:00 am

August 2, 2016 , 9:00 am

July 29, 2016 , 10:45 am

July 26, 2016 , 9:30 am

July 25, 2016 , 3:51 pm

July 21, 2016 , 1:18 pm

July 20, 2016 , 9:21 am

July 15, 2016 , 11:00 am

July 14, 2016 , 1:05 pm

July 12, 2016 , 11:40 am

June 30, 2016 , 11:48 am

June 28, 2016 , 10:00 am

May 31, 2016 , 5:44 pm

May 31, 2016 , 1:37 pm

March 10, 2016 , 10:23 am

March 22, 2017 , 1:45 pm

March 4, 2017 , 8:00 am

February 3, 2017 , 3:03 pm

February 3, 2017 , 8:36 am

The rest is here:
Paper Spells Out Tech, Legal Options for Encryption Workarounds - Threatpost

Last year there was a lot of momentum in the deployment of data encryption. This was seen on the web, in the consumer space, and in the enterprise. I expect to see these trends continue and accelerate. While current data encryption work covers a broad set of topics from the attacks against old algorithms such as SHA1 growing in strength, to the exciting progress on post quantum cryptography, I want to draw attention to a set of practical trends that will affect businesses in the coming months.

This year we will see encryption deployment accelerate. This trend will be most visible in the browser where https will replace http for most high-traffic sites, and will be driven by the move to http2 (which, in practice, will not support unencrypted traffic as well as initiatives by Google to push sites to use encryption).

Large media organizations, such as The Guardian and The New York Times, are leading the way and have switched to https only. The benefits of encryption include greater privacy for your visitors, as well as preventing the increasingly common practice of content injection.

I also expect this trend to accelerate in categories that are moving beyond transport-level encryption such as consumer and IoT products, where the perceived risk of hackers and state sponsored attacks is growing. WhatsApp, iMessage, and other messaging platforms have deployed end-to-end encryption to more than a billion consumers. In the IoT space, suppliers are starting to offer end-to-end encrypted solutions ready for integration into everything, from light bulbs to cars.

The Enterprise Will Deploy End-to-End Encryption

Currently, enterprise software lags behind the consumer space in the deployment of end-to-end encryption. Many popular tools don't use end-to-end encryption, leaving companies at risk to data snooping and massive hacks. The value of securing data will become more evident as more high-profile hacks and leaks, such as the DNC hack, are revealed.

End-to-end encryption means that the only parties with access to your data are the ones with the keys. If done properly, this can remove all of the back-end infrastructure from the trusted compute base. This is a critical step to reducing leaks, and is especially beneficial for cloud solutions where it is often unknown who has access to customer data: Your SaaS provider? Their providers? Their hosting service?

Key Management Will Remain a Challenge

Data encryption is, unsurprisingly, no silver bullet. The greatest challenge when deploying an encryption system is key management. How are keys distributed and protected? We have seen examples of key management failures from the infamous Comodo hack to the use of stolen code signing certificates.

In your own origination, it is important to protect your keys, especially if they are used to authenticate your software or services to the public. Best practices here are:

Use Certificate Transparency for your public https certificates.

Consider using hardware encryption modules such as TPM for servers, and FIDO for clients.

Code signing keys should be stored and used on air gapped machines whenever possible.

The Conversation Will Move from Privacy to Trust

Historically, cryptography has been thought of as a tool to enable privacy, but the narrative is moving to one of trust. When Apple shipped encryption by default for iOS, and WhatsApp turned on end-to-end encryption, it was not because their support queues were filled with requests for more privacy. They shipped these features to create a stronger bond of trust for their brand. Encryption allows companies to tell their users, You can trust us; even if a hacker gets their hands on the data, they wont be able to read it. Your stuff is safe with us, and only you have access to your account.

This concept is important not just for consumer applications, but for enterprise software as well. If a company uses a SasS or on-premise product with end-to-end encryption, theres a level of protection around sensitive company information that cant be achieved with alternative technologies. Even inside an organization, the IT department doesnt need access to decryption keys. By employing strong encryption, users are able to trust their organizations and security vendors to keep their information secure, leading to more regular use and widespread support of products that do so.

This year is shaping up to be a momentous year for encryption, with increased deployment across all sectors. It will continue to play an important role in security, as well as help build trust between brands and their customers.

Excerpt from:
Opinion Data encryption efforts ramp up in face of growing security threats - Information Management