Category Archives: Encryption
Tips to Secure and Encrypt your WIFI Network Security – H2S Media
The modern technology of the modern world offers us the advantages to live our lives and do our work more comfortably. We can access so many things very easily while sitting from our home or offices such as modern gadgets like our Smartphone, Tablet, PC or Laptop, etc every single day for work and personal uses. In order to get all the services from those devices, we need an internet connection that connects us with the web world to surf on it and access data or information from different sources. Even there are other things like Smart TV, AC, etc gadgets or machines in our home or offices are accessible through an internet connection.
To connect all the devices with the internet that we have in our possession, we use a WI-FI network that connects all the gadgets with a single internet network. Using a wireless network, even we can remotely control those devices. That opens up many opportunities to do our stuff pretty much easily. But, that opportunity also brings some major threats or problems to our systems and the data we have in them. Many people even do not realize those issues unless they face any. To prevent those threats, we must secure our WI-FI network as strong as possible for our own good.
Digital theft and hacking is common practice and the crime is increasing day by day. Hackers are just waiting for one single mistake from you to grab it for hacking your network. Giving them such loopholes is what we should avoid protecting our devices and data which very essential to us.
There are many ways to protect your WI-FI network and to make it strong enough to secure your device and data from attackers and viruses or malware. It is very important to secure your network to make it safe and virus-free.
The Wi-Fi router translates the data fed in by the internet provider and sends it as an internet signal to various end devices that are connected to the router. It helps to organize a simultaneous exchange of files between devices and with the internet connection. All the devices connected to the router are operated within the network. To ensure the security of the Wi-Fi network and the devices that are connected with it, effective and strong encryption of the Wi-Fi is very useful to provide protection from hackers.
Weak encryption could be very easy for attackers to crack with their hacking tools and methods. It will give them access to your network and data to see or hack them and even can control your network settings for any intention.
To secure your data transmission, which will restrict data transmission only between the end device and router to read there are some encryption methods that you can use.
This is an outdated standard for network encryption. This method should not be used because of many security gaps that attackers can exploit.
Compared to the WEP method, WPA is based on a more complicated algorithm that uses an improved key calculation with new keys for each data packet. It uses 48-bit encryption.
This is the one that you can use for better encryption. This is the most used and recommended encryption method for Wi-Fi networks. You can also make it tougher with the WPA2 AES option.
It is the updated version of WPA2. It is becoming available for new devices and routers. It uses 192-bit for encryption which is very effective to block attackers with brute force dictionaries.
People who are using a simple password to connect any device with the router then they should change it and set a strong password which must be very difficult to guess or crack. Having strong encryption will not provide you the required protection if your password is easy to break. As we usually share the password with our family members and close friends that visit frequently so the chances of spreading the password are there too, well that is another story for such a situation we can use Guest networks. Whatever, you must set up a secure password that must include words, numbers, and other signs and make it big. Then it will be difficult for anyone to crack the password or remember it for a long time to provide them to other people.
As we only have to connect a device one time with a password and access the router after that without it. So, people may forget it after some days. And do not share the password with everyone. Only share it with trusted people and try to restrict yourself from sharing it as much as possible.
Changing your Wi-Fi password frequently also can help you to protect your network from unwanted people and it is always good for security. Using the same one for a long time is not a wise decision as many people might know about it during that time and it can be hacked easily. Make a habit of a timely routine that can be weekly or monthly to change it for better security and privacy. It will also kick out unnecessary people who have used your network before.
This is one of the most initial things you must do if you want security for your Wi-Fi network connection. The network or user name and admin password of multiple same types of routers get the same name and password as a default from the router company. Buyers access this to control the console of the router. Now this password is not the one you use for connecting a device with the network. It will give you access to router settings and configuration which is completely your personal thing to access and set it as you want.
The given name and password are easily accessible as it usually provided with a package of the router. And being the same credentials for multiple routers, you can find it on the official company website of the router or simply by searching online. It is easy to get and hackers will know about it very comfortably. So, change the default password with a strong and long password that would be tough to access.
And also, the same thing could reveal information about your router to attackers that are the so-called SSID. The abbreviation SSID means Service Set Identifier and denotes the name of the network. In many cases the network name and device type are equivalent. It is advisable to adapt and personalize the SSID. In this case, potential attackers cannot easily find out which router is being used. This minimizes the risk that known weak points in the router can be exploited. So, change the network name to give it proper protection.
After setting up a new network name and password you can hide the network name or SSID for extra security and protection from hackers. At first, you certainly need to access it for visibility to connect the devices you want to use by connecting with the router. When you have completed the connections or you do not need the SSID to be visible for any reason, hide it so no one can see your network. Or else we can also manually add SSID to connect the Wi-Fi network, of course, for that you should remember it by heart.
Furthermore, this hiding trick will enable you to provide more security and privacy. No one from the surroundings of your home will be able to detect your network name and the hackers cannot find your network to try to hack it. Any person who might visit your home would most likely not ask for your password to connect his/her device because they cannot see it in their devices. Changing the name of your network will manage to assist the uniqueness of your router and hiding it from visibility can add more security to it.
If you could not remember your SSID, then you can always unhide it to connect any device further or for any other purposes. And then hide it once again when the need for it is not required. The process is not so hectic and you can do it at any time using your device.
The full form of WPS is Wi-Fi Protected Setup. It is a much easier process to connect any device with the router network. It can be used for the people who do not know about the technical things much or has a fear of it. There are two different ways that the WPS methods use for any device connected with the network. The first one is the routers that have a push button at the back which you can press to connect a device by sending out a signal to connect it. Here you do not need any password or code to access the network.
And secondly, you can use an eight-digit code to connect any device with the network to access the internet from the device. It is a very easy process to connect any device with your network. But, this is not very safe as hackers can break your network security pretty much in a matter of time especially cracking the codes and gaining access to your router network. Although you can use the push button method sometimes to connect a device, the second one is not a method to practice at all. It is best for you to avoid any method and disable the WPS feature.
We can access your router with devices that are connected to your home and the necessary things we would like to do. The remote administration feature provides you to access the router settings through the internet from other locations as well. As you can access your router with the help of remote access then any hacker will be able to do the same without much inconvenience.
So, the most suitable option you could pick is to disable the remote administration (if you do not require it) of your router. Just go to the Wi-Fi settings and the administration to turn it off if it is accessible at the moment. Using a feature like this that can bring so many problems instead of making your network security strong is not a great option to select.
We update our operating system, any software or application, antivirus, etc with the latest version of the updates. We do this or companies provide such updates to fix any issue or glitch and strengthen the security or any loophole that can compromise the safety of the user. Your router also should be updated with the latest version of the update to deliver the topmost security and performance. The routers that have an automatic update option can update it with the latest updates. But, for the other ones you should check for any updates to update it manually.
Just check for the updates after a certain period of time. If there is one, then update it. You can look for the updates on the router company website or in the router console if the option is there to notify you. It is very important to update the firmware of your router to make it more secure from hackers. They always look for any loophole in the security of a router to exploit it. In case there is any virus outbreak, then the router companies will most likely provide a security update to dodge the virus. In that case, you must check for any update that can save you from such outbreaks or attacks.
The firewall of your router also plays an important role to protect you from the various threats which you can face through the internet. And no, we are not talking about the firewall of your PC or laptop. Your router should have its own built-in firewall system as most of the routers have which can provide you the security to secure your network and other devices. It will also prevent any hacking or if someone tries to drill through your network security.
The firewall has an option of disabling as well. So, go to your settings to find a firewall and enable it if it is disabled in your router. And if you are unable to find the firewall in your Wi-Fi then try to find out whether it is there or not and how you can access it. Check on the company website or any online forum to get knowledge about it.
MAC address is basically a Media Access Control. Every device around the world has a unique MAC address and no other device can have the same MAC address as another one. In the router settings, you can find the option to filter MAC addresses to find out which device has accessed your router. With this unique identifier, you can elevate the security of your Wi-Fi network by limiting the devices to connect with your network. You can also put the MAC addresses of the devices you would like to give permission to access the router.
So, in this way, we can avoid other devices and can filter out unwanted devices to connect with your network in the future. This can limit the number of devices to connect with it. Only the approved ones can access and stay within the network. That is a very reliable feature to keep your router clean from many devices and restrict any of the devices to which you do not want to give access to use the internet or harm you in any way. It will surely boost the security of the router network and prevent intruders from hacking it.
Now that is not by any means technical things but it is one of the obvious things you should do and make a habit of turning off the router when no one needed it. We turn off any other electrical or electronic devices like TV, AC, PC, lights, etc when we do not use them. So why keeping a router on if you are going out for a long trip.
It will save electricity and a turned-off router is basically the safest thing for potential hackers. They would not be able to hack your network if the router is turned off. Even if you have any wanted user that uses your internet through the router will not be able to access it when you are not using it or not at home. Turning off the Wi-Fi, when one is out of home or on a trip is the best decision for the safety of your network, devices, and also for your home.
Another network for different IoT devices
Modern technology is getting smarter and providing us many IoT (Internet of Things) devices day by day. We already use many devices like smartphones, smart TV, PC, etc in our homes and the number of IoT devices will increase in the near future for sure. So, why we should put all such devices with the same network if we can create a new router network to connect some of the devices for more security. The majority of IoT devices do not offer good security. And if any of them is hacked by any hacker then they can invade all of our devices including our Wi-Fi network for using the same network.
If you are a person that likes to secure your devices and network as much as you can then you can set up a second network for using the devices that you feel are not providing much security like old devices. In this way, you can secure the devices that are more important and high secured with one network. And use another network to use other devices to separate them from the important devices. It will provide more security to your network and the devices you value more.
You do not have to share your main network password with other visitors or unwanted people to connect their devices with it. Instead, just create a guest network for those people who might use unprotected or infected devices which are unknown to you. Most of the routers offer this feature to set up a guest network for the visitors.
Just create a different password and username or SSID for the guest network and keep your main network password secret to you and the people you trust. If any of the guests use a device that is already infected then it will not be able to infect your own devices from the network you connect them to use the internet. It is a better way to prevent hacking and cybercrime. It will decrease the chances of such threats.
Some other tips to secure your Wi-Fi network security
Conclusion
Cybercrime is one of the main concerns these days. So learn the cyber security methods and tricks to protect your data and network from intruders. Use all the methods you might need to secure your network and maintain a safe zone for work without any worry.
Read the original post:
Tips to Secure and Encrypt your WIFI Network Security - H2S Media
XSOC CORP Recognized by CyberSecurity Breakthrough Awards Program for Overall Encryption Solution of the Year – Business Wire
IRVINE, Calif.--(BUSINESS WIRE)--XSOC CORP, a leading developer of extensible, secure, optimized cryptographic tools, platforms and protocols was named the winner of the Overall Encryption Solution of the Year award in the fifth annual CyberSecurity Breakthrough Awards program conducted by CyberSecurity Breakthrough. CyberSecurity Breakthrough is a leading independent market intelligence organization that recognizes the top companies, technologies and products in the global information security market.
XSOC Cryptosystem is a purpose-built, customizable, encryption engine designed to provide Quantum-Safe information security, using FIPS 140-2 validated functionality, for any data stored or any data sent, shared, transferred, migrated, or streamed regardless of size or format, and can be integrated into new or existing cybersecurity applications or workflows.
XSOC CORP provides cyber-resilient solutions that are designed to safeguard and preserve the confidentiality and integrity of information, critical software technologies and intellectual property at all data points of an infrastructure by preventing unauthorized access and use by person or devices.
We are honored and elated to be recognized by the Cybersecurity Breakthrough Awards, said Richard Blech, XSOC CORP Founder & CEO. This acknowledgement shows our users that our mechanism can and will be used across a wide spectrum to securely exchange and decrypt information. Achieving this level of acknowledgement within the first year of launch is a grand slam.
The mission of the CyberSecurity Breakthrough Awards is to honor excellence and recognize the innovation, hard work and success in a range of information security categories, including Cloud Security, Threat Detection, Risk Management, Fraud Prevention, Mobile Security, Email Security and many more. This years program attracted more than 4,000 nominations from over 20 different countries throughout the world.
Additional Resources
For more information on CyberSecurity Breakthrough: https://cybersecuritybreakthrough.com/
For more information on XSOC CORP: https://www.xsoccorp.com/
About CyberSecurity Breakthrough
Part of Tech Breakthrough, a leading market intelligence and recognition platform for global technology innovation and leadership, the CyberSecurity Breakthrough Awards program is devoted to honoring excellence in information security and cybersecurity technology companies, products and people. The CyberSecurity Breakthrough Awards provide a platform for public recognition around the achievements of breakthrough information security companies and products in categories including Cloud Security, Threat Detection, Risk Management, Fraud Prevention, Mobile Security, Web and Email Security, UTM, Firewall and more. For more information visit CyberSecurityBreakthrough.com.
About XSOC CORP
Founded in 2018, XSOC CORP is based in Irvine, CA, with a senior management and technology engineering team that has developed four ground-breaking products in the areas of advanced, optimizable, symmetric cryptosystem encryption, both local and global symmetric key exchange mechanisms, and an optimized, high-performance, secure transmission protocol.
These four products; XSOC, SOCKET, WAN-SOCKET, and EBP are ideal for OEMs, systems integrators, military/law enforcement/government markets, IoT, IIoT, ICS/ Critical infrastructure environments, or in any environment where the security, integrity or availability of data are critical. The company goes to market via OEM partnerships, ISVs, Systems Integrators, Cybersecurity Resellers, via modular license agreements.
To become a sales partner, email info@xsoccorp.com and use sales partner in the subject field.
For more information on XSOC CORP, email info@xsoccorp.com, on the web at https://www.xsoccorp.com or via Twitter @XSOC_CORP
Read the original:
XSOC CORP Recognized by CyberSecurity Breakthrough Awards Program for Overall Encryption Solution of the Year - Business Wire
Data Encryption Standard (DES)? – All You Need to Know | Techfunnel – TechFunnel
Data Encryption Standard uses a single key for encrypting and decrypting a message. This means that the sender and receiver both must have the same key to access the message. At one point in time, DES was the go-to encryption technology. However, over a period, DES was overpowered by the more sophisticated AES (Advanced Encryption Standard).
Here are some of the important features that impact the working of the Data Encryption Standard.
Block cipher This means that the entire Data Encryption Standard is a cryptographic key, which is applied to a block of data and not on a single bit. For instance, to encrypt a plain text message, DES will put the message into blocks of 64 bits and then encrypt it.
Multiple rounds of encryption The DES methodology is a process of encryption that is done 16 times. This is done in four different modes, by encrypting blocks individually or creating a relationship of each cipher block with all previous blocks. Decryption is just the opposite of encryption, where you must follow the same steps but in reverse order.
64-bit Key DES actually uses a 64-bit key, however, eight of those bits are utilized for checks making the effective length to only 56 bits. The algorithm for encryption products 16 different subkeys of 48 bits each. Each of these subkeys is used for 16 encryption rounds.
Replacement & Permutation The algorithm also helps in defining the sequence of replacement and permutation that the cipher undergoes during the process of encryption.
Backward Compatibility DES also provides this compatibility in some cases.
The following diagram explains how encryption converts a plain text message into an encrypted message
Source: https://searchsecurity.techtarget.com/definition/Data-Encryption-Standard
Read the original here:
Data Encryption Standard (DES)? - All You Need to Know | Techfunnel - TechFunnel
Encryption: Why security threats coast under the radar – Express Computer
One of the most dangerous security vectors facing enterprises is also one of the least understood. Research into Encrypted Traffic Threats shows that 41 per cent of businesses do not have a solid understanding of the existence and nature of encrypted traffic threats, and the harm that they can cause. However, gradually, encryption has become one of the most substantial vehicles for cyber threats organizations now have to deal with.
Encrypted traffic became a potential hazard precisely because so much data is now encrypted. In 2016 just over a half (53 per cent) of all web traffic was encrypted, but by 2019, that percentage had grown to a massive 87 per cent, opening an opportunity that is almost the size of the entire Internets data for hackers to slip malicious code into enterprise networks.
The risk that encrypted traffic threats pose is simple; they are hard to see. Cyber criminals find this pathway to be one of the most effective ways to bypass firewalls, intrusion prevention systems, unified threat management, secure web gateways, data loss prevention, anti-malware, and most other security solutions.One way to protect against this is to deploy decryption solutions, but even here there are some concerns, with 36 per cent of those surveyed citing a concern over data privacy, 29 per cent worried about decryption causing performance bottlenecks, and 18 per cent worried about having a lack of available skills to manage such a security solution.
Consequently, nearly one half (48 per cent) of organisations have yet to implement decryption solutions.
How to manage the threatThe best way to address these issues is to have an automated solution that can proactively monitor and analyse encrypted data.
When the Czech Republics National Cyber and Information Security Agency sought a more robust way to fortify the countrys selected government institutions against modern advanced threats, it turned to Flowmon and the Flowmon Anomaly Detection System for threat-hunting capability. The system uses 44 detection methods comprising 200+ algorithms to immediately spot and alert the IT teams of any anomalies that had been hidden in network traffic, encrypted or not.
This application of AI became a valuable source IT expertise that multiplied staff bandwidth to manage the solution and allowed for a full and complex monitoring of the entire networked environment. With Flowmon ADS in place, the institute has a comprehensive, yet noise-free overview of suspicious behaviours in the partner networks, flawless detection capability, and a platform for the validation of indicators of compromise.
Flowmons solution works at scale, too. GANT a pan-European data network for the research and education community is running one of the worlds largest data networks, and transfers over 1,000 terabytes of data per day over the GANT IP backbone. For something of that scale there is simply no way to manually monitor the entire network for aberrant data. With a redundant application of two Flowmon collectors deployed in parallel, GANT was able to have a pilot security solution to manage data flow of this scale live in just a few hours. With a few months of further testing, integration and algorithmic learning, the solution was then ready to protect GANTs entire network from encrypted data threats.
Why cross-team collaboration accelerates encrypted threat responseUncertainty and a lack of understanding is driving the hesitancy for enterprises to adopt encrypted traffic threat response solutions. Furthermore, for a response to this threat to be effective, it is critical that network operations and security operations (NetOps + SecOps = NetSecOps) work in collaboration, but according to the study, 40 per cent of enterprises do not currently have these teams working closely together.
By adopting tools that are built with the NetSecOps philosophy in mind in order to foster collaboration between the two teams, companies can greatly cut down on incident resolution time and save expenditure on tools with functional overlap.
In 2020, Kemp Technologies announced the acquisition of Flowmon. In doing so, the company has been able to bring together holistic solutions that allow partners to become a one-stop-shop for robust network security.
We are excited to extend the value offered to customers in the areas of infrastructure security, network observability and automated incident response by welcoming Flowmon to the Kemp family, Ray Downes, CEO of Kemp Technologies, said at the time. The expansion of Kemps portfolio to include Flowmons solutions will provide customers the ideal combination of network analysis, pre-emptive threat detection and workload delivery for optimal, uninterrupted user and application experience.Kemps two product families comprising the LoadMaster load balancer and the Flowmon NetSecOps suite allows companies to take full control of their digital environment, with load balancing, network performance monitoring, and response solutions. The solution is easy to deploy and configure and boasts data on the dashboard within 30 minutes. With government regulation and privacy concerns demanding that corporations show ever-greater responsibility around data and encryption, Flowmon and Kemp are proving to be an essential response in also protecting the network from cyber-crime.
For more information on of encrypted traffic threats, Kemp Technologies and Flowmon contact [emailprotected]
Kemp is currently offering Free Network Assessment. Go to Kemp.ax
Case Studies https://www.flowmon.com/en/our-customers
If you have an interesting article / experience / case study to share, please get in touch with us at [emailprotected]
Continue reading here:
Encryption: Why security threats coast under the radar - Express Computer
Hardware Encryption Devices Market 2021 Technology Development, Key Manufacturers, Forecast Based on Major Drivers and Trends Up to 2027 – Digital…
Global Hardware Encryption Devices MarketReport 2021 2027 is a believable source for gaining the market research that will exponentially accelerate your business. SWOT and Porters five analysis are also effectively discussed to analyze informative data such as cost, prices, revenue, and end-users. The Report initially provides an overview of the industry that covers definition, applications and technology, post which the report explores into the international players in the market. The report profiles the key players in the industry, along with a detailed analysis of their individual positions against the global landscape. The report also entails the Covid-19 and post-Covid dynamics in the global Hardware Encryption Devices market.
In 2020, the global Hardware Encryption Devices market size was US$ 29870 million and it is expected to reach US$ 149750 million by the end of 2027, with a CAGR of 25.9% during 2021-2027.
The Top Major Competitive Players are :Western Digital Corp, Seagate Technology PLC, Samsung Electronics, Micron Technology Inc, Intel, Kingston Technology Corp, Toshiba, Gemalto (Thales), Certes Networks Inc., Kanguru Solutions,
Click the link to Get a Free Sample Copy of the Report:
Market Overview:
Hardware-based encryption devices offer the security of strong encryption with the ease of minimal configuration and platform interoperability. Hardware encryption can offer several benefits beyond those provided by software encryption. These include faster algorithm processing, tamper-proof or tamper-resistant key storage, and protection against unauthorized code.United States Hardware Encryption Devices key players include Western Digital Corp, Seagate Technology PLC, Samsung Electronics, Thales, etc. Top four companies hold a share over 50%. In terms of product, Encrypted Hard Disk Drives is the largest segment, with a share over 55%. And in terms of application, the largest channel is IT & Telecom.
Market Segmentation:
Segmentation By Type:
Encrypted Hard Disk Drives
Encrypted Solid-State Drives
Hardware Security Module
Others
Segmentation By Application:
IT & Telecom
BFSI
Government & Public Utilities
Manufacturing Enterprise
Others
Regional Analysis:
The regional analysis segment covers all the regions in the world contributing towards the growth of the global Hardware Encryption Devices market. The section offers insights on the market size, volume, and value of each region for the forecasted period to help our clients find a better position in the global market. The competitive landscape section includes strategies followed by leading market players along with the in-depth case studies on how to overcome the challenges in the Hardware Encryption Devices market.
North America (United States, Canada and Mexico)Europe (Germany, France, UK, Russia and Italy)Asia-Pacific (China, Japan, Korea, India, Southeast Asia and Australia)South America (Brazil, Argentina, Colombia)Middle East and Africa (Saudi Arabia, UAE, Egypt, Nigeria and South Africa)
The study objectives of this report are:
-To study and analyze the global Hardware Encryption Devices Market size (value and volume) by the company, key regions/countries, products and application, history data from 2020to 2026, and forecast to 2026.
-To understand the structure of Hardware Encryption Devices by identifying its various sub-segments.
-To share detailed information about the key factors influencing the growth of the market (growth potential, opportunities, drivers, industry-specific challenges and risks).
-Focuses on the key global Hardware Encryption Devices manufacturers, to define, describe and analyze the sales volume, value, market share, market competition landscape, SWOT analysis, and development plans in the next few years.
-To analyze the Hardware Encryption Devices with respect to individual growth trends, future prospects, and their contribution to the total market.
-To project the value and volume of Hardware Encryption Devices submarkets, with respect to key regions (along with their respective key countries).
-To analyze competitive developments such as expansions, agreements, new product launches, and acquisitions in the market.
-To strategically profile the key players and comprehensively analyze their growth strategies
Browse Complete Report details with Table of Content:
Reasons to buy this Report:
-We share detailed and exact information about the market forecast.
-Our reports have been examined by professional experts of the industry, which makes them beneficial for the company to maximize their return on investment.
-The analysis acknowledges that the sector players & key drivers of both conflicts and growth assess the impact of limitations as well as the opportunities on the sector.
-Data regarding the industry share by every item fragment, alongside their reasonable worth, have been served in the report.
-We provide statistic information, strategic and analysis tool results to provide a sophisticated landscape and target key market players. This will help the company to increase its efficiency.
-Our report helps readers decipher the current and future constraints of the market and optimal business strategies to enhance market development.
Customization of this Report:This report can be customized as per your needs for additional data up to 5 companies or countries or 40 analyst hours.
Contact Us:
Irfan Tamboli (Head of Sales) Market Insights Reports
Phone: + 1704 266 3234 | +91-750-707-8687
Email:[emailprotected] |[emailprotected]
This Press Release has been written with the intention of providing accurate market information which will enable our readers to make informed strategic investment decisions. If you notice any problem with this content, please feel free to reach us on [emailprotected]
Read the original here:
Hardware Encryption Devices Market 2021 Technology Development, Key Manufacturers, Forecast Based on Major Drivers and Trends Up to 2027 - Digital...
Sectigo Certificate Manager Wins 2021 CyberSecurity Breakthrough Award for Overall Encryption Solution Provider of the Year – PRNewswire
ROSELAND, N.J., Sept. 30, 2021 /PRNewswire/ --Sectigo, a global provider of digital certificates and automated certificate lifecycle management solutions, today announcedit was named Overall Encryption Solution Provider of the Year in the2021 CyberSecurity Breakthrough Awards. The awards, hosted by leading market intelligence firm Tech Breakthrough, highlight the world's best information security companies, products, and people.
"We are honored to be recognized by the CyberSecurity Breakthrough Awards for our proven, innovative approach to encryption, which enables enterprises to secure their digital infrastructure at scale,"said Jason Soroko, CTO of Public Key Infrastructure (PKI) at Sectigo. "In today's ever-expanding digital world, enterprises are adding more and more devices, users, and applications. This has caused the volume of digital certificates used to enable encryption to grow exponentially to ensure enterprises maintain a secure environment. An automated certificate lifecycle management tool to manage the growing volume of certificates is critical to accomplishing this."
A panel of senior-level, experienced cybersecurity professionals, including journalists, analysts, and technology executives, selected Sectigo from more than 4,000 nominations worldwide.
"Over the last several years, encryption has become a critical foundation for securing existing and new use cases in modern enterprises. The volume of digital certificates used to enable encryption is growing exponentially and having an automated lifecycle management tool to manage the volumes of certificates is critical to maintaining a secure environment," said James Johnson, managing director, CyberSecurity Breakthrough. "Sectigo is delivering a true 'breakthrough' platform that is ready for both today and tomorrow's threats. Congratulations to Sectigo on being our choice for 'Overall Encryption Solution Provider of the Year'."
Sectigo is the trusted security and encryption partner of the world's largest organizations, and throughout its 20-year history, it has issued and helped manage billions of digital certificates across the globe. The company helps enterprises address their encryption challenges with its flagship certificate lifecycle management solution, Sectigo Certificate Manager (SCM).
SCM is a fully automated certificate issuance and management platform purpose-built for today's enterprises. It provides customers with complete visibility and lifecycle control to quickly deploy, revoke, and replace any public or private PKI certificates and keys, all from a single "pane of glass" platform. It also automates tasks, enforces compliance and control, minimizes person-hours, scales up to manage billions of certificates, and has over 28 native integrations with leading technologies.
Sectigo previously won the 2020 RemoteTech Breakthrough Awardfor Authentication Management Solution of the Year and the 2019 IoT Device Security Solution of the Year in the CyberSecurity Breakthrough Awards. Earlier this year, the company was a Gold Winner for New Security Software Product-Service of the Year in the 2021 Cyber Security Global Excellence Awards.
To learn more about Sectigo or SCM, visit https://sectigo.com/ and read the eWeek article "How Sectigo Certificate Manager Removes the Chaos of Enterprise PKI."
About Sectigo
Sectigo is a global cybersecurity provider of digital identity solutions, including TLS / SSL certificates, DevOps, IoT, and enterprise-grade PKI management, as well asmulti-layered web security. As a leading Certificate Authority (CA) with more than 700,000 customers and over 20 years of online trust experience, Sectigo partners with organizations of all sizes to deliver automated public and private PKI solutions to secure web servers and user access, connected devices, and applications. Recognized for its award-winning innovations and best-in-class global customer support, Sectigo has the proven performance needed to secure the digital landscape of today and tomorrow. For more information, visitwww.sectigo.comand follow @SectigoHQ.
SOURCE Sectigo
Read more here:
Sectigo Certificate Manager Wins 2021 CyberSecurity Breakthrough Award for Overall Encryption Solution Provider of the Year - PRNewswire
Container security without governance is neither secure nor governed – The Register
Sponsored In the first article of our four-part series on Kubernetes in the enterprise, we outlined the data services that underpin a properly constructed Kubernetes container environment. Data security, data governance, data resilience, and data discovery are the pillars that support the evolution of Kubernetes from raw storage, either persistent or ephemeral, to true data services that are suitable for deployment in enterprises.
In this and subsequent articles we will drill down to those specific data services. Here, we cover data security and data governance together because they are in some ways two sides of the same coin. You can think of security as a layer in data governance or data governance as a higher-level kind of security.
With containers flitting about a cluster of machines, spawning chunks of microservices code and demanding access to data, it is vital to secure data at the storage layer underneath Kubernetes and from within the Kubernetes platform itself.
Data security is a hot issue right now, particularly when you think about cyber resilience and the ability to withstand attacks on your infrastructure and more importantly on your data, says Pete Brey, Director of Big Data Marketing at Red Hat.
The fact of the matter is that there are a lot of cybercriminals that are trying to get access to customer data and other confidential information, and the first line of defense is encryption. Thankfully, in the last ten years, encryption has come a long way. Some of that is because we have more advanced processors that can quickly encrypt data on the fly without a measurable performance penalty. Several years ago, performance was a big issue for the industry and a lot of data was not encrypted when it should have been. But it's no longer an issue.
As with other application and systems software, encryption in a Kubernetes environment typically involves encrypting data in flight as it moves around as well as at rest on physical storage such as disk drives and flash devices or even public cloud storage. Increasingly, even main memory is being encrypted, too, with the assistance of CPUs from Intel, AMD, and others, and some CPUs now have ways of managing security encryption keys that are out of reach of hackers.
These encryption and decryption functions that are vital for all software are being handled by processors, which now have specialized cryptographic accelerators on them. This means companies no longer have to spend thousands of dollars to put auxiliary cryptographic co-processors out on the PCI-Express bus of a server. It also means they do not have to take the latency hit in their applications and systems software as data comes into a CPU, is passed off to the accelerator for either encryption or decryption, and then pulled up into memory for processing or pushed down to storage for safe keeping.
This native, wire-speed encryption and decryption has been transformative for security within the datacenter. And as encryption has become commoditized, it has become pervasive.
The Secure Sockets Layer (SSL) protocol, and its follow-on, the Transport Layer Security (TLS) protocol have become central to data security. Using public key cryptography, TLS authenticates the identity of participants that share data over Internet protocols and secures data passing with symmetric key cryptography where the keys are uniquely generated for each connection between applications on distinct machines. The idea is to have unique keys that are also long and complex, thus ensuring that they are difficult to crack or hack.
Many applications need to handle sensitive information, and Kubernetes is no different. The container management platform has a construct called a Secret, which allows for sensitive data related to containers and their pods to be stored and managed from within Kubernetes. Having this information abstracted away and secured independently is both more safe and more flexible than embedding it in a container image or a pod definition. Secrets are used not just for encryption keys, but also for OAuth tokens, SSH keys, passwords, and other sensitive information. The data is encrypted at rest within the Secrets system and can have role-based access control (RBAC) turned on to restrict the reading and writing of the secret data.
Everything in the enterprise that applies to security and governance applies to Kubernetes
The good news for organizations is that there are ways to hook the Kubernetes platform into the existing security and governance frame. Everything in the enterprise that applies to security and governance applies to Kubernetes, says Brey. All of the concepts still apply key management, to take one example and you dont have to buy a lot of extra stuff. A lot of this is already put into our OpenShift Kubernetes platform, for instance. Red Hat Enterprise Linux has cryptographic modules, which are used by OpenShift, Ansible, Ceph, and other parts of the Red Hat stack.
Data governance cannot be an afterthought, and just because we are talking about it second in this story does not mean it plays second fiddle to data security. Security without governance is not really security, and governance without security is not really governance at all. If you are letting someone unlock data, you have to make sure you know who they are both as the data is being unlocked and after the fact when you might be needing to comb through an audit trail using logs to try to find a hacker.
Security without governance is not really security, and governance without security is not really governance at all
Given this natural dependency, a lot of people conflate security measures as a kind of sufficient governance. Actually, security and governance are pretty different, explains Brey. Security has more to do with the technical controls that are in place around physical data. Governance is a higher-level issue, which encompasses security, but also includes procedures and protocols for who can access data and how.
In many industries, the immutability of data is a kind of security, too, which is not the same thing as encrypting it or watching access to it like a hawk. This write once, read many times, or WORM, storage is integral to specific industries, such as the financial services and healthcare fields, which allows for the data to be immutable for specific amounts of time, often on transactional or object storage. The auditing and logging functions as well as the immutable data functions required here and probably useful across many industries are included with OpenShift Data Platform, Ceph object storage, and other systems software. All you have to do is turn it on.
Sponsored by Red Hat.
View original post here:
Container security without governance is neither secure nor governed - The Register
Customs and Border Protection Signs Major Contract With Amazon-Owned Encrypted Chat App Wickr – Gizmodo
U.S. Border Patrol agents, part of Customs and Border Protection, as they detain Central American asylum seekers near McAllen, Texas in June 2018.Photo: John Moore (Getty Images)
U.S. Customs and Border Protection (CBP) is deploying the Amazon-owned encrypted chat app Wickr across all components of its operations, Motherboard reported on Tuesday, citing procurement documents from the agency.
Whereas previously CBP had signed a contract worth $700,000 with Wickr, the new agreement is valued at around $900,000. According to Motherboard, the documents on the contract date to Sept. 18 and state its purpose as to renew and procure additional Wickr software licenses and professional support to deploy a secure instant messaging platform for multi-purpose applications across all CBP components. While Wickr offers a free version of its app, it also offers various paid services to the private sector and the government, including Wickr Pro, Wickr Enterprise, and Wickr RAM, the last of which is designed for use by the military.
Wickr uses end-to-end encryption, meaning messages and calls sent via the app are fully encrypted in transit and can only be decoded by the devices involved in a conversation. Short of the discovery of a flaw in the encryption protocol, this effectively makes them impossible for a third party to intercept and view. Motherboard noted that Wickr RAM, which the company advertises as providing complete security from both foreign and domestic cyber threats, claims to be accredited by the Department of Defense. Wickr also says that RAM is the only collaboration service with full functionality to meet all security criteria outlined by the National Security Agency. Wickr also touts a feature allowing all messages sent via the app to be automatically destroyed after a set period of time, after which they can supposedly never be recovered by any method.
CBP previously declined to identify to Motherboard which product was involved in the $700,000 contract.
Amazon Web Services (AWS) announced the acquisition of Wickr in June. Previously, its only real entry in the messaging space was Chime, a videoconferencing software that doesnt have end-to-end encryption.
G/O Media may get a commission
However, AWS has moved aggressively into contracting for federal police and intelligence agencies, as well as the military. Its no stranger to doing business with CBP or its sister agency Immigration and Customs Enforcement despite the protestations of immigration rights activists, as well as its own employees, many of whom demanded AWS stop doing business with Peter Thiel-owned ICE contractor Palantir in 2019. Many Amazon workers and some shareholders have also protested the companys sale of its face recognition software, Rekognition, to police.
Current face recognition technology is inherently riddled with racial and other biases. In response to widespread, nationwide protests against police brutality and racism in 2020, Amazon conceded and imposed a moratorium on police sales of face recognition tech to cops, which it recently extended until further notice.
Amazon also operates what has been described as the U.S.s largest civilian surveillance network via its Ring smart doorbell cams, which police and fire departments in at least 48 states have taken advantage of by joining an Amazon program to share recordings with government officials. AWS tried to win a massive cloud computing contract for the military named JEDI, but the program was scuttled in July 2021 amid a long-running fight with fellow bidder Microsoft that had dragged on so long the Defense Department declared the plan obsolete. Instead, the military is soliciting bids from both companies for another cloud computing initiative, the Joint Warfighter Cloud Capability.
While CBP sees the need for technology like Wickr, federal agencies like the FBI have attacked end-to-end encryption for years, claiming it enables criminals to hide their activity from the cops. On numerous occasions, the feds have tried to force companies to build surveillance backdoors into their products to enable wiretapping, a practice that security experts are virtually unanimous would create major security vulnerabilities.
More recently, federal authorities have aimed to simply undermine confidence in encrypted communications with operations designed to send the message no platform is trustworthy. In June, the Department of Justice announced a massive bust of drug traffickers and money launderers it had tricked under a program called Trojan Shield, in which it used an informant to create a honeypot app (ANOM) posing as an encrypted messaging platform. Acting U.S. Attorney Randy Grossman said during a press conference that authorities had aimed to shatter any confidence in the hardened encrypted device industry with our indictment and announcement that this platform was run by the FBI, adding to anyone who believes they are operating under an encrypted cloak of secrecy, your communications are not secure.
Today, public sector customers use Wickr for a diverse range of missions, from securely communicating with office-based employees to providing service members at the tactical edge with encrypted communications, Stephen Schmidt, AWS vice president and chief information security officer, wrote in a statement after Amazons acquisition of Wickr. Enterprise customers use Wickr to keep communications between employees and business partners private, while remaining compliant with regulatory requirements.
Go here to see the original:
Customs and Border Protection Signs Major Contract With Amazon-Owned Encrypted Chat App Wickr - Gizmodo
Facebook announces WhatsApp end-to-end encrypted (E2EE) backups – Techiexpert.com – TechiExpert.com
Whatsapp is going to bring an end to end encryption for the cloud backup, as revealed by Mark Zuckerberg in his recent post on Facebook. The feature will be offering both the security and privacy in the cloud backup.
Whatsapp is now going to bring End to end encryption cloud backup very soon in the market. End to end encryption cloud backup will be going to be released as an optional feature. It is a new feature that is going to protect the chat backup of users and give them strong security as well as privacy from any third party attacks.
As WhatsApp has been offering end-to-end encryption (E2EE) in messages since 2016, this new latest recent update is much-needed growth for the company. It will bring much-needed security features for the users in backing up their private chat and data via an end to end encrypted backup to the cloud-like Google Drive. The feature is password protected as well. With the help of an end to end encryption, no third parties can look into the users private Whatsapp data backup even if the backup is created or stored in Google Drive or iCloud.
The CEO of Facebook, Mark Zuckerberg, has informed in his recent Facebook post. He shared
Were adding another layer of privacy and security to WhatsApp: an end-to-end encryption option for the backups people choose to store in Google Drive or iCloud. WhatsApp is the first global messaging service at this scale to offer end-to-end encrypted messaging and backups, and getting there was a really hard technical challenge that required an entirely new framework for key storage and cloud storage across operating systems.
WhatsApp global chief executive officer, Will Cathcart took to Twitter to say, This has been years in the making. Were taking advantage of development in hardware storage to safely store your backup encryption key in a vault no one else can access. Were providing options to remember a 64-bit key or choose a password we do not know and cannot access. Neither can Apple or Google.
This new backup encryption brings on a brand new coating of security, protection and privacy for Whatsapp users. This coating will soon be in working and will be adding more thickness to the security and privacy of users.
This new feature is an optional feature. It will be offered as an option to which users will going to have permit manually on the chat messaging application, Whatsapp. It is going to be available for both iOS and Android users in the upcoming weeks, as Facebook CEO Mark Zuckerberg revealed in a blog post.
This secured coating of privacy is to be permitted via password by the users on Whatsapp. The users have to create a password while enabling end to end encryption cloud backup. The password needs to be highly remembered by the users; it will be unknown to Whatsapp. Both users would be able to recover the data in case the device is either lost or stolen; there is an option for recovering through the hardware security module (HSM) backup key vault. HSM carries out several encrypted password verification attempts and making it persistently inaccessible on the multiple unsuccessful attempts to access it.
This security measures provide protection against brute force attempts to retrieve the key, says Mark Zuckerberg. If the user uses a 64-bit encryption key, they have to remember it correctly; this key is not sent to the HSM backup vault key.
End-to-End Encryption Backup Alike Messages
This end to end encryption backup will be going to be working a like end to end encrypted messages security. This end to end encryption will be protecting chat messages as well as videos and photos.
Furthermore, Whatsapp will also going to duplicate your key five times, storing each and every copy in five different data centres across the several geographies, effectively ensuring that if one data centre suffers an outage, you can still access your chat history.
Although Whatsapp latest privacy and security measure is welcome, concerns still swirl over the kind of information it shares with Facebook and Facebooks third-party companies specifically relating to the metadata it collects.
Some other messaging applications like Signal, for instance, have entirely circumvented the issue of users chats becoming compromised by not storing any of them on cloud backups at all. Moreover, for those insistent on having a secure and safe backup of their chats, Whatsapp represents the best option.
View post:
Facebook announces WhatsApp end-to-end encrypted (E2EE) backups - Techiexpert.com - TechiExpert.com
Encryption cant be used as excuse to deny sharing details to law enforcement: Govt – The Financial Express
Encryption cannot be an excuse for not sharing details in such cases.
The government on Tuesday reiterated its position that while it respects the right to privacy, in certain cases law enforcement agencies need assistance and in such instances, technology companies need to share information. Encryption cannot be an excuse for not sharing details in such cases.
Ministry of electronics and IT (Meity) secretary Ajay Prakash Sawhney said, While encryption is a welcome thing 99.99% of the time, 0.01% of the time when it is necessary to come to the assistance of law enforcement agencies to bring perpetrators of wrongdoing to justice, then we expect that encryption will not be held up as an excuse or as a sort of a silly excuse to deny that.
The secretary, who was speaking during the Global FinTech Fest 2021, hosted by the Internet and Mobile Association of India (IAMAI), said that in a civilised society, law enforcement is a function that is entrusted by the society to a few people, to act on their behalf, to make sure that lawbreakers dont get away with. He added that breaking down of safe encryption comes in as an excuse and it is being used to mystify digital technologies.
Sawhney said encryption is wonderful when people chat on a day-to-day basis, but asked what if something seriously wrong, or a crime, occurs, like terrorists talking to each other, and that communication resulting in something untoward happening in the middle of a city. Then someone says no, no, no, that is encryption, you know its so sacrosanct. It is such a sacrosanct thing that it doesnt matter what happens, that encryption is more important than law enforcement itself, I think I have a quarrel with that, the secretary said.
The government has already notified new intermediary guidelines that make it mandatory for firms like WhatsApp to provide the first originator of what is deemed as mischievous messages. This issue of traceability has been a bone of contention between WhatsApp and the government. WhatsApp has even challenged the new guidelines in the Delhi High Court, particularly the clause which requires it to provide the first originator of what is deemed as mischievous messages by the government.
The new intermediary rules, which were notified on February 25, are aimed at regulating all social media intermediaries like Twitter, Facebook, Instagram, Google, YouTube, etc, as as well as over-the-top platforms like Netflix, Amazon Prime Video and stand-alone digital media outlets. While the guidelines relating to intermediaries were already in force from earlier, through the addendum, the government has tightened some clauses such as reducing the time provided to some platforms to remove what is deemed by it as unlawful content, under Section 69A of the IT Act.
Get live Stock Prices from BSE, NSE, US Market and latest NAV, portfolio of Mutual Funds, Check out latest IPO News, Best Performing IPOs, calculate your tax by Income Tax Calculator, know markets Top Gainers, Top Losers & Best Equity Funds. Like us on Facebook and follow us on Twitter.
Financial Express is now on Telegram. Click here to join our channel and stay updated with the latest Biz news and updates.
Read this article:
Encryption cant be used as excuse to deny sharing details to law enforcement: Govt - The Financial Express