Category Archives: Encryption

Presidential Candidate Andrew Yang Has Quantum Encryption Policy

At least one presidential candidate has a policy about quantum computing and encryption.

It has two basic planks. One: fund quantum-resistant encryption standards. (Note: NIST is already doing this.) Two, fund quantum computing. (Unlike many far more pressing computer security problems, the market seems to be doing this on its own quite nicely.)

Okay, so not the greatest policy -- but at least one candidate has a policy. Do any of the other candidates have anything else in this area?

Yang has also talked about blockchain: "

"I believe that blockchain needs to be a big part of our future," Yang told a crowded room at the Consensus conference in New York, where he gave a keynote address Wednesday. "If I'm in the White House, oh boy are we going to have some fun in terms of the crypto currency community."

Okay, so that's not so great, either. But again, I don't think anyone else talks about this.

Note: this is not an invitation to talk more general politics. Not even an invitation to explain how good or bad Andrew Yang's chances are. Or anyone else's. Please.

Protect sensitive information with Seqrite Encryption

Estimated reading time: 3 minutes

Among the most important assets that an enterprise possesses, data is undoubtedly the most important. In today’s digital age, there are reams of data being processed, transmitted and disseminated every millisecond and much of the world’s economy runs on data. Hence, organizations must take every possible measure when it comes to safeguarding this precious data. Data encryption is one such method which ensures the protection of company’s sensitive information from malicious parties.

Seqrite Encryption Manager is an advanced solution that protects corporate data that resides on endpoints with strong encryption algorithms such as AES, RC6, SERPENT and TWOFISH. It provides a powerful solution to problems like unauthorized access or protecting private data by maximizing data protection options. Two of the most important advantages of endpoint encryption include exceptional policy administration and key management followed by highly functional remote device management.

Some of the key features which make Seqrite’s Encryption solution powerful and robust are:

Centralized Management and Control

SEM supports centralized control and management of disk volumes, recovery information and diverse encryption policies. Full disk encryption is also offered which enables organizations to be in full control of user data with the right key required to access databases due to the pre-boot authentication feature. Seqrite Encryption Manager also supports media encryption for removable devices. Rescue and deployment techniques are provided, hence minimizing the possibility of data damage during encryption.

Full Disk & Removable Media Encryption

All data on hard disk drives is protected as due to the pre-booth authentication feature, full disk encryption is loaded on the operating system. This ensures that nobody has any access to data on the computer or the drive without the right password or the keys. The removable media encryption feature renders security to USB drives and other removable devices, restricting unsolicited access to the contents, regardless of the device they are used on.

Ease of Deployment

Seqrite Encryption provides users with easy deployment and rescue functions to avoid losing encrypted data accidentally. The Remote Installation tool facilitates deployment of Seqrite Encryption Manager clients across multiple endpoints at a time and also in the form of groups. The Pre-Requisites Tool scans the system for different parameters before installing the SEM client.

Rescue Methods

All critical rescue information is stored in a secure SEM database, allowing security administrators to recover encrypted client data in case of an emergency or a forgotten password.

Secure Access of Data

Data protection is assured by SEM at rest and in motion. The encrypted files can be accessed from removable storage devices on a system where, the encryption agent is not installed, through the Traveller Tool.

Suspend Protection

The Suspend Protection feature allows administrators to temporarily suspend client protection (boot time authentication). The volumes still remain encrypted though. This makes it a useful and important feature for the management of servers that are required to function around-the-clock.

In addition, there are other important features which make Seqrite Encryption Manager a valuable tool for data protection:

  • Group Management feature allowing client computers to be managed with the help of groups and with different attributes.
  • Scheduled Backups & Upgrade allowing administrators to schedule automatic updates along with automatic backups of the database.
  • Encryption Policies to decrypt or encrypt local volumes or removable drives, with the user having the privilege to create policies and manage volumes locally.
  • Reports which administrators can generate for groups, user accounts and computers in HTML or PDF formats.

Hence, it is quite clear that Seqrite Encryption Manager offers a simple and easy-to-use encryption solution to keep data safe. At a time when data becomes easily leaked and big names have come into the news for reasons of data leakage, businesses must show they are determined about protecting the sensitive data they use. In that respect, SEM offers a one-stop solution to improve the overall security posture.

The post Protect sensitive information with Seqrite Encryption appeared first on Seqrite Blog.

Email technology and its security in nutshell

Estimated reading time: 5 minutes

Email has become a necessity of day-to-day communication. We can realize the importance of email with the fact that the down-time of organization email server directly affects the organization’s productivity. Email has become most prominent and integral part of network system, hence one must know how to manage it and keep it secure. Let’s understand the email technology and its basic flow in nutshell.

1.1 How email works

                                             1.1 Diagram to illustrate basic email flow

 

MUA, also referred to as an email client, is a computer application that allows you to compose and send emails or fetch and read emails intended for you. MUA can be a web-based client which means that you can send and receive  emails  via  browser   (i.e. Gmail, Yahoo on Firefox, Chrome etc.) or it can be application- based client (i.e. Thunderbird, Outlook etc.). In order to send an email, the sender needs to compose an email, add recipient name, and click on Send button.

 

Once sender has composed an email and sent it, an email server is ready to receive and process it. Email server is a computer application that is listening on port 25 (Non-encrypted), 465(SSL/TLS), 587(STARTTLS). The email server receives email from the sender and forwards it for delivery. All outgoing emails are placed in a mail queue and in parallel the SMTP server does a query with the DNS server for its MX record in order to find out where the receiver’s email server is located. Once it finds the IP address of recipient email server, it will send the composed message to that IP. E.g. MX record for xyz.com is like mail1.xyz.com.

In an email queue, SMTP server will lookout for MX record and recipient validation. If server is not able to process that email it will place that email in deferred queue which is not going to deliver immediately and re-tries after some time for a few attempts before sending the failed acknowledgment to client. If it is validated and intended for local delivery, it will handover that email to local delivery agent or if it is intended for remote delivery it contacts other mail servers for relaying.

 

If that email is intended for remote delivery, it will relay that email to MTA. MTA is a software application that relays email from one node to another node using SMTP protocol. MTA receives the email from another MTA or a MUA. After receiving that email, it will add the “received” tag at the top of message header file and relay it to another MTA for further delivery. It is also known as relaying agent of email. For each mail, MTA processes it and keeps track of each and every activity and analyzes the list of recipients for the routing actions. It sends responses of non-delivery when a message does not reach its intended destination. A few open source MTAs are Exim, Postfix etc.

 

MDA is a software application that takes mail from MTA and is responsible for delivery of that email to the receiver’s mailbox. Upon final delivery, the Return- Path field is added to the envelope to keep record of return path. Some popular open source MDAs are Dovecot, Fetchmail etc.

 

MUA is a software application that fetches the email from POP3 server or IMAP server and loads that email from the user’s mail box to email client (i.e. Thunderbird, Outlook).

POP3 server listens on following ports:

  • Port 110 – Post Office Protocol for non-encrypted mail.
  • Port 995 – Post Office Protocol over SSL/TLS.

IMAP server listens on following ports:

  • Port 143 – Internet Message Access Protocol for non-encrypted mail.
  • Port 993 – Internet Message Access Protocol over SSL/TLS.

In nutshell,  The Mail Transport Agent (MTA), such as Postfix, Exim is responsible for sending email to the correct destination and handing over the mail to MDA.

The Mail Delivery Agent (MDA) such as Dovecot, Fetchmail receives mail from MTA and sends it into user’s mailbox.(Dovecot supports POP3 and IMAP protocols along with MDA functionality.)

The Mail User Agent (MUA) such as Thunderbird, Outlook is the email client that fetches the email from the user’s mailboxes and presents it to the user.

 

1.2 Security/Protection of Email server:

1.2.1 Scanning from threats

Scanning of emails before they reach the organization’s email server makes organization secure from the malicious activity. Proper scanning for Viruses, Spam, Spy-ware, Trojan horses, Phishing, Worms, Ransomware must be carried out. Email security/protection devices provide the facility to scan email file from the above threats.

1.2.2 Blacklisting of domain/email address

Blacklisting of email domains/ email addresses helps organization prevent receiving email from these malicious addresses or domain names.

1.2.3 Data leak prevention (DLP)

DLP helps organization prevent the leakage of sensitive or confidential information. Security devices check as per administrator’s customized policies at the gateway and accept or reject mail accordingly. Notifying such an activity to administrators would be an added advantage.

1.2.4 Content based blocking

Sometimes inappropriate content may flow through emails. Applying policies for inbound and outbound mail for file types, extension matching, keyword matching, and expression matching in both email body and email attachments reduces the flow of such an information.

1.2.5 Encrypted communication over SSL/TLS

Transport layer security (TLS) for encrypting/decryption can be provided for an email. Sending email in plain text can be intercepted and read by interceptor.

1.2.6 Verification of sender

To maintain the integrity in email communication, the sender should be a verified/legitimate entity. Pretty good privacy (PGP) let you digitally sign an encrypted document. This ensures that email coming to mailbox is not compromised.

Last but not the least, employee training also helps to reduce threats coming to or from the organization. A few points can be included in training.

  •  Never open the links from unknown senders and report to your manager/admin.
  • Do not open attachment if it is from unknown sender and report to manager/admin. If mail is from a known sender but looking suspicious, it is good to confirm before opening the mail.
  • Avoid connecting and accessing your email from public non-secure Wi-Fi connections.

The post Email technology and its security in nutshell appeared first on Seqrite Blog.

UK Pub Chain ‘Greene King’ Gift Card Website Hacked

Major UK pub chain, Greene King (Bury St. Edmunds), had its gift card website (https://www.gkgiftcards.co.uk) compromised by hackers. The personal data breach was discovered on 14th May 2019 and confirmed a day later. The pub, restaurant and hotel chain informed their impacted customers by email today (28th May 2019).


Greene King said the hackers were able to access:
  • name
  • email address
  • user ID
  • encrypted password
  • address
  • post code
The pub chain did not disclose any further details on how passwords were "encrypted", only to say within their customer disclosure email "
Whilst your password was encrypted, it may still be compromised". It is a long established good industry coding practice for a website application's password storage to use a one-way 'salted' hash function, as opposed to storing customer plaintext passwords in an encrypted form.

No details were provided on how the hackers were able to compromise the gift card website, but there is a clue within Greene King's email statement, which suggests their website had security vulnerabilities which were fixable, "
we have taken action to prevent any further loss of personal information"

The number of customer records impacted by this data breach has also not disclosed. However, as this was a breach of personal information, Greene King was obligated under the DPA\GDPR to report the breach to the Information Commissioner's Office (ICO) as well as its impacted customers. Both Greene King and ICO are yet to release a press statement about this data breach.

This is not the first data breach reported by Greene King in recent times, in November 2016 2,000 staff bank details were accidentally leaked.

Greene King Personal Data Compromise Email to Customers
Dear Customer,
I am writing to inform you about a cyber-security breach affecting our website gkgiftcards.co.uk.

Suspicious activity was discovered on 14th May and a security breach was confirmed on 15th May. No bank details or payment information were accessed. However, the information you provided to us as part of your gift card registration was accessed. Specifically, the hackers were able to access your name, email address, user ID, encrypted password, address, post code and gift card order number. Whilst your password was encrypted, it may still be compromised. It is very important that you change your password on our website, and also any other websites where this password has been used.

When you next visit our website, using the following link (https://www.gkgiftcards.co.uk/user) you will be prompted to change your password. As a consequence of this incident, you may receive emails or telephone calls from people who have obtained your personal information illegally and who are attempting to obtain more personal information from you, especially financial information.

This type of fraud is known as 'phishing'. If you receive any suspicious emails, don't reply. Get in touch with the organisation claiming to have contacted you immediately, to check this claim. Do not reply to or click any links within a suspicious email and do not dial a suspicious telephone number given to you by someone who called you. Only use publicly listed contact details, such as those published on an organisation's website or in a public telephone directory, to contact the organisation to check this claim. At this stage of our investigation, we have no evidence to suggest anyone affected by this incident has been a victim of fraud but we are continuing to monitor the situation. We have reported the matter to the Information Commissioner's Office (ICO).

As soon as we were made aware of the incident, our immediate priority was to close down any exposure, which has been done, and then confirm which customer accounts have been affected. I recognise that this is not the sort of message you want to receive from an organisation which you have provided your personal information to. I want to apologise for what has happened, and reassure you that we have taken action to prevent any further loss of personal information, and to limit any harm which might otherwise occur as a result of this incident.

Phil Thomas
Chief Commercial Officer of Greene King Plc.

Advice
  • Change your Greene King account password immediately, use a unique and strong password.
  • Ensure you have not used the same Greene King credentials (i.e. your email address with the same password) on any other website or app, especially with your email account, and with banking websites and apps. Consider using a password manager to assist you in creating and using unique strong passwords with every website and application you use.
  • Always use Multi-factor Authentication (MFA) when offered. MFA provides an additional level of account protection, which protects your account from unauthorised access should your password become compromised.
  • Check https://haveibeenpwned.com/ to see if your email and password combination is known to have been compromised in a past data breach.
  • Stay alert for customised messages from scammers, who may use your stolen personal information to attempt to con you, by email (phishing), letter and phone (voice & text). Sometimes criminals will pretend to represent the company breached, or another reputable organisation, using your stolen personal account information to convince you they are legit.
  • Never click on links, open attachments or reply to any suspicious emails.  Remember criminals can fake (spoof) their 'sender' email address and email content to replicate a ligament email.

How Business can address the Security Concerns of Online Shoppers

It’s no secret that cybersecurity is an epidemic problem that affects online businesses on a global scale. E-commerce businesses are especially affected by data breaches because it weakens the consumer’s trust in online businesses to protect their personal data. In response to the growing number of breaches, governments and enterprises alike are stepping up to the plate to provide sustainable solutions to the problem.

The UK is aiming to become a world leader in cybersecurity by investing a substantial amount of money (to the tune of £70 million) in the Industrial Strategy Challenge Fund. The fund represents the government’s commitment to increase funding in research and development by £4.7 billion over a four year period. One of the primary goals of the investment will be to supply the industry with the money necessary to design and develop state-of-the-art hardware that’s more secure and resilient to common cyber threats.

The logic stems from the fact that cybercriminals are constantly finding new ways to exploit current technology, so the best way to combat future attacks is to design chips and hardware with stronger security features built into them to outpace cyber threats. However, this means businesses will have to invest in new IT systems as it rolls out to keep their security measures up to par.

For the time being, online business owners need to do everything in their power to address the privacy concerns of their users. In some cases, this might mean investing in more secure and modern e-commerce platforms that offer security features, such as TLS (still commonly known as SSL) protection and security software to protect against malware attacks, or simply generating new, strong admin passwords on a regular basis.

The fact is, there is no way to provide customers with a 100% guarantee their personal data is safe, but there are actions webmasters and companies can do to make their websites a lot safer to use by their customers. To help you learn more about how you can secure your site from cyber threats, Wikibuy has laid out 15 steps in the infographic below.


How Business Owners Can Address Online Shopping Concerns

Why the government isn’t a fan of commercial encryption


Federal governments and major technology firms are arguing for or against encryption, respectively. But why?

Due to recent political turmoil and devastating events overseas, the topic of end-to-end encryption has reentered public discussion. At the center of the debate, you have federal governments and major technology firms, each arguing for or against encryption.

The Encryption That Businesses Need, But CISOs Forget About

 By Joseph Steinberg  CEO, SecureMySocial JosephSteinberg

 

Many businesspeople put their firms’ data at risk because they fail to understand several important concepts about encryption. Simply understanding that data can be protected from unauthorized parties by encrypting it is insufficient to deliver security; in order to secure information people must know when needs to be secured, and must actually encrypt accordingly.

Should You Encrypt Data Before it Goes to the Cloud?

 

American cloud service providers such as Microsoft are opening local data centers in foreign countries at the request of the respective foreign governments and customers located in those countries. The thinking behind this strategy is that data located in a particular country is subject to the country’s data privacy laws, which may be different from those in effect in the United States. When your data is stored in the country where your customers are resident, it seems logical to believe cloud service providers when they say their local data centers operate according to that country’s laws. In reality, the situation is more complicated, and the location of the data in a particular country is not enough to guarantee privacy.