Login to your account

Username *
Password *
Remember Me

Create an account

Fields marked with an asterisk (*) are required.
Name *
Username *
Password *
Verify password *
Email *
Verify email *
Captcha *
Reload Captcha

Advertisement 

×

Message

EU e-Privacy Directive

This website uses cookies to manage authentication, navigation, and other functions. By using our website, you agree that we can place these types of cookies on your device.

View e-Privacy Directive Documents

You have declined cookies. This decision can be reversed.

Encryption: What you should do to protect your business?

Written by  Peter Pervis Feb 23, 2018

Encryption, is always a difficult subject to broach. There have been decades’ worth of debate as to whether you are too strong, or too weak.

Let’s talk about Wi-Fi. Remember WEP? It turned out anybody could crack the code in minutes. Then we got WPA, which failed to withstand a 60-second attack. So, we moved on to WPA2. I don’t need to tell you about the KRACK attack, which affected nearly all Wi-Fi devices. KRACKers were able to read communications and, perhaps even worse, inject malicious packets into traffic. As a separate matter, man-in-the-middle campaigns have successfully used fake digital certificates to impersonate encrypted websites and steal information. I guess you shouldn’t be blamed for that though.

We can’t forget about OpenSSL and the nasty Heartbleed programming vulnerability. That flaw provided access to encryption keys, giving the criminally curious an ability to decrypt SSL traffic. Imagine the delight of those who hoarded stolen encrypted data in hopes of such a flaw. After all, if somebody gets the key or underlying password, it no longer matters that a brute force attack otherwise would have taken well over a trillion years to succeed. That’s an impressive statistic indeed, if not for workarounds. Speaking of brute force, just imagine the power of quantum computing in years to come. Will NIST succeed in its current search for “quantum-resistant” cryptographic algorithms? Nobody knows.

Advertisement 

Encryption, there is no perfect security. That said, in addition to applying patches, there are a number of steps companies can take to mitigate the highest risks:

  • First, to fully protect an organisation’s most sensitive data at rest and in-motion, consider full-disk encryption and file-level encryption. The latter will protect files in transit, and ensure that simply powering up and logging onto a system doesn’t expose all files to all users.
  • Second, remember to encrypt laptops, thumb drives, backups and archives.
  • Third, set up corporate websites to offer HTTPS, and browsers to default to HTTPS sites.
  • Fourth, review key management as a lifecycle that includes key selection, generation, distribution, storage and backup, key rotation, accountability and audit, and key compromise and recovery.
  • Fifth, anticipate data breaches and encryption failures not only by deploying defences in depth, but by scaling back altogether on certain highly sensitive electronic communications. Collect and store less, and have an appropriately aggressive destruction schedule.

Well Encryption, it’s hard to know what tomorrow will bring, you can only take steps to minimise your chances of being attacked. After all there are many businesses out there who are not taking the right steps to protect themselves, but at least following the steps listed above will go some way to making you that little bit safer. 

Advertisement 
Speed up your Mac now!

Leave a comment

Make sure you enter all the required information, indicated by an asterisk (*). HTML code is not allowed.

Top News

Latest

High-paying in-demand Cyber Security Jobs in the US

Jul 16, 2018 Cyber Security

High-paying in-demand Cyber Security Jobs in the US

In a world where malicious individuals are trying to cause as much harm to businesses and enterprises as possible, suc...

Advertisement 

  1. Popular
  2. Trending
  3. Comments

Calendar

« July 2018 »
Mon Tue Wed Thu Fri Sat Sun
            1
2 3 4 5 6 7 8
9 10 11 12 13 14 15
16 17 18 19 20 21 22
23 24 25 26 27 28 29
30 31          

Advertisement 

Advertisement