Credit Card Breach

How Secure is Your Website?

In today’s world a large amount of transactions are made online, and companies need to focus on securing their customer’s personal information. Even though encrypted web pages may be used, which are developed to prevent third parties from accessing customer data, there are still some sites that are not fully secure.

Security Measure to Think About

Security Measures to Think About

Everyone is weary of hackers and the damages that they can cause, as seen with the Heartbleed Bug and Shellshock Bash. But hacking attacks can also mean physical security breaches, as hackers do not always have to resort to intricate techniques to steal your personal information. A criminal can simply break into your house, car, or office and steal a laptop. If unencrypted, this can equal to major losses.

Apple’s Privacy Policy

Apple’s Privacy Policy

Apple’s new privacy policy allows the user to encrypt emails, contacts, and photos that uses a code that the user has created. Not even Apple will have access to this code. This gives sole power over iPhone’s personal data to the user, and this has authorities concerned. FBI director, James B. Comey has stated “What concerns me about this is companies marketing something expressly to allow people to place themselves beyond the law”, reports WSJ’s Brent Kendall.

Personal Security Vs iCloud

Personal Security Vs iCloud

According to Business Insider, if your iCloud account has been hacked, a full backup of your account can be downloaded. This gives the hacker complete access to all your personal information. Here is a scarier thought, not only will the hacker have access to all your personal data, but they will have the ability to stalk you in real time by using the Find My iPhone feature.

Encryption iPhone - The “Key” to Playing it Safe

The “Key” to Playing it Safe

Apple this week rolled out a new version of its operating system running mobile devices such as iPads and iPhones. It also announced it will no longer be able to comply with requests of law enforcement to unlock the encryption governing those phones. Moving forward, accessing encrypted data on an Apple smartphone or tablet will only be possible by the owner of that device.

Sleep and PBA

Sleep and PBA

Last month I wrote about the necessity of performing Pre-Boot Authentication (PBA) in order to get the full benefit of confidentiality that Full Disk Encryption (FDE) can provide. However, there are some environments where corporate security policy might allow for a less secure configuration as tradeoff for better usability. For example, I have conceded in the past that if a user is within the physical confines of his company, say travelling from one floor to another for a meeting, that sleep / standby (S3) might be an acceptable risk.