Security & Encryption After Edward Snowden

It's been almost four years since Edward Snowden leaked US National Security Agency documents revealing the extent of the organisation's surveillance of global internet traffic, but he's still making the headlines in Germany.

There have been a lot of changes on the Internet in those four years, but one of the biggest is the growth in the use of encryption.

In 2013, the NSA had free rein and could listen in on almost any communication it wanted. Now, it's commonplace to encrypt traffic to webmail services and even popular websites such as Microsoft.com or Google.com using the https protocol. And you don't have to be an enemy of the state to use an end-to-end encrypted messaging system such as WhatsApp simply to chat with friends.

The encryption seems to be working, too. Leaked files from the US Central Intelligence Agency, published by Wikileaks, show no obvious signs that fundamental encryption systems have been broken. Instead, the agency's focus seems to have been on subverting smartphones and other terminal devices so that it can access data before encryption, or after decryption.

Keeping unwanted visitors, of whatever nationality, away from your data is therefore key, and some of the exhibitors at Cebit have ways to help you do just that.

Secusmart, the BlackBerry subsidiary that secures German Chancellor Angela Merkel's smartphone, is showing new a version of its SecuSuite security software compatible with Samsung Electronics' Knox platform. That means that organisations looking for smartphones offering government-grade security will soon be able to buy a Samsung Galaxy S7 or S8 rather than the now-discontinued BlackBerry OS smartphones like the one Merkel uses. 

In addition to encrypting communications and data stored on the device, SecuSuite for Samsung Knox also secures voice calls using the SNS standard set by Germany's Federal Office for Information Security (BSI). 

Genua is showing its Data Diode. Named for the electronic component that only allows current to flow in one direction, it allows the transfer of data, log files, backups and emails into a network at up to 3 Gbit/s, while ensuring that only the necessary protocol status messages are sent back.

Sometimes we choose to let data escape from our networks. The digital assistants in our phones and in appliances like Amazon Echo or Google Home record a lot of what we say and do, and send it to their creators' cloud services for processing. 

Amazon's lawyers have recently been fighting to keep that information secret for its customers, but if you don't want to rely on a court verdict for your privacy, you might prefer your voice-controlled assistant to do all its processing at home. 

Semvox has developed an intelligent speech interaction system, ODP S3, that operates locally or in the cloud. It says it's suitable for automotive, industrial, smart home, medical device and robotics applications, among others.

Best practice, these days, is to encrypt all your data at rest, something that many operating systems will do for you these days. What do you do, though, if you didn't encrypt the data on an older device, but now want to securely dispose of its hard disk? If you only have a few such disks you can just drill holes in them, but after a while that will get boring. If you're decommissioning hundreds of disks, you might want to automate things with the HDS230 hard drive shredder from HSM. 

They have a plentiful supply of disks to shred, but you can also bring your own if you really won't need that data again.

If you did encrypt your data, you'll need to remember the password. But if you need to share access to that data, what then? Remembering passwords, and remembering who in the enterprise should have access to them, is the job of Password Safe from Mateso. 

The software can provide temporary, time-controlled access to passwords, logging who has used them and when. If it's too late and you've already forgotten your password, maybe the magician on the Mateso stand can pull it out of thin air.

Computerworld

CIA leak 'absolutely' an 'inside job':

Snowden Helping To Protect Journalists:

UK Accused Of 'full-frontal attack' On Whistleblowers:

 

 

« A Quick Tour Of Cybercrime’s Underground
Cybersecurity’s Human Side Is A Problem »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

ISO Quality Services Ltd

ISO Quality Services Ltd

ISO Quality Services is an independent organisation that specialises in the implementation, certification and continued auditing of ISO and BS EN Management Standards including ISO 27001..

Haltdos

Haltdos

Haltdos is an AI driven website protection service that secures websites against today's cyber threats.

Resec Technologies

Resec Technologies

Resec provides total protection against all types of known and unknown malware threats including viruses, Trojans, ransomware and phishing, regardless of their delivery method.

Lightship Security

Lightship Security

Lightship Security is an accredited Common Criteria and FIPS 140-2 IT security testing laboratory that specializes in test conformance automation solutions and IT product security certifications.

T-REX

T-REX

T-REX is a coworking space, technology incubator, and entrepreneur resource center for technology startups.

PatrOwl

PatrOwl

Automate your SecOps with PatrOwl, and start defending your assets efficiently.

Datacentrix

Datacentrix

Datacentrix provides end-to-end cybersecurity services for the operational technology (OT) and IT environments to monitor, assess and defend our customers' information assets.

AiCULUS

AiCULUS

AiCULUS is a global technology company that specializes in API security and Risk Management products.

DeepSeas

DeepSeas

DeepSeas is the result of a merger between Security On-Demand (SOD) and the commercial Managed Threat Services (MTS) business of Booz Allen Hamilton.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Conversant Group

Conversant Group

Conversant Group is an IT infrastructure and security consulting company, providing technical, organizational, procedural, and process consulting internationally.

Valence Security

Valence Security

Valence manages and secures your Business Application Mesh by delivering visibility, reducing unauthorized access and preventing data loss.

Identity Management Institute (IMI)

Identity Management Institute (IMI)

Identity Management Institute (IMI) provides professional training and certification in cyber security with a focus on identity and access management, identity theft, and data protection.

Core Sentinel

Core Sentinel

Australia's #1 Penetration Testing Service. Make Your Systems Fully Compliant With Our OSCE CREST/CISA Certified Penetration Testing.

Zyxel Networks

Zyxel Networks

Zyxel Networks is a leading provider of secure, AI-powered networking solutions for small to medium businesses (SMBs) and the enterprise edge.

VPNBlade

VPNBlade

VPNBlade is your go-to resource for expert reviews and advice on VPN services.