Thank you for your interest!

Add free and premium widgets by Addwater Agency to your Tumblelog!


To hide the widget button after installing the theme:

  1. Visit your Tumblr blog's customization page (typically found at http://www.tumblr.com/customize).
  2. Click on Appearance.
  3. Click Hide Widget Button.
  4. Click on Save+Close.

For more information visit our How-To's page.

Questions? Visit us at tumblr.addwater.com

[close this window]

Three Industries that Must Raise the Bar in Encryption for Their Own Protection

One of the easiest predictions regarding network security issues for 2014 and beyond is that the scale of cyber attacks will increase. In light of the recent release of the network security framework by the National Institute of Standards and Technology (NIST) which highlighted security concerns for 16 industrial sectors, here are three industries that must raise the bar in encryption immediately.

* Healthcare – The problematic launch of the Affordable Care Act provided a glimpse of the potential for havoc related to private patient information, but the real security risks in this sector are centered on the growing number of patients in the system and the increasing rewards presented by successful intrusions. Statistically speaking, the most common data targets in healthcare related to cyber intrusions are payment information, medical histories and insurance records. As if the potential for cyber attacks isn’t enough, additional motivation for upgraded data encryption is arriving in the form of an increase in HIPPA-related audits in 2014.
* The financial sector – The customers of financial service firms can see their banking information fall into the hands of hackers via network intrusions, illicit card swipers, information left on mobile devices, etc. While there are security standards in place, such as PCIDSS, the recent slew of high profile breaches indicates that hackers have upped their game enough to work around elemental security measures.
* Utilities – One of the biggest challenges related to network security and the need to encrypt data is the general mindset in the sector. According to recent studies, three-quarters of the providers in this sector have experienced network intrusions in the last year but there is still a tangible neglect of major security issues in approximately two-thirds of the same organizations. While the lack of urgency toward improving network security may be related to either the expense of upgrading systems or the perception that utilities aren’t primary targets, the successful shutdown of an already fragile electrical grid, for example, could result in rapidly escalating costs rivaling or exceeding the largest financial breaches.

As hacking capabilities increase, so too does the level of damage that can be incurred by successful intrusions. As the stakes get steadily higher, these industrial sectors will have to raise the bar in their encryption efforts, or risk potentially devastating losses.

Has the NSA Cracked SSL Encryption?

When the New York Times published an article in early September 2013 that hinted at the NSA’s newfound ability to crack Secure Sockets Layer (SSL) encryption codes, the first reaction by many industry watchers was that the agency had achieved open access to online activities ranging from sending and receiving emails to making purchases on Amazon. In the weeks following the article’s release, however, the analysis of “circumstantial” evidence and other NSA activities has led industry experts to question whether the agency has actually decoded the algorithms used for SSL encryption or is using other methodologies for access.

These possible methodologies include:

* Using networks of computers to target specific users and running calculations until a specific code is broken. The successes of these types of attacks are currently assumed to be limited to weaker codes.
* Hacking to get specific algorithmic keys that are used for encryption
* Using legal means, coercion, or intimidation to gain access to encryption keys used by companies that provide internet services

Of the methodologies for gaining access, the use of the threat of legal action is one area that can’t be fortified due to the fact that many smaller companies simply don’t have the resources for lengthy and/or complex court battles. At the same time, leaked documents have revealed that larger internet companies have been cooperating with the NSA regarding access since 2007. Whether that access included the provision of encryption keys is still up for debate.

Prior to the headline grabbing NSA revelations, the Certification Authority Browser Forum, which sets guidelines that govern SSL protocols, had already mandated that customers with 1024 SSL certificates migrate to the new standard of 2048-bit RSA/DSA by the end of 2013 due to concerns that the existing shorter codes had become vulnerable to quantum computing attacks. This change will raise the algorithmic complexity of encryption codes, which will make brute force computing attacks less effective. The question remains, however, whether the NSA will be able to exploit the human aspect of the equation to reach their objectives.

California proposes mandatory kill-switch on phones and tablets


A very early typewriter. Throwback Thursday!

A very early typewriter. Throwback Thursday!

Fans Don’t Let Fans Drive Drunk | SurfKY.com


Datacenter Relocation & Migration


Partner with established experts who will create a comprehensive plan.  At DCI, our team of certified project managers and engineers offer end-to-end relocation services that save time, reduce expense and minimize risk exposure.

Upgrades and Migrations


IT Consulting Company | Microsoft & Cisco Consulting | Network Security | Microsoft Exchange Consultant


Visit our new and improved website!

thisistheverge:

ZTE shows off its own modular phone
Motorola stunned us a few months ago when it announced plans to develop a modular smartphone through a collaboration called Project Ara, but we’ve yet to see even a prototype of the device. Here at CES, ZTE is showing off its own modular phone concept, named the Eco-Mobius. The model on display is locked behind glass, and try as we did representatives would not remove it from its tomb for a close look. But the concept shows how users could replace the camera, battery, display, and “core” modules. The core includes separate modules for the processor, RAM, storage, and graphics processor. 

thisistheverge:

ZTE shows off its own modular phone

Motorola stunned us a few months ago when it announced plans to develop a modular smartphone through a collaboration called Project Ara, but we’ve yet to see even a prototype of the device. Here at CES, ZTE is showing off its own modular phone concept, named the Eco-Mobius. The model on display is locked behind glass, and try as we did representatives would not remove it from its tomb for a close look. But the concept shows how users could replace the camera, battery, display, and “core” modules. The core includes separate modules for the processor, RAM, storage, and graphics processor.