Posts Tagged ‘Internet security’

h1

Cloud Computing: Managing File Transfers in the Cloud: 10 Points to Demystify the Process

May 14, 2012

Managed file transfer is a well-accepted way for organizations to share business files point-to-point, quickly, reliably and securely. This is a subject that requires attention, especially when it comes to thorny issues, such as enterprise security and compliance. MFT uses different types of applications to securely transfer data from one computer to another. This small but important area of IT management earned attention in recent years after IBM bought Sterling Commerce for more than a $1 billion, and MFT specialist Ipswitch merged with Message Way. Over the years, despite having lost a bit of its novel cachet, MFT is as effective as ever. But now, due to greater demands for the secure transfer of data through cloud systems, MFT is being refreshed as it morphs and expands to play a critical role in moving large data sets (the so-called big data)—as well as traditional business files—through the cloud. Here, eWEEK offers some key data points about MFT, the cloud, and big data. Our expert source is Robert Fox, director of B2B/EAI Software Development at Liaison Technologies in Alpharetta, Ga. Liaison Technologies cleanses and validates business data for master data management purposes and securely integrates and manages complex business information on-premise or in the cloud. Read More

Advertisements
h1

Google Drive Wants a Piece of the File Sharing and Storage Pie – But It Might Not Taste So Sweet for Businesses

May 1, 2012

This week Google announced its newest offering, Google Drive. The launch of Google Drive, a cloud-based file storage and synchronization tool, places Google’s hat in the ring with other file sharing services. In response, Vice President of Sales and Client Services at FilesAnywhere, Shayne Mehringer, gave this statement:

“Google is king when it comes to Internet searching, and websites around the world count on them for outstanding targeted advertising abilities. However, this doesn’t necessarily make them right for the business and consumer file storage market. Oversaturation in the online storage and collaboration market is actually a good thing for us. Smart, professional consumers and corporations will now be forced to do their homework. Source 

h1

The Winners of WSJ’s Data Transparency Weekend

April 17, 2012

magine installing a service on your cellphone that lets you see all the data – from location to address book info – transmitted by your phone. Or a simple website where you and your friends could have private chats that couldn’t be read by the most aggressive spying agencies. Or a service that lets you know how many tracking codes are on a site before you clicked on it.

Lam Thuy Vo
One of the coders at the Data Transparency Weekend models the official T-shirt from the event.

Over the weekend, more than 100 computer programmers built those tools and many more at the Wall Street Journal’s first-ever Data Transparency Weekend in New York.

The event was an outgrowth of the Journal’s extensive reporting about how companies and government’s are increasingly using technology to collect personal data. The event was designed to promote the creation of tools that let people see and control their personal data.

After a weekend of coding, nearly 20 projects were submitted for judging on Sunday. The entries were judged by Alessandro Acquisti, professor of information technology and public policy at Carnegie Mellon, Sid Stamm, Web security and privacy strategist at Mozilla and Andrew McLaughlin, former deputy chief technologist at the White House and vice president at Tumblr.

Danny Weitzner, the deputy chief technologist at the White House, handed out the certificates to the winning teams. The winners were:

Outstanding Scanning Project: TOSBack2 – a project to scan the Web to build a “living archive” of all privacy policies online.

Outstanding Education Project: PrivacyBucket – software that lets users of the Chrome Web browser view the type of demographic estimates that Web tracking companies make about them based on their Web browsing history.

Outstanding Control Project: Cryptocat – an instant messaging service that lets people engage in encrypted chats inside their Web browsers or on their phones. Extra bonus: the program lets people generate random numbers (which are needed for encryption) by shaking their phone – allowing the creators to say that their program is powered by dance moves.

Judge’s Choice Award: Site Scoper – a website that scans for tracking files and sensitive content on websites before you visit it.

“Ready for Primetime” Award: MobileScope – a service that lets people see what data is being transmitted without their knowledge by their cellphone. It also offers ad-blocking and do-not-track services for cellphones.

The judges also dreamed up their own three award categories:

The Zuckerberg/Systrom Memorial Award for Opportunistic Optimism Award: Pestagram, for its blatantly commercial mashup of hot Web technologies Instagram and Pinterest.

Best Listener Award: The Price of Free, for the fact that the project was generated by Professor Acquisti’s speech kicking off the weekend, in which he challenged participants to find ways to quantify how much people are paying with their data for free services.

And, finally, The Soup Cans and String Winner: Ostel, for its work on technology that allows people to make encrypted cellphone calls using voice-over-the-Internet technology.

Source: The Winners of WSJ’s Data Transparency Weekend

h1

Top 10 managed file transfer considerations

April 11, 2012

 1. Platform Openness – To reduce the points of connection to sensitive data and reduce the risk of exposure to those without a need-to-know the MFT solution should be installed on the server operating system where the sensitive data and applications reside. If your corporate data mostly resides on the IBM X, then it would make sense to get a MFT solution that runs on the IBM X.

2. Authorization Controls – To meet many compliance regulations, the MFT solution must provide role based access to limit user access to certain servers or MFT functions based on user credentials.

 3. Secure FTP – Plain FTP is not secure. The MFT solution must support both SFTP (FTP over SSH) and FTPS (FTP over SSL) protocols for secure FTP transfers.

 4. Encryption Standards – At minimum, the solution should support the industry standard encryption standards: AES, Open PGP, AS2, SSH, SSL, TLS and S/MIME.

5. Database Integration – The MFT should readily connect to DB2, SQL Server, Oracle, MySQL and other popular database servers for extracting and inserting data.

6. Data Transformation – Is the ability to translate data between popular data formats including XML, CSV, Excel and fixed-width text formats.

7. Data Compression – Compresses and packages data using popular standards such as ZIP, GZIP and TAR to reduce transmission times.

8. Application Integration – The MFT should provide commands and APIs for interfacing with your applications.

 9. Scheduling – Allows transfers and other MFT functions to be scheduled for future dates and times.

10. Key Management – Does the MFT include management tools for creating, importing and exporting keys and certificates?

h1

Apple holds the master decryption key when it comes to iCloud security, privacy

April 5, 2012

Apple can potentially decrypt and access all data stored on iCloud servers. This includes contacts, notes, unencrypted e-mails, application preferences, Safari bookmarks, calendars, and reminders.

This was recently confirmed by a source speaking to Ars, and security researcher and forensic data analysis expert Jonathan Zdziarski agreed. “I can tell you that the iCloud terms and conditions are pretty telling about what the capabilities are at Apple with respect to iCloud, and suggests they can view any and all content,” Zdziarski told Ars.

In particular, Zdziarski cited particular clauses of iCloud Terms and Conditions that state that Apple can “pre-screen, move, refuse, modify and/or remove Content at any time” if the content is deemed “objectionable” or otherwise in violation of the terms of service. Furthermore, Apple can “access, use, preserve and/or disclose your Account information and Content to law enforcement authorities” whenever required or permitted by law. Apple further says that it will review content reportedly in violation of copyright under DMCA statutes.

“If iCloud data was fully encrypted, they wouldn’t be able to review content, provide content to law enforcement, or attempt to identify DMCA violations,” Zdziarski told Ars.

Source

h1

New EU Data Laws: Cloud Brings Increased Risk Of Massive Fines

April 4, 2012

That was the warning delivered by Vinod Bange, a top London-based IT lawyer, as the EU proposes new laws to penalise data breaches.

Bange said: “Regulatory sanctions have gone way off the scale in terms of what we are used to right now. The sting in the tail, which did not exist before, is that there is a provision to calculate a fine that is based on a percentage of annual global turnover. That’s big news and a big change.

“Organisations have moved on so much since the original legislation in 1995. In this globalised, outsourced, social media, cloud driven environment, you could end up with a third tier fine.”

The EU is proposing three tiers of fines, the first of which runs up to £209,000 or 0.5 per cent of turnover, the second up to £418,000 or 1 per cent of turnover. The top tier allows for a fine of up to £837,000 or 2 per cent of turnover.

The latter could be a potentially massive fine to the tune of hundreds of millions, with tier three penalties relating to international data transfers. Businesses using the cloud, and data centres across the globe, could be more vulnerable to this massive whack of a fine.

Currently, the ICO’s maximum imposition for those who aren’t careful with their data is a £500,000 penalty.

Source: Computerworld

Read more: http://www.itproportal.com/2012/04/02/new-eu-data-laws-cloud-brings-increased-risk-of-massive-fines/#ixzz1r2Ox2ptx

h1

Biometric market set to grow to $14.685 billion by 2019.

March 26, 2012

Frost & Sullivan has carried out a new assessment of the global biometrics market that predicts 2010 revenues of $4.49 billion will increase to $14.685 billion by 2019. Universal adoption of biometric passports will be the driving force in this growth as so-called eGates are implemented at borders around the world. Portable devices used by the police and the military will also become increasingly common in the fight against crime and terrorism, according to the report. Frost & Sullivan also suggests that biometrics will be almost universally adopted in the identification of citizens through IDs, driver’s licenses and healthcards complete with biometric capabilities. Research analyst Krzysztof Rutkowski explained: “The civil and military biometric market will be highly influenced by the universal adoption of biometric passports. This will pave the way for the adoption of other measures, such as eGates, that will enhance the biometric possession experience.”