OPINION: There is No Such Thing as a ‘Safe Backdoor’ in Encryption. federal officials are now pressuring tech companies to create so-called “backdoors” that allow law enforcement to work around encrypted devices. These backdoors would grant them access to Americans’ personal data through a supposedly secure channel. In theory, a backdoor would be available only to the government and law enforcement agencies. But technology experts warn that tech companies cannot build a backdoor that would guarantee only law-abiding officials have access. If you create a way in, somebody you don’t want to get in will find it. Read more
THE PAINS OF ENCRYPTION KEY MANAGEMENT: Why Manual Processes Are So Hard. In its 2018 Global Encryption Trends Study, Thales along with Venafi and Geobridge sponsored Ponemon Institute to survey 5,252 IT and security professionals in 12 different countries about their organizations’ encryption use. Their responses revealed that many enterprises continue to struggle when it comes to balancing encryption with their security posture. Read more
POPULAR ENCRYPTION SOFTWARE: Researchers Help Close Security Hole. Cybersecurity researchers at the Georgia Institute of Technology have helped close a security vulnerability that could have allowed hackers to steal encryption keys from a popular security package by briefly listening in on unintended “side channel” signals from smartphones. Read more
FYI: Oracle’s Transparent Data Encryption. Security. Each day it seems another breach is reported, another hack revealed, more personal user information is stolen, apparently despite the best efforts to thwart such attacks. It’s becoming increasingly obvious that guarding against break-ins is simply not enough; one must be prepared for the maliciously inclined to succeed at hacking their way into ‘secure’ systems. For the Oracle DBA this may not be as daunting a task as it first appears. Read more
NOW ON SLIDESHARE: Tech Update Summary from Blue Mountain Data Systems July 2018 https://www.slideshare.net/BMDS3416/tech-update-summary-from-blue-mountain-data-systems-july-2018.
IT SECURITY SUPPORT: Blue Mountain Data Systems is actively involved in implementing FISMA and NIST standards with Federal Civilian Agencies. Due to our extensive experience in this area, Blue Mountain has developed processes and organizational techniques to help ensure security deliverables are completed on time, and performed in the most efficient manner possible. We ensure that NIST-800-53 control requirements are treated consistently during definition, analysis, implementation, auditing, and reporting phases of a system. Find out more about Blue Mountain Data Systems IT Security Support Services. Call us at 703-502-3416.
BLUE MOUNTAIN DATA SYSTEMS HAS THE EXPERIENCE: 1994 to Present – U.S. Dept. of Labor, Employee Benefits Security Administration. Responsible to the Office of Technology and Information Systems for information systems architecture, planning, applications development, networking, administration and IT security, supporting the enforcement of Title I of the Employee Retirement Income Security Act — ERISA. Within the EBSA, Blue Mountain is responsible for design, development and support for its various enforcement database management systems, as well as all case tracking and customer service inquiry systems. Blue Mountain also provides IT security services to the EBSA, in the form of FISMA Assessment and Authorization, System Security Plans, Risk and vulnerability assessments, monitoring and investigation support. Read more.