GOOGLE: Ventures Into Public Key Encryption. Google’s Key Transparency project offers a model of a public lookup service for encryption keys. Google announced an early prototype of Key Transparency, its latest open source effort to ensure simpler, safer, and secure communications for everyone. The project’s goal is to make it easier for applications services to share and discover public keys for users, but it will be a while before it’s ready for prime time. Find out more
SECURITY: The Year Encryption Won. Between the revelations of mega-hacks of Yahoo and others, Russia’s meddling in the US electoral system, and the recent spike in ransomware, it’s easy to look at 2016 as a bleak year for security. It wasn’t all so, though. In fact, the last 12 months have seen significant strides in one of the most important aspects of personal security of all: encryption. Find out more
FED GOVT DOMAINS: Domain Encryption Deadline? Nah, Say 345 Government Sites. More than a third of government websites failed to meet the end-of-year deadline to set up secure domains, according to a report on Government Technology (GT). All existing federal websites were mandated – under a June 2015 memo from Tony Scott, the U.S. chief information officer – to switch over to HTTPS by Dec. 31, 2016. Find out more
WHATSAPP SECURITY FLAW: Researcher Claims Bug Allows Snooping on Encrypted Messages, but Tech Firm Denies It’s a ‘Backdoor’. Facebook-owned WhatsApp encrypts messages that its 1 billion users send to one another, but a UC Berkeley cryptography and security researcher claims the app has a bug that can be exploited to read these messages. Find out more
NOW ON SLIDESHARE: Tech Update Summary from Blue Mountain Data Systems December 2016 http://www.slideshare.net/BMDS3416/tech-update-summary-from-blue-mountain-data-systems-december-2016.
IT SECURITY SUPPORT: Blue Mountain Data Systems is actively involved in implementing FISMA and NIST standards with Federal Civilian Agencies. Due to our extensive experience in this area, Blue Mountain has developed processes and organizational techniques to help ensure security deliverables are completed on time, and performed in the most efficient manner possible. We ensure that NIST-800-53 control requirements are treated consistently during definition, analysis, implementation, auditing, and reporting phases of a system. Find out more about Blue Mountain Data Systems IT Security Support Services. Call us at 703-502-3416.
BLUE MOUNTAIN DATA SYSTEMS HAS THE EXPERIENCE: 1994 to Present – U.S. Dept. of Labor, Employee Benefits Security Administration. Responsible to the Office of Technology and Information Systems for information systems architecture, planning, applications development, networking, administration and IT security, supporting the enforcement of Title I of the Employee Retirement Income Security Act — ERISA. Within the EBSA, Blue Mountain is responsible for design, development and support for its various enforcement database management systems, as well as all case tracking and customer service inquiry systems. Blue Mountain also provides IT security services to the EBSA, in the form of FISMA Assessment and Authorization, System Security Plans, Risk and vulnerability assessments, monitoring and investigation support. Read more.