Proxies vs VPN: What is the difference? – TechRadar

The proxy vs VPN debate addresses two different methods of accessing the internet anonymously. Both make it appear as if you've established a connection from a different IP address by routing traffic through a remote server. This may be particularly important if youre concerned about the privacy of your personal data and your browsing habits.

However, while these technologies do similar things, they dont work in the same way, and knowing the difference can have significant implications for your online security. In this article, we take a closer look at the differences between proxies and VPNs, how they can be best used, and who will find them most useful. Lets see how they stack up against one another.

A proxy is a type of server that acts as a middle-man for internet traffic and data. It redirects internet traffic from a particular application to a different location before routing it to its eventual destination. By masking your IP address, it gives the impression that the traffic originated somewhere else.

There are various types of proxies, each with different features. For example, a proxy may be what is referred to as transparent. With a transparent proxy, the connection between your computer and the internet is intercepted. You might request to view a certain website page, but this is not delivered to you directly from that websites server, but rather via a transparent proxy running on your network. However, because your experience of using that website is exactly the same, the proxy is transparentyou are possibly even entirely unaware that it is there. However, the owner of the network on which the transparent proxy is running will be able to monitor your activity.

On the other hand, with a non-transparent proxy, you will have been required to first configure your browser to send its requests explicitly to the proxys IP address and sometimes to enter authentication details in your settings.

VPN stands for virtual private network. Similar to a proxy, a VPN also acts as a go-between for internet traffic and data. The main distinction is how they utilize encryption. VPNs tend to be significantly more secure than proxies because, at the same time as concealing your IP address, they also build an encryption tunnel between your computer and the server, making data interception nearly impossible. NordVPN (opens in new tab)and ExpressVPN (opens in new tab) are powerful examples of platforms that do this.

Its also important to note that a VPN protects your entire computer, redirecting and encrypting all your internet traffic rather than just that of a single application, as in the case of a proxy.

A VPN, therefore, serves as a secure gateway to the internet. Most popular devices, such as your phone, laptop, and desktop, can run VPN software. One thing to keep in mind is that a VPN service provider is not an internet service provider (ISP). To access the internet, you'll still need an ISPyour VPN will run atop that connection.

Deciding on whether to use a proxy or a VPN will depend on your individual needs. Let's use video streaming as an example. If youre out of the country, but want to stream video content that is exclusively available to users in the United States, you could use a US-based proxy server to access the streaming site. Certain platforms like SmartProxy (opens in new tab)excel at this, but some providers, like Netflix, are starting to block proxies.

Proxies can also help prevent users from being bombarded with unwanted advertisements, or to avoid the capture of IP-specific data. Large organizations often find transparent proxies especially beneficial. For example, they can be used in schools to restrict access to age-inappropriate websites, or businesses might use them to block the use of distracting social media platforms.

However, proxies are not suitable for activities such as online banking and shopping. Here, your security may be jeopardized if your personal details aren't safeguardedand youll need encryption for this. A VPN is therefore a superior option for users who want to share sensitive information or engage in other activities where its important to keep data safe, such as torrenting. Theyre particularly useful when using public WiFi.

VPN companies also tend to be more proficient when it comes to accessing geo-locked content, as they provide a higher level of online anonymity and security. For this reason, a VPN may be best overall if you want to watch Netflix or Hulu from a different region.

One downside is that due to the encryption process, the use of a VPN can sometimes cause a noticeable decrease in internet speed. However, there are numerous fast VPN applications available, with speeds improving all the time. Because data encryption places a greater demand on your devices resources, VPNs can also be a slightly more expensive option than proxy servers. There are, however, many excellent inexpensive VPNs to choose from, as well as some good free ones.

Proxies and VPNs share similarities in that they both employ the use of a remote server to mask your IP address and redirect internet traffic through it. The major difference between the two is encryption, and it is for this reason that VPNs far outperform proxy servers (opens in new tab)when it comes to secure browsing, especially on public WiFi networks.

With a huge range of options available, its not always easy to choose the perfect software for you. To help you in the decision-making process, weve recommended some of our favorites. Take a look at our guides to the best VPN services and the best proxy services (opens in new tab) of 2022.

Read more:
Proxies vs VPN: What is the difference? - TechRadar

In the quantum era, cybersecurity is a race against the clock – Federal News Network

Quantum technologies are expected to unlock transformative opportunities in computing, sensing and communications. At the same time, they introduce unique challenges for current operating practices across government and industry. Perhaps most alarmingly, quantum computers capable of breaking encryption could exist as early as the end of the next decade. Thankfully, we already have a roadmap for protecting sensitive systems and data against this threat. Recognizing the complexity of translating this roadmap into practice, the White...

READ MORE

Quantum technologies are expected to unlock transformative opportunities in computing, sensing and communications. At the same time, they introduce unique challenges for current operating practices across government and industry. Perhaps most alarmingly, quantum computers capable of breaking encryption could exist as early as the end of the next decade. Thankfully, we already have a roadmap for protecting sensitive systems and data against this threat. Recognizing the complexity of translating this roadmap into practice, the White House has initiated several recent executive actions to accelerate whole-of-government preparation for quantum technology capable of disrupting U.S. infrastructure and interests.

In this article, we untangle how quantum technology threatens cybersecurity and outline what organizations can do today to begin protecting sensitive assets against quantum attacks.

The internet relies on multiple cryptographic techniques to meet different information storage and communications needs. Public key (or asymmetric) cryptography has become an especially popular mechanism for encrypting information in the digital age because it sidesteps symmetric cryptographys logistical challenge of sharing a single key. Public key cryptography rests on the assumption that we can effectively secure information behind certain difficult math problems, and it has successfully delivered on that promise since the 1970s. Certain calculations are so computationally onerous that they are practically impossible to solve, even with todays best supercomputers. But quantum technology is changing the rules of the game.

Quantum computers will solve certain types of problems exponentially faster than todays computers, which we call classical computers. But faster is a bit misleading; against certain problem sets, quantum computers enable entirely new capabilities. Some of these are incredibly exciting and offer opportunities to revolutionize public service missions. Others threaten the foundation of modern data protection as they decompose the difficult math problems we rely on for cybersecurity. Quantum changes what constitutes a hard math problem by requiring it to be difficult for both classical and quantum computers. To meet this new standard, the field must identify new cryptographic algorithms. Ultimately, this transition will require organizations to identify and update vulnerable cryptography with quantum-resistant alternatives, referred to as post-quantum cryptography (PQC). The urgency around PQC has grown tremendously in the last year, but weve been headed for this inflection point for a long time.

When we talk about the quantum cyber threat, we often talk about factoring. Factoring is one of the computationally intractable problems enabling public key encryption today. For example, RSA encryption uses factoring to establish a mathematical relationship between a public and private key. Without knowing one of the factors in the published public key, decomposing the large number into its primes is so computationally onerous that we have been able to effectively conceal information behind this calculation for half a century. However, in 1994, Peter Shor demonstrated that this approach would not remain secure forever. Quantum computers can solve these problems efficiently, leaving RSA-encrypted information vulnerable when the quantum hardware necessary to implement Shors algorithm reaches scale.

If weve known about this possibility since the 1990s, what changed to drive the urgency were seeing today? The simplest answer is quantum computing capacity. When Shor developed the algorithm capable of breaking RSA encryption, it was not clear if we would ever have a quantum computer capable of executing it. Today, we know that it is a question of when, not if. The National Institute of Standards and Technology and the Department of Homeland Security warn we could see a quantum computer capable of breaking current encryption methods as early as the end of the next decade. That may sound far away, but those familiar with the complexity of this and other cryptographic transitions know that were up against a challenging timeline to transition to PQC.

PQC refers to the suite of classical algorithms designed to be difficult for both classical and quantum computers. NIST is in the final stages of standardizing these algorithms and NSA has already recommended PQC as our front-line solution for quantum-safe cybersecurity. In parallel, DHS recently published guidance to help federal agencies begin planning for PQC. In January 2022, the White House issued National Security Memorandum VIII (NSM-8) updating Executive Order 14028 to include new PQC transition requirements for national security systems. Additional requirements followed in May 2022, continuing to build momentum for the whole-of-government transition required for post-quantum cybersecurity. The Executive Order on Enhancing the National Quantum Initiative Advisory Committee reinforced the strategic importance of this technology area by establishing that the committee shall now report directly to the President in addition to its previous duties. NSM-10 emphasizes the urgency of PQC transitions by establishing an annual assessment and review cadence to ensure progress in a national quantum-safe cyber posture. NSM-10 also reflects the importance of parallel efforts in the private sector and tasks NIST with creating public-private partnerships to encourage private entities adoption of shared PQC migration standards.

Organizations must start planning their transition today to ensure the appropriate protections are in place for their most sensitive assets before quantum computers capable of breaking public key encryption emerge. NIST suggests that it may be decades before the community replaces most of the vulnerable public-key systems currently in use given the complexity of transitioning to PQC. If we really do see cryptographically relevant quantum computers by the end of the decade, thats time we dont have. NIST also called special attention to the fact that the community cannot expect PQC algorithms to function as drop-in replacements. Every agencys migration will be unique, intensifying the importance of early prototypes to identify PQCs effects on application and network performance. By auditing their cybersecurity infrastructure, organizations can identify vulnerable cryptography and develop comprehensive strategies for prototyping, implementing and maintaining security against both quantum and classical threats.

Jordan Kenyon, PhD is a senior lead scientist at Booz Allen Hamilton. JD Dulny, PhD is a director and serves as Booz Allens firm-wide quantum lead. The Booz Allen quantum team focuses on the science and impact of quantum technologies to client missions.

Read more:
In the quantum era, cybersecurity is a race against the clock - Federal News Network

Bureau of Industry and Security

Mass Market (Section 740.17)

Hardware and software items that would otherwise be classified as 5A002 or 5D002 can be classified under 5A992.c and 5D992.c if they meet the criteria listed in Note 3 to Category 5, Part 2 ("the mass market criteria"). In other words, some 5x002 items can become 5x992.c based on the way they are sold. Mass market items are described in 740.17(b)(1) and (b)(3) but not (b)(3)(iii) e.g., digital forensics) of License Exception ENC and have classification and reporting requirements.

Although a 5A992.c and 5D992.c item does not require a license exception to go to most places (because it is only Anti-Terrorism controlled) they are described in License Exception ENC 740.17, which includes the submission requirements that need to be made to BIS. Whether an item is 5x002 or 5x992.c - mass market (per Note 3 to Cat. 5 Part 2), the submission requirements are the same and therefore described in a single place under 740.17(b)(1) (self-classifiable) and (b)(3) (requires classification request to BIS).

The mass market criteria under Note 3 to Cat. 5, Part 2 has two paragraphs:

Paragraph A describes products that are generally available to the public at retail. Mass market products are typically consumer products sold at retail stores or internet locations, but products sold only to businesses can also qualify for mass market. BIS takes into account a range of factors when determining whether something qualifies for mass market including quantity of the item sold, price, technical skill required to use the product, existing sales channels, typical customer, and any exclusionary practices of the supplier.

Paragraph B applies to components of mass market products. In order to qualify for this paragraph:1. It must be a hardware or software component of an existing mass market product, meaning it is:- The same component that is factory installed in the mass market product; or- A functionally equivalent aftermarket replacement that has the same form fit and function.

2. Information Security must not be the primary function of the component;

3. It must not change the cryptographic functionality of an existing mass market item, or add new encryption functionality to the item; and

4. The feature set of the component must be fixed and not designed or modified to customer specifications.

ITEMS NOT Eligible for Mass Market 5x992.c: Items that meet the criteria in 740.17(b)(2) (e.g., network infrastructure) and 740.17(b)(3)(iii) (e.g., digital forensics) are NOT eligible for mass market treatment.

When a mass market 5x992.c item requires a Classification Request to BIS:Mass market items described under 740.17 (b)(3)(e.g., chips, components, SDK) (except for (b)(3)(iii)(e.g., digital forensics), which are not eligible for mass market) require a classification by BIS via SNAP-R before they can be classified as 5x992.c.

When a mass market 5x992.c item can be Self-Classified:Mass market items that are described under in 740.17(b)(1) can be self-classified with an annual self-classification report. If you choose to submit a classification request for a 740.17(b)(1) item, then a self-classification report for that item is not required.

When nothing is required to export a mass market item 5x992.c:The export of Mass market items that are described in the scenarios under in 740.17(a) do not require any submission to BIS.

Continued here:
Bureau of Industry and Security

Another Issue With Internet Antitrust Bills: Sloppy Drafting Could Lead To Problems For Encryption – Techdirt

from the not-good,-not-good-at-all dept

As the big push is on to approve two internet-focused antitrust bills, the American Innovation and Choice Online Act (AICOA) and the Open App Markets Act, weve been calling out that while the overall intentions of both may be good, there are real concerns with the language of both and how it could impact content moderation debates. Indeed, it seems pretty clear that the only reason these bills have strong support from Republicans is because they know the bills can be abused to attack editorial discretion.

There have been some other claims made about problems with these bills, though some of them seem overblown to me (for example, the claims that the Open App Markets bill would magically undermine security on mobile phones). However, Bruce Schneier now points out another potential issue with both bills that seems like a legitimate concern. They both could be backdoors to pressuring companies into blocking encryption apps. He starts by highlighting how it might work with AICOA:

Lets start with S. 2992. Sec. 3(c)(7)(A)(iii) would allow a company to deny access to apps installed by users, where those app makers have been identified [by the Federal Government] as national security, intelligence, or law enforcement risks. That language is far too broad. It would allow Apple to deny access to an encryption service provider that provides encrypted cloud backups to the cloud (which Apple does not currently offer). All Apple would need to do is point to any number of FBI materials decrying the security risks with warrant proof encryption.

Sec. 3(c)(7)(A)(vi) states that there shall be no liability for a platform solely because it offers end-to-end encryption. This language is too narrow. The word solely suggests that offering end-to-end encryption could be a factor in determining liability, provided that it is not the only reason. This is very similar to one of the problems with the encryption carve-out in the EARN IT Act. The section also doesnt mention any other important privacy-protective features and policies, which also shouldnt be the basis for creating liability for a covered platform under Sec. 3(a).

It gets worse:

In Sec. 2(a)(2), the definition of business user excludes any person who is a clear national security risk. This term is undefined, and as such far too broad. It can easily be interpreted to cover any company that offers an end-to-end encrypted alternative, or a service offered in a country whose privacy laws forbid disclosing data in response to US court-ordered surveillance. Again, the FBIs repeated statements about end-to-end encryption could serve as support.

Finally, under Sec. 3(b)(2)(B), platforms have an affirmative defense for conduct that would otherwise violate the Act if they do so in order to protect safety, user privacy, the security of nonpublic data, or the security of the covered platform. This language is too vague, and could be used to deny users the ability to use competing services that offer better security/privacy than the incumbent platformparticularly where the platform offers subpar security in the name of public safety. For example, today Apple only offers unencrypted iCloud backups, which it can then turn over governments who claim this is necessary for public safety. Apple can raise this defense to justify its blocking third-party services from offering competing, end-to-end encrypted backups of iMessage and other sensitive data stored on an iPhone.

And the Open App Markets bill has similar issues:

S. 2710 has similar problems. Sec 7. (6)(B) contains language specifying that the bill does not require a covered company to interoperate or share data with persons or business users thathave been identified by the Federal Government as national security, intelligence, or law enforcement risks. This would mean that Apple could ignore the prohibition against private APIs, and deny access to otherwise private APIs, for developers of encryption products that have been publicly identified by the FBI. That is, end-to-end encryption products.

Some might push back on this by pointing out that Apple has strongly supported encryption over the years, but these bills open up some potential problems, and, at the very least, might allow companies like Apple to block third party encryption apps even as the stated purpose of the bill is the opposite.

As Schneier notes, he likes both bills in general, but this sloppy drafting is a problem.

The same is true of the language that could impact content moderation. In both cases, it seems that this is messy drafting (though in the content moderation case, it seems that Republicans have jumped on it and have now made it the main reason they support these bills, beyond general anger towards big tech for populist reasons).

Once again, the underlying thinking behind both bills seems mostly sound, but these problems again suggest that these bills are, at best, half-baked, and could do with some careful revisions. Unfortunately, the only revisions weve seen so far are those that carved out a few powerful industries.

Filed Under: aicoa, amy klobuchar, antitrust, bruce schneier, encryption, open app markets

Continued here:
Another Issue With Internet Antitrust Bills: Sloppy Drafting Could Lead To Problems For Encryption - Techdirt

Should You Use This Encrypted Period Tracking App? – Gizmodo

Screenshot: Lucas Ropek/Stardust

A period-tracking company proclaimed last week that it was dedicated to protecting womens data rather than sharing it with cops in a post-Roe v Wade world. Stardust, a woman-owned period-tracking app, announced that it would be the first company of its kind to roll out end-to-end encryption. E2E limits datas visibility to only the user, keeping personal information safeand is widely considered on of the best privacy protections on the web. Stardust founder and CEO, Rachel Moranis, announced the plans in a video on the apps TikTok account on Friday, claiming the change had already been in the works prior to Roes overturning. What this means is that if we get subpoenaed by the government, we will not be able to hand over any of your period tracking data, she said.

Stardust didnt stop there, though. In a series of tweets, the company went on to state that it hopes to implement a host of new privacy protections, including a way for users to completely opt out of providing any personal identifiable information (no account generation) and use the app fully anonymously, as well as full local data storage. Following the announcements, Stardust saw a huge surge in interestbecoming the second most downloaded app in the U.S., as of Saturday.

Then the company had to do some cleanup. It wiped any mention of end-to-end encryption from its website. It admitted toand pledged to stopsharing data with at least one third-party marketing firm. And it changed its privacy policy to remove language about providing info to cops without any warrant.

The Supreme Courts recent decision to overturn Roe v. Wade and end nearly half a century of constitutional abortion rights in America has already begun to bear ugly results. In a bevy of states, draconian trigger laws have materialized, effectively criminalizing most if not all instances of the medical procedureand more laws are expected in the coming weeks. In this brave new world, civil liberties advocates have expressed concern for the ways in which womens data could be used by law enforcement to monitor for digital evidence of pregnancies. Critics have worried about the data on period tracking apps in particular, which they say could be used to prosecute women who have sought abortions via data on pregnancies that end.

As with anything that sounds potentially too good to be true, critics were quick to point out some problematic elements of Stardusts plans. Questions have swirled about whether the companys new privacy measures will be as effective as they sound. Other critics have wondered whether, in this day and age, it even makes sense to use a period tracking app at all. Its a good questionand worth considering given whats at stake right now.

G/O Media may get a commission

If they want to survive, all of these period tracker apps out there need to really get their house in order and be building up user trust, said Riana Pfefferkorn, a scholar at the Stanford Internet Observatory.

Probably the most problematic thing about Stardusts claims is that they seem to have changed over time. TechCrunch reported Monday that what the company was offering didnt really sound like ironclad end-to-end encryption. The outlet wrote:

Stardust founder [Rachel] Moranis told TechCrunch that all traffic to our servers is through standard SSL (hosted on AWS) and subsequent data storage on AWS RDS utilizing their built-in AES-256 encryption implementation. Although this describes the use of encryption to protect data while in transit and while its stored on Amazons servers, its not clear if this implementation would be considered true end-to-end encryption.

Following the interview with TechCrunch, Stardust apparently scrubbed its website of any mentioning of end-to-end encryption, essentially watering down what it had originally offered to users.

Even more problematically, further analysis of the companys platform appeared to reveal that the firm was occasionally sharing individual users phone numbers with a third-party analytics firm called MixPanel. This kind of information sharing could quite easily lead to the identification of individual userswhich is something the company has promised not to allow. After being confronted with this issue, Moranis told TechCrunch that the current (old) version of Stardust leverages several data collection mechanisms of Mixpanel that we have disabled/removed in the new version. In addition to not sending [personally identifiable information] to Mixpanel, we have also disabled IP tracking for our users to protect from that metadata being used to identify our users.

Meanwhile, Vice News was quick to point out that Stardusts privacy policy left something to be desired. In a story published Monday, the news outlet pointed out that the apps policy acknowledged that it would share information with police whether or not legally required. The policy clarifies that Stardust may...

...share aggregated, anonymized or de-identified, encrypted information, which cannot reasonably be used to identify you, including with our partners or research institutions.

When reached for comment by Gizmodo, a company spokesperson said that Vices story was based on an outdated privacy policy. A visit to Stardusts website on Monday revealed that the language in its privacy policy had been changed. The spokesperson also provided us with a statement from Moranis, Stardusts Founder and CEO, who again reiterated that the new feature was designed to avoid a digital subpoena.

With the update set to go live...Wednesday, June 29th on all iOS devices and Android, users login information will not be associated with their cycle tracking data, and therefore their data will not be a subpoena risk, she said.

We also asked for better information about the apps plans for encryption, but have not heard back yet. We will update this story if we get a response.

Its no surprise that companies like Stardust are now seeking to implement new privacy protections. In fact, such protections might be something of an industry imperative for period trackers, given the full-blown panic about digital health data that now exists afterRoe.

Stanfords Pfefferkorn said that, when properly applied, encryption could be used to protect against the harsh laws currently being passed across the country.

The Dobbs decision [which overturned Roe] underscores the importance of adding strong encryption, by default, wherever it doesnt currently exist already, Pfefferkorn told Gizmodo. She added that companies like Stardust are suddenly under a lot of scrutiny and that their business model is under threat from the public panic spurred by the recent Supreme Court decision. She said, That means being more transparent about the kinds of data that the apps collect and instituting better protections to prevent the data from falling into the wrong hands.

Pfefferkorn also recommended that women invest in existing privacy applications. One of the simplest ways to protect your online communications is to use an encrypted chat platform. For that, one of the best options is to download Signal, a chat app that offers true end-to-end encryption. Its free, easy to use, and should ensure that your conversations stay private. That might be the best place to start.

Follow this link:
Should You Use This Encrypted Period Tracking App? - Gizmodo

Insights on the Managed Encryption Services Global Market to 2027 – Featuring Accenture, Cisco Systems and Dell Technologies Among Others -…

DUBLIN--(BUSINESS WIRE)--The "Managed Encryption Services Market Research Report by Type, Industry, Deployment, Region - Global Forecast to 2027 - Cumulative Impact of COVID-19" report has been added to ResearchAndMarkets.com's offering.

The Global Managed Encryption Services Market size was estimated at USD 4,876.54 million in 2021, USD 5,544.14 million in 2022, and is projected to grow at a Compound Annual Growth Rate (CAGR) of 13.94% to reach USD 10,672.91 million by 2027.

Competitive Strategic Window:

The Competitive Strategic Window analyses the competitive landscape in terms of markets, applications, and geographies to help the vendor define an alignment or fit between their capabilities and opportunities for future growth prospects. It describes the optimal or favorable fit for the vendors to adopt successive merger and acquisition strategies, geography expansion, research & development, and new product introduction strategies to execute further business expansion and growth during a forecast period.

FPNV Positioning Matrix:

The FPNV Positioning Matrix evaluates and categorizes the vendors in the Managed Encryption Services Market based on Business Strategy (Business Growth, Industry Coverage, Financial Viability, and Channel Support) and Product Satisfaction (Value for Money, Ease of Use, Product Features, and Customer Support) that aids businesses in better decision making and understanding the competitive landscape.

Market Share Analysis:

The Market Share Analysis offers the analysis of vendors considering their contribution to the overall market. It provides the idea of its revenue generation into the overall market compared to other vendors in the space. It provides insights into how vendors are performing in terms of revenue generation and customer base compared to others. Knowing market share offers an idea of the size and competitiveness of the vendors for the base year. It reveals the market characteristics in terms of accumulation, fragmentation, dominance, and amalgamation traits.

The report provides insights on the following pointers:

1. Market Penetration: Provides comprehensive information on the market offered by the key players

2. Market Development: Provides in-depth information about lucrative emerging markets and analyze penetration across mature segments of the markets

3. Market Diversification: Provides detailed information about new product launches, untapped geographies, recent developments, and investments

4. Competitive Assessment & Intelligence: Provides an exhaustive assessment of market shares, strategies, products, certification, regulatory approvals, patent landscape, and manufacturing capabilities of the leading players

5. Product Development & Innovation: Provides intelligent insights on future technologies, R&D activities, and breakthrough product developments

The report answers questions such as:

1. What is the market size and forecast of the Global Managed Encryption Services Market?

2. What are the inhibiting factors and impact of COVID-19 shaping the Global Managed Encryption Services Market during the forecast period?

3. Which are the products/segments/applications/areas to invest in over the forecast period in the Global Managed Encryption Services Market?

4. What is the competitive strategic window for opportunities in the Global Managed Encryption Services Market?

5. What are the technology trends and regulatory frameworks in the Global Managed Encryption Services Market?

6. What is the market share of the leading vendors in the Global Managed Encryption Services Market?

7. What modes and strategic moves are considered suitable for entering the Global Managed Encryption Services Market?

Market Dynamics

Drivers

Restraints

Opportunities

Challenges

Companies Mentioned

For more information about this report visit https://www.researchandmarkets.com/r/9hm7r4

Read this article:
Insights on the Managed Encryption Services Global Market to 2027 - Featuring Accenture, Cisco Systems and Dell Technologies Among Others -...

SSH Communications Security (SSH) has received the first significant order relating to the contract for the delivery of encryption products and…

SSH Communications Security (SSH) has received the first significant order relating to the contract for the delivery of encryption products and servicesThe order announced today is worth EUR 2.1 million and will be recognized over a three-year period. SSH delivers the solution as a subscription. The order consists of cryptographic products, product-related maintenance, and support services. This order relates to the major multi-year contract for the delivery of cryptographic products and services signed and announced in December 2020. If fully exercised, the total value of the agreement is approximately EUR 20 million.

A reliable and trusted supplier of encryption productsSSH's solution for the transmission of classified information has received TL III-level security certification (equal to EU/NATO CONFIDENTIAL) in May 2022. The certification enables the solution to be used to secure transportation of critical data.

"This is a significant order for SSH, and it grows our subscription-based revenue in major customers. The order is a recognition of our futureproof solutions, and it significantly strengthens our position as a strategic partner for large customers for defensive cybersecurity solutions delivered as a service", says Dr. Teemu Tunkelo, CEO of SSH.

SSH COMMUNICATIONS SECURITY OYJ

Teemu Tunkelo

CEO

For further information, please contact:

Teemu Tunkelo, CEO, tel. +358 40 5499605 / teemu.tunkelo@ssh.com

Niklas Nordstrm, CFO, tel. +358 50 5410543 / niklas.nordstrom@ssh.com

Distribution:

Nasdaq Helsinki Oy

Major media

http://www.ssh.com

About SSH

SSH helps organizations safeguard their mission-critical digital assets at rest, in transit, and in use. We have 5,000+ customers worldwide, including 40 percent of Fortune 500 companies, and major organizations in Finance, Government, Retail, and Industrial segment.We are committed to helping our customers secure their business in the age ofhybrid cloudand distributed IT and OT solutions. Our Zero Trust solutions offer safe electronic communications, secure access to servers and between servers. Our teams in North America, Europe, Asia along with a global network of certified partners ensure customer success. The companys shares (SSH1V) are listed on Nasdaq Helsinki.www.ssh.com.

Read the original here:
SSH Communications Security (SSH) has received the first significant order relating to the contract for the delivery of encryption products and...

MongoDB debuts new encryption tool and analytics features at MongoDB World – SiliconANGLE News

MongoDB Inc. today introduced new features that will enable enterprises to query their data without decrypting it and carry out large-scale analytics projects more easily.

The features were announced at the companys annual MongoDB World conference.

Publicly traded MongoDB provides an open-source NoSQL database that is widely used among developers. The database has been downloaded more than 265 million times, while developers at north of 35,000 organizations use it to power applications.

Some of the product updates that MongoDB announced today are rolling out for its namesake open-source database. Other features will become available as part of MongoDB Atlas, a managed cloud version of the database. Atlas removes the need for customers to manage infrastructure and automates a number of other administrative tasks.

Our vision is to offer a developer data platform that provides a modern and elegant developer experience, enables broad support for a wide variety of use cases, and delivers the performance and scale needed to address the most demanding requirements, said MongoDB Chief Executive Officer Dev Ittycheria.

Companies keep the business information in their databases encrypted most of the time to ensure that hackers cant read records in case they gain network access. However, records have to be decrypted when theyre queried by an application or a user. MongoDB is rolling out a new release of its open-source database, MongoDB 6.0, that it says makes it possible to query data without decrypting it.

MongoDB 6.0s Queryable Encryption feature, as its known, doesnt require specialized cryptography know-how to use. Queryable Encryption keeps records encrypted while theyre in a servers memory. Information also remains encrypted while it travels through the servers central processing unit, according to MongoDB.

Cybersecurity researchers have long sought to develop a way of processing data without having to decrypt it. Some of the technologies that have been created to facilitate encrypted processing, such as fully homomorphic encryption, are impractical to use because they significantly slow down queries. MongoDB says Queryable Encryption facilitates speedy queries and doesnt impact application performance.

Another set of features introduced by MongoDB today focuses on helping companies carry out large-scale data analytics initiatives more easily. Some of the capabilities are rolling out for the MongoDB database, while others are part of the Atlas managed database service.

MongoDB 6.0 introduces a feature called Column Store Indexes that will speed up common analytical queries. The feature speeds up queries by creating an index, a collection of data shortcuts that makes it possible to find specific records in a database faster. Reducing the amount of time that it takes to find records enables the database to return results quicker.

For administrators, MongoDB is adding a feature that makes it easier to manage the hardware resources assigned to a MongoDB deployment. According to the company, the feature will help administrators avoid provisioning too little or too much infrastructure for a MongoDB deployment that is used to support analytics workloads.

Atlas, the managed version of MongoDB, is also receiving improved support for analytics workloads. A tool called Atlas Data Lake will provide managed cloud object storage to facilitate analytical queries. For business analysts, MongoDB is rolling out Atlas SQL Interface, a capability that makes it possible to query data using SQL syntax.

MongoDBs revenuegrew 57% year-over-year, to $285.4 million, during the quarter ended April 30. As part of its revenue growth strategy, MongoDB has been adding support for more enterprise use cases, which helps expand its addressable market and unlock new sales opportunities.

MongoDB 6.0 adds improved support for use cases that involve time series data. Thats the term for data used to describe a trend, such as how a servers performance changes over the course of a week. Time series data is used for tracking the health of technology infrastructure, monitoring shifts in product demand and a range of other use cases that MongoDB can now support more effectively.

Website development is another use case on which MongoDB is increasing its focus. The company is upgrading its managed Atlas database service by adding an integration with Vercel, a popular website development tool. MongoDB says that the integration will save time for joint customers by automating certain manual configuration tasks.

For developers using Atlas to power mobile apps, MongoDB is adding the ability to sync data to and from the popular Realm mobile database. Meanwhile, companies that rely on Atlas to power the search features of their applications and websites are also receiving new features. The company is making it easier to let users filter search results by category, a feature that usually requires significant amounts of custom code to implement.

Some MongoDB customers run multiple deployments of its database to support their applications. As part of the product updates announced today, the company is adding a set of features to simplify such customers information technology operations.

Cluster-to-Cluster Synchronization is a new tool that can automatically sync records between MongoDB databases to ensure they all have the latest version of a dataset. The tool can sync records across Atlas deployments, as well as MongoDB databases running in the cloud and on-premises.

Another new addition to the companys feature set is Data Federation. Available as part of Atlas, the capability makes it possible to centrally run a query across multiple MongoDB deployments. Data Federation could simplify large-scale analytics projects that draw on information from multiple databases.

Read more here:
MongoDB debuts new encryption tool and analytics features at MongoDB World - SiliconANGLE News

WinMagic Enters the Passwordless Authentication Market with MagicEndpoint – GlobeNewswire

MISSISSAUGA, Ontario, June 08, 2022 (GLOBE NEWSWIRE) -- WinMagic, is proud to announce that MagicEndpoint, its passwordless authentication and encryption solution is now available. With MagicEndpoint, WinMagic enters the passwordless landscape in a unique position, offering independent, yet complimentary, authentication and encryption solutions that protect both data and user. MagicEndpoint ensures that CISOs and other technology and IT security leaders, can easily implement passwordless authentication, addressing their cyber security needs, while eliminating password friction and reducing password management costs. MagicEndpoint addresses a growing industry need for precise, strong user authentication while still protecting the data security within devices, servers, and networks.

The breakthrough behind MagicEndpoint's passwordless technology means a client only has to authenticate to the endpoint to verify they are in possession of the device, and the endpoint can do the remote authentication on behalf of the users, with no user action required. MagicEndpoint does not require phones or external tokens. Smarter, faster passwordless authentication means no more obtaining codes from mobile devices, or accepting insecure push notifications, or re-setting multiple passwords. The result? Happy end-users and even happier CIOs and CISOs, who can be confident their employees and data are protected, while reducing and eventually eliminating the need for password support.

A Media Snippet accompanying this announcement is available by clicking on the image or link below:

Thi Nguyen-Huu, President and CEO of WinMagic, noted that this latest development is a proud addition to WinMagics existing award-winning suite of encryption products, and a game changer for cyber-protection. Creating a techno-logically correct solution is amazing. Nguyen-Huu added, While initially trying to use various authentication devices to give users the choice for different scenarios, we realized that the capable endpoint can perform high assurance secure remote authentication, magnitudes stronger than the user ever could. Capable of verifying user identity, even user intention, MagicEndpoint delivers not only passwordless, but also user-action-less remote authentications, undoubtedly the best user experience while eliminating any possible user error or phishable action. No user action, in turn, allows MagicEndpoint to perform continuous verification of user and device - an impossible task for any human, fulfilling the Zero Trust aspired principle of Always Verify!

In a newly published 451 Research Market Insight Report, Principal Security Research Analyst Garrett Bekker remarked on the product development, saying, It is logical for an endpoint-focused encryption vendor to leverage that expertise with an endpoint-focused authentication offering. One of MagicEndpoints main value propositions is the ability to offer no user interaction (for Windows devices), which in turn allows for continuous verification of the endpoint client and is a step toward delivering a zero-trust architecture along with the ability to establish device trust by combining user authentication with device health checks.

MagicEndpoint passwordless authentication is based on the principle that the endpoint can perform public key-based authentication that no other device or bad actor can duplicate. By leveraging this inherent capability within endpoint devices, the attack surface is significantly reduced.

About WinMagicWinMagic is a leading developer of cybersecurity solutions that, over the course of 20 years, has raised the bar for endpoint encryption. As a result of extensive experience with securing the endpoint and a commitment to continuous innovation, WinMagic is trusted by over 2500 businesses and government agencies around the world and has over 3 million active licenses globally. WinMagics authentication and encryption suite of products protects data within any laptop, physical or virtualized data center, on-premises or in the cloud. The companys solutions are platform-independent, able to secure data on devices using Windows, Linux and Mac systems.WinMagic has earned wide recognition for protecting against threats and data loss, while helping businesses meet privacy and regulatory compliance requirements. WinMagic delivers a secure, seamless authentication and encryption experience and offers solutions that free customers to think, share and achieve their goals, knowing employees and data are protected. For more information, visit ww.winmagic.com.

For more information:Nadine BrownDirector of Marketing and CommunicationsNadine.brown@winmagic.com

Go here to read the rest:
WinMagic Enters the Passwordless Authentication Market with MagicEndpoint - GlobeNewswire

Securities Litigation Partner James (Josh) Wilson Encourages Investors Who Suffered Losses Exceeding $100,000 In Arqit To Contact Him Directly To…

NEW YORK, NY / ACCESSWIRE / June 9, 2022 / Faruqi & Faruqi, LLP, a leading national securities law firm, is investigating potential claims against Arqit Quantum Inc. f/k/a Centricus Acquisition Corp. ("Arqit" or the "Company") (NASDAQ:ARQQ,ARQQW,CENH,CENHU,CENHW) and reminds investors of the July 5, 2022 deadline to seek the role of lead plaintiff in a federal securities class action that has been filed against the Company.

If you (i) suffered losses exceeding $100,000 investing in Arqit stock or options between September 7, 2021 and April 18, 2022, and/or (ii) were a holder of Centricus securities as of the record date for the special meeting of shareholders held on August 31, 2021 to consider approval of the merger between Arqit and Centricus (the "Merger") and would like to discuss your legal rights, call Faruqi & Faruqi partner Josh Wilson directly at 877-247-4292 or 212-983-9330 (Ext. 1310). You may also click here for additional information: http://www.faruqilaw.com/ARQQ.

Faruqi & Faruqi, LLP, Thursday, June 9, 2022, Press release picture

There is no cost or obligation to you.

Faruqi & Faruqi, LLP, Thursday, June 9, 2022, Press release picture

Faruqi & Faruqi is a leading minority and Woman-owned national securities law firm with offices in New York, Pennsylvania, California and Georgia.

As detailed below, the lawsuit focuses on whether the Company and its executives violated federal securities laws by making false and/or misleading statements and/or failing to disclose that: (1) Arqit's proposed encryption technology would require widespread adoption of new protocols and standards of for telecommunications; (2) British cybersecurity officials questioned the viability of Arqit's proposed encryption technology in a meeting in 2020; (3) the British government was not an Arqit customer but, rather, providing grants to Arqit; (4) Arqit had little more than an early-stage prototype of its encryption system at the time of the Merger; and (5) as a result, Defendants' statements about its business, operations, and prospects, were materially false and misleading and/or lacked a reasonable basis at all relevant times.

Story continues

On April 18, 2022, The Wall Street Journal (the "WSJ") published an article titled, "British Encryption Startup Arqit Overstates Its Prospects, Former Staff and Others Say." The WSJ article stated, in relevant part:

When the company secured its Nasdaq listing last autumn, its revenue consisted of a handful of government grants and small research contracts, and its signature product was an early-stage prototype unable to encrypt anything in practical use, according to [former employees and other people familiar with the company]. The encryption technology the company hinges on-a system to protect against next-generation quantum computers-might never apply beyond niche uses, numerous people inside and outside the company warned, unless there were a major overhaul of internet protocols.

British cybersecurity officials questioned the viability of Arqit's proposed approach to encryption technology in a high-level evaluation they privately shared with the company in the summer of 2020, according to people familiar with the matter.

The U.S. National Security Agency and the NCSC published separate assessments in recent years warning against using satellite-based encryption systems like those Arqit is proposing to integrate into its current product in the next few years. The NSA said its warning was unrelated to any specific vendor, a spokesperson said.

The encryption system-with or without its satellite components-depends on the broad adoption of new protocols and standards for telecommunications, cloud computing and internet services that currently aren't widely supported, people familiar with the matter said.

Steve Weis, a San Francisco-based cryptographer and entrepreneur, said that what Arqit was proposing-relying in part on transmitting quantum information from satellites-is a well-known 1980s-era technology with limited real-world application. "There have been many proofs of concept and companies trying to sell products," he said. "The issue is that there is no practical-use case."

Key to the company's pitch was its claim that it had a large stream of future revenue locked in as the product was live and already selling well. "Customers are using the Arqit products today-and they are universally finding it to be an important part of their technology future," Mr. Williams said in an August investor presentation shortly before the merger closed. He added, "The Quantum Cloud product is live for service and we already have $130 million in signed committed revenue contracts."

"These are contracts where the revenues will definitely be delivered," the CEO said.

The people familiar with the matter said that the bulk of the company's committed revenue isn't from selling its product and that at its public launch, the company had little more than an early-stage prototype of its encryption system. Several clients the company lists-including a number of British government agencies-are simply giving Arqit research grants, nonbinding memorandums of understanding or research agreements that come with no funding, not contracts for its encryption product, they said.

No commercial customer was using Arqit's encryption system with live data when it made its market debut in September, the people said, and the system couldn't meaningfully use any of the common internet protocols required to do nearly anything online. They said it has signed two master distribution agreements with BT Group [] PLC and Sumitomo Corp. [] for the still-unrealized satellite component of its technology that are cancelable under certain conditions.

On this news, Arqit share price fell $2.57 per share, or 17%, to close at $12.49 per share on April 18, 2022, damaging investors.

The court-appointed lead plaintiff is the investor with the largest financial interest in the relief sought by the class who is adequate and typical of class members who directs and oversees the litigation on behalf of the putative class. Any member of the putative class may move the Court to serve as lead plaintiff through counsel of their choice, or may choose to do nothing and remain an absent class member. Your ability to share in any recovery is not affected by the decision to serve as a lead plaintiff or not.

Faruqi & Faruqi, LLP also encourages anyone with information regarding Arqit's conduct to contact the firm, including whistleblowers, former employees, shareholders and others.

Attorney Advertising. The law firm responsible for this advertisement is Faruqi & Faruqi, LLP (www.faruqilaw.com). Prior results do not guarantee or predict a similar outcome with respect to any future matter. We welcome the opportunity to discuss your particular case. All communications will be treated in a confidential manner.

SOURCE: Faruqi & Faruqi, LLP

View source version on accesswire.com: https://www.accesswire.com/704577/Securities-Litigation-Partner-James-Josh-Wilson-Encourages-Investors-Who-Suffered-Losses-Exceeding-100000-In-Arqit-To-Contact-Him-Directly-To-Discuss-Their-Options

Follow this link:
Securities Litigation Partner James (Josh) Wilson Encourages Investors Who Suffered Losses Exceeding $100,000 In Arqit To Contact Him Directly To...