I would like to be able to transfer several private Word documents, written on my Windows 7 PC, to my Samsung Galaxy tablet and smartphone, and be able to open and edit them. It is important that the documents cannot be read by anyone else, should my phone or tablet be hacked, lost or stolen.

You can password protect or encrypt documents in Word, but it gets a bit complicated when it comes to opening or editing them on mobile devices that do not run on Windows.

The only version of Word for Android is in Microsoft Office Mobile but it only works on phones and cannot open encrypted documents.

One simple workaround is to use an encryption utility that works on both Windows and Android, and Word compatible office apps on your smartphone and tablet. For the latter I recommend WPS Office, free from Google Play.

Surprisingly there are relatively few cross-platform encryption systems but SSE (Secret Space Encryptor) is worth investigating and by default it uses practically uncrackable 256-bit AES encryption. Both the Android (and iOS) apps and the Windows program are free for personal use; download links can be found at: http://goo.gl/Ayojps.

Once everything is installed open Windows Explorer and SSE File Encryptor on your PC, create your password then drag and drop the Word documents into the open SSE window and when it has finished transfer the saved and encrypted files to your devices Documents folder.

Open the SSE app on your smartphone or tablet, select the file, enter your password, the file will be decrypted and you can open it as a normal Word document in WPS Office.

Follow this link:
How do I get Word documents on to my Android tablet securely?

Identity based Encryption with Outsourced Revocation in Cloud Computing
ChennaiSunday Systems Pvt.Ltd We are ready to provide guidance to successfully complete your projects and also download the abstract, base paper from our web...

By: ChennaiSunday Sivakumar

The rest is here:
Identity based Encryption with Outsourced Revocation in Cloud Computing - Video

D.C. Mayor Muriel E. Bowsers administration announced Wednesday that the District will abandon its new system of encrypting radio communications among firefighters and paramedics.

The Districts encryption came under intense scrutiny last month when Metro officials said they found changes to firefighter radio settings related to encryption following a widespread radio failure during Metros fatal Jan.12 smoke incident.

In that incident, D.C. firefighters could not communicate with supervisors above ground when they learned that a train was trapped in a smoke-filled tunnel south of the LEnfant Plaza station with more than 200 passengers aboard.

D.C. firefighters and the citys homeland security agency have disputed that encryption played any part in the radio failure.

In a statement on Wednesday, Rashad Young, Bowsers city administrator, said the encryption issue had been under review since before Bowser was inaugurated Jan.2. Going forward, he said, encryption would be only used on a case-by-case basis.

After a thorough review that began in December, Mayor Bowser has decided that it is in the best interest of the District and its residents to change encryption protocols, Young said.

Two administration officials who spoke to the Post about the upcoming change on Tuesday stressed that the move was not an acknowledgment that encryption hampered rescue efforts last month, when Metro passengers waited for more than 35 minutes for help.

It has nothing to do with the Metro incident, said one of the two officials. Both spoke on the condition of anonymity because they did not want to be seen as preempting Bowsers announcement. The impending announcement was first reported by WRC (Channel 4).

The timing of the announcement has in fact been complicated because we dont want to suggest in any way that it is connected to the outstanding allegation that [encryption and the Metro incident] are connected, the official said.

The District began work to encrypt its radio transmissions after the 2013 rampage at the Navy Yard. The shooting that left 12 dead prompted a dangerous search by police as they hunted the gunman before fatally shooting him. Although communication involving federal and local police agencies could not be heard by outsiders, the fire department scanner widely available over the Internet provided an account of some of the behind-the-scenes activities. Firefighters were not in the building when the manhunt was underway.

See the article here:
D.C. mayor to end controversial encryption of firefighter radios

To prevent breaches companies must strictly control which employees can access sensitive data.

The recent data breach at health insurer Anthem saw criminals access the personal details and Social Security numbers of more than 80 million peoplethe biggest health-care data theft to date. Medical and payment data was not compromised, but the names, addresses, birthdays, and Social Security numbers accessed can be used by criminals to commit various types of fraud.

Many people have been surprised to hear that this sensitive data was not encrypted and that the federal mandate for securing health-related data, HIPAA, does not require it to be. In fact, HIPAA only strongly encourages encryption. Organizations that choose not to use encryption are supposed to document the reasons why not and implement an equivalent alternative measure if reasonable and appropriate. The vagueness of this requirement is the crux of class action and other lawsuits being filed against Anthem.

But even if Anthem had used encryption, the data could have still have been compromised. Encryption is just one part of the arsenal that organizations need to deploy to secure sensitive data. Encryption is great for securing data in transit and at rest, but if the credentials and keys are compromised it does little to protect the data.

The bigger issue in many breaches is that organizations havent properly implemented data access security controls. They need to have safeguards in place in case attackers can bypass perimeter defenses and compromise administrator level credentials.

This is precisely what happened to Anthem, which says its attackers gained access to at least five sets of employee credentials.

Its ridiculously easy for cybercriminals to find the information they need to compromise almost any organization. A quick look at Anthem job postings and LinkedIn profiles was enough for me to identify the software Anthem uses for its data warehouse.

From there, I could easily identify more than 100 people, such as system architects and database administrators, who would have privileged access to the data warehouse storing tens of millions of sensitive personal records. This was probably the first thing Anthems attackers researched before conducting a phishing campaign to distribute the malware used to harvest employee credentials.

An attacker who can compromise a system via the credentials of a user with administrator-level access to the data warehouse can easily steal more credentials, find monetizable information, and exfiltrate unencrypted data.

So what should organizations do to secure sensitive customer data? Sophisticated attackers with enough time and resources can get into any organization eventually. Cybercriminals are fully aware of the constant trade-offs that organizations make to balance security with operational efficiency, and theyve repeatedly demonstrated that theyre fully capable of exploiting even tiny security weaknesses.

Read the original:
Encryption Wouldn’t Have Stopped Anthem’s Data Breach

Home News Cloud Box delivers encryption management to boost security for enterprise customers Box believes it has cracked one of the last remaining concerns for security conscious and heavily regulated industries with the introduction of an Enterprise Key Management product.

Share

Box Enterprise Key Management (EKM), currently in beta, gives businesses the ability to maintain exclusive control over their encryption keys. The technology is currently being delivered via Amazon Web Services and Gemalto.

"In the old days, if you wanted to encrypt and protect data inside your organisation, IT could set it up," said Rand Wacker, Box's vice president of enterprise products. "But if you tried to share something across organisations, that's usually where stuff broke down."

Aimed at users in highly regulated industries such as finance, government, legal and healthcare as well as geographies such as Germany, Box EKM is designed to help enterprises reap the rewards of cloud computing while still maintaining control over encryption, he said.

Box, which IPO'd last month, and has its European HQ in London, already makes sure all content it stores is already encrypted, Wacker noted. What's new is that Box EKM externalises management of the associated encryption keys.

"When a customer uploads a file, it's encrypted with a unique key for that file," he said. "What happens today is that the file-specific key is encrypted by an internal key-management system."

With the new capability, however, customers get control over that key and the auditing of it.

The key infrastructure is provided by a dedicated AWS CloudHSM appliance leveraging Gemalto's SafeNet Hardware Security Modules (HSM) for key encryption and protection. Customers retain full control of their keys and cryptographic operations while Amazon manages and maintains the hardware.

Box EKM not only separates encrypted data and the keys used to manage it, but also creates an audit log for the customer's review.

Read more here:
Box delivers encryption management to boost security for enterprise customers

Box has been talking for more than year about letting its customers manage their own encryption keys, allowingthem to store data in the cloud while maintaining control over who gets to access it.

This isnt a straightforward problem to solve, because Boxs whole business is built on making it easier to share data and collaborate. The strictest security controls could eliminate the reason 44,000 companies are paying Box.

Today, Box says it has a new product that gets the job done. Called Enterprise Key Management (EKM), the service puts encryption keys inside a customers own data center and in a special security module stored in an Amazon data center. The Box service still must access customers data in order to enable sharing and collaboration, but EKM makes sure that only happens when the customer wants it to, Box says.

When asked if the service would prevent Box from handing data over to the government, acompany spokesperson said, Unless the customer provides authorization to Box to provide the content thats asked for, Box is prevented from sharing the content. When customers use Box EKM we are not able to provide decrypted content because we dont have the encryption keys protecting the customers content.

Without EKM, Box could be forced to hand data over to the government without notifying the customer if the government request is valid and requires Box to keep it secret.

As Box describes it, EKM would make it a lot harder to hide government requests. The service is being used in beta by about 10 businesses, including Toyota and World Bank Group, and will be generally available to Box enterprise customers in the spring for an added fee.

Box has 48 percent of the Fortune 500 as customers, with millions of individual users, but there are still some customers that cant adopt the cloud, super regulated businesses in financial services, some very large energy companies, some major insurance companies, obviously government agencies and departments, Box cofounder and CEO Aaron Levie told Ars.

These customers want more control over file encryption, but "the challenge is a bunch of these solutions essentially break what we're really good at, which is our end user experience," Levie said. "A lot of our in-line security capabilities like virus scanning, content previewing, and information rights management, all the capabilities where we add on top of your content, tend to break down in a world where we're not helping you manage that encryption."

EKM relies on a Hardware Security Module (HSM) made by SafeNet, which is placed inside Amazon's CloudHSM service. Unlike most Amazon cloud services, this one gives each customer dedicated hardware.

CloudHSM "allows you to protect your encryption keys within HSMs designed and validated to government standards for secure key management," Amazon says. "You can securely generate, store, and manage the cryptographic keys used for data encryption such that they are accessible only by you."

Read more:
Box hands cloud encryption keys over to its customers

DUBLIN, Feb .10, 2015 /PRNewswire/ --Research and Markets

(http://www.researchandmarkets.com/research/6376kr/encryption) has announced the addition of the "Encryption Software Market by Applications, by Deployment Type & by Regions - Global Forecast and Analysis 2014 - 2019" report to their offering.

The global Encryption Software Market is expected to grow from $1.85 billion in 2014 to $4.82 billion by 2019, at a Compound Annual Growth Rate (CAGR) of 21.1% during the forecast period 2014-2019.

The encryption software market is fast gaining traction mainly due to the introduction and reception of the Bring Your Own Device (BYOD) trend, the growing demand among organizations for augmenting efficiency through safeguarding data transfer with the help of emails across mobile devices. Additionally, the rising data security apprehensions involved in business information access and transfer across these devices further demands security solutions.

Today, organizations are quickly embracing data security solutions to supplement flexible work culture among workforce in a secure manner as it delivers the employees with flexibility in work patterns, and thereby augments the productivity of the companies. Further, the growing volume and strength of cyber-attacks and commercial espionage along with rising proclivity of mobile devices loss and theft is further empowering the adoption of encryption solutions for enabling secure transmission of data across these devices and abstaining commercial espionage and cyber-attacks. Furthermore, the adoption of encryption software is fortified due to the evolution of mandate regulatory standards related to data transfer and its security, that needs to be complied with, across diverse industry verticals such as PCI DSS for BFSI and HIPPA for healthcare, as these solutions adhere with certain specific regulatory norms and enable secured access to data and its transmission across diverse devices including PCs, and mobile devices. Hence, the emergence of these solutions is further adding to the demand of encryption software across the world.

Key Topics Covered:

1 Introduction

2 Research Methodology

3 Executive Summary

4 Premium Insights

Follow this link:
Encryption Software (Disk Encryption, File/Folder Encryption, Database Encryption, Communication Encryption, Cloud ...

Box wants customers to trust it with their most sensitive data. So the cloud-storage and -management company Tuesday said it will soon offer extra encryption that Box says will keep everyone out even Box.

For an undisclosed fee, Box customers will manage the encryption keys used to scramble their data housed on Box servers. In theory, that means only the customer, or people authorized by the customer, will have access to the files.

The new offering checks three strategic boxes for Box.

- It could help win confidence among companies with highly sensitive information, in industries such as banking, specialized manufacturing or health care.

- It could make overseas customers more comfortable handing data to an American company. The Edward Snowden leaks showed international customers that the U.S. government uses court orders to obtain data on the users of Silicon Valley companies. In theory, the new services would prevent Box from handing over user content.

- Its a new source of revenue for Box, which started trading shares publicly last month amid promises from Chief Executive Aaron Levie to boost revenue.

Files stored on Box are routinely encrypted. When a customer logs in, the password tells Box to decrypt the file with a special key for that file. Box keeps that key on its servers.

The new offering will add a second layer of encryption that requires a key stored elsewhere.

Box customers will rent space on encryption-key storage devices managed by Amazon Web Services. Made by SafeNet, the device is allegedly tamper-proof and logs all requests for the keys it holds. Amazon rents use of them to its customers.

Amazon and Box maintain they cant access user data, because they have no access to the SafeNet device.

Excerpt from:
Box Offers Extra Encryption in Bid for Additional Trust

USB drives that are fast and mobile clearly have uses for certain customers, especially those requiring security. Ultimately, these devices and their encryption features need to be managed by IT to truly keep sensitive data safe.

TORONTO More than a year ago I wrote about how little use I had for a box of USB thumb drives Id collected over the years, but not all readers agreed with me, pointing out the various benefits of having one handy.

Since then, Ive pulled out a thumb drive once to re-flash some firmware on a media streamer. The fact that I work from home means I dont have much need to transport data, and if need be, most of my important documents can be grabbed from the cloud when Im on the go using any device.

But I can see why some users or organizations might need to a portable drive sometimes you just cant connect to the cloud securely enough or at all, or the file you need is so large, downloading it is inconvenient. Or you dont really trust cloud services at all.

Portable drives can pose a security risk as well. Next to hacked databases, often most of the high-profile data-theft stories we hear about are due to lost or stolen USB drives that were not secure and were holding data that should never have left the corporate firewall in the first place.

Thats why Kingston still sees a market for portable USB flash drives. In fact, its growing, according to Ken Campbell, the companys encrypted USB business manager. Specifically, the opportunity is in encrypted drives, a product area that grew 19% in 2014 over the 2013, he said.

Security is still high on peoples minds, Campbell said in a telephone interview, and they always need to transfer data. There are times where there is no Internet and you have to carry data around somewhere.

WiFi is perceived to be more ubiquitous than it really is. I make sure all of my critical documents are available offline on all my computers in case I lose connectivity on long train rides, for example, so I can be productive while travelling.

But its security where Kingston sees the opportunity. The company is targeting corporate customers and government organizations that are intentionally moving data on portable USB flash drives with encryption and management tools. The company recently announced two versions of the DataTraveler 4000 Gen. 2, including one that Kingston calls Management Ready. Both are FIPS 140-2 Level 3 certified with data protected by hardware-based 256-bit AES encryption in XTS mode.

The Management Ready version can be managed centrally, letting the IT department control drives when plugged into a device with Internet connectivity. Campbell said the DataTraveler also doesnt allow data to be put on a public partition; Kingston wants organizations to know they have a secure option for taking data outside the network. Encryption, combined with the speed of USB 3.0, is what customers are ultimately looking for in a portable flash drive, he said.

See more here:
Portable Flash Drives Benefit From Encryption

Apricorn Aegis Desktop 6 TB 256-Bit Encryption USB 3 Hard Drive (ADT-3PL256-6000) Quick Review
Visit http://tinyurl.com/mmhhc4o Apricorn #39;s Padlock DT is a hardware encrypted USB 3.0 Desktop drive. Simple and easy to use, Padlock DT offers unparalleled security. Additionally, Padlock...

By: Seymour Porter

More:
Apricorn Aegis Desktop 6 TB 256-Bit Encryption USB 3 Hard Drive (ADT-3PL256-6000) Quick Review - Video