Category Archives: Encryption

Encrypting Cloud Email Isnt as Easy as You’d Think

Posted on by

Fund managers need to consider who holds the encryption keys for cloud-based email, or face potential legal risks.

One of the major stumbling blocks of moving email into the cloud is the perceived data security problem. While there are many benefits to using cloud-based systems, the downside is that data security and privacy is always a top concern for financial firms.

Sandton Capital, a New York-based private equity firm focused on alternative credit opportunities, decided not to host email on its own premises. Instead, it chose to use Gmail, hosted by Google. As the investment firm grew, and it looked at the kind of data it was emailing, it began to focus on the safety and security of this information. With so much of its confidential data related to investors and lenders via email, Sandton turned to cloud-based encryption to protect its data.

We looked at Gmail for a number of ways to encrypt it, and none of them were very seamless, says Rael Nurick, managing partner at Sandton Capital, which manages a $750 million investment fund. While Google offered email encryption, the process required the recipient to register on a different website to decrypt and open the email. In addition, Sandton used Google Apps and found it wasnt that good at seamlessly syncing with other devices.

While hackers and cyber security data breaches are always a concern, this was not the reason that Sandton was concerned about protecting its email. With $750 million under management, there are several hundred positions in its portfolio. We send emails about those positions, and theres information on investors, too, Nurick tells us.

[Do you aspire to the C-suite, or some other spot in upper IT management? Then bulk up your credentials around today's most pressing IT movement, digital business, at the InformationWeek IT Leadership Summit.]

Nurick says that, although security from hackers is important, the firm was even more concerned about outside parties accessing Sandtons emails through a subpoena or legal proceeding. Often, when an email hosting provider is issued a subpoena, it complies immediately and turns over the required emails immediately. Without any oversight by Sandton, he felt, the actions by an email hosting service could add vulnerabilities.

Since Sandtons specialty is purchasing under-performing bank loans and providing rescue finance to troubled companies, it does get into litigation occasionally. The private equity firm had two different sets of data it needed to protect:

Most importantly, Sandton needs to make sure that no outside party, even if they get hold of the data, can read the information, Nurick says.

Different flavors of cloud encryptionNurick feared that he would lose control of his data to third-party hosting companies if they were to receive a court order to turn over confidential email. Big hosting companies like Microsoft and Google have no incentive to do anything but give away all of your emails.

Continued here:
Encrypting Cloud Email Isnt as Easy as You'd Think

Is Encryption the Answer as Snowden Said? – Experts Weigh In – Video

Posted on by


Is Encryption the Answer as Snowden Said? - Experts Weigh In
Ever since Edward Snowden released documents from the NSA, he #39;s been talking about one thing: encryption. So we decided to ask the experts we speak to for their thoughts. Did they agree with...

By: HackSurfer

Here is the original post:
Is Encryption the Answer as Snowden Said? - Experts Weigh In - Video

FBI director slams Apple over iPhone encryption

Posted on by

FBI director James Comey says he doesn't understand why Apple and others are making devices that allow people to place themselves beyond the law. Photo: Reuters

FBI director James Comey sharply criticised Apple and Google on Thursday for developing forms of smartphone encryption so secure that law enforcement officials cannot easily gain access to information stored on the devices - even when they have valid search warrants.

His comments were the most forceful yet from a top government official but echo a chorus of denunciation from law enforcement officials across the United States. Police have said that the ability to search photos, messages and web histories on smartphones is essential to solving a range of serious crimes, from murder to child pornography to attempted terrorist attacks.

"There will come a day when it will matter a great deal to the lives of people that we will be able to gain access" to such devices, Mr Comey told reporters in a briefing. "I want to have that conversation [with companies responsible] before that day comes."

Hard to crack: The new iPhone 6. Photo: Daniel Munoz/Fairfax Media via Getty Images

Mr Comey added that FBI officials already have made initial contact with the two companies, which announced their new smartphone encryption initiatives last week. He said he could not understand why companies would "market something expressly to allow people to place themselves beyond the law".

Advertisement

Mr Comey's remarks followed news last week that Apple's latest mobile operating system, iOS 8, is so thoroughly encrypted that the company is unable to unlock iPhones or iPads for police. Google,meanwhile, is moving to an automatic form of encryption for its newest version of Android operating system that the company also will not be able to unlock, though it will take longer for that new featureto reach most consumers.

Both companies, contacted on Thursday afternoon in the United States, declined to offer immediate reaction to Mr Comey's comments.

The FBI is unhappy with Apple iPhone encryption levels. Photo: Mark Lennihan.

View original post here:
FBI director slams Apple over iPhone encryption

FBI director concerned about encryption on smartphones

Posted on by

The U.S. Federal Bureau of Investigation is concerned about moves by Apple and Google to include encryption on smartphones, the agencys director said Thursday.

Quick law enforcement access to the contents of smartphones could save lives in some kidnapping and terrorism cases, FBI Director James Comey said in a briefing with some reporters. Comey said hes concerned that smartphone companies are marketing something expressly to allow people to place themselves beyond the law, according to news reports.

An FBI spokesman confirmed the general direction of Comeys remarks. The FBI has contacted Apple and Google about their encryption plans, Comey told a group of reporters who regularly cover his agency.

Just last week, Google announced it would be turning on data encryption by default in the next version of Android. Apple, with the release of iOS 8 earlier this month, allowed iPhone and iPad users to encrypt most personal data with a password.

Comeys remarks, prompted by a reporters question, came just days after Ronald Hosko, president of the Law Enforcement Legal Defense Fund and former assistant director of the FBI Criminal Investigative Division, decried mobile phone encryption in a column in the Washington Post.

Smartphone companies shouldnt give criminals one more tool, he wrote. Apples and Androidsnewprotections will protect many thousands of criminals who seek to dous greatharm, physically orfinancially. They will protect those who desperately need to be stoppedfrom lawful, authorized, and entirelynecessary safety and security efforts. And they will make it impossible for police to access crucial information, even with a warrant.

Representatives of Apple and Google didnt immediately respond to requests for comments on Comeys concerns.

Grant Gross covers technology and telecom policy in the U.S. government for The IDG News Service. More by Grant Gross

For comprehensive coverage of the Android ecosystem, visit Greenbot.com.

Excerpt from:
FBI director concerned about encryption on smartphones