If you are in the market for an encrypted flash drive you may be interested to know that Kanguru has expanded their range of Defender Hardware Encrypted Flash Drives adding new high-capacity 256GBstorage capacities. The companies Defender encrypted flash drive range have been specifically created to provide users with the highest military-grade standards for secure data storage, with AES-XTS 256-Bit hardware encryption, FIPS 140-2 Certification, remote management capabilities and tamper-proof protection.

All Kanguru Defender hardware encrypted flash drives use 256-Bit AES hardware encryption (XTS-mode). This provides organizations with full confidence that the data is protected, backed by over 25 years of trusted data security products by Kanguru. In addition, some Defender drives even exceed rigorous requirements of ultra high-security organizations with FIPS 140-2 Certification, a top-level joint certification process between NIST and CSE.

Along with these exceptional encryption features is the option for IT Administrators/Security Officers to remotely manage Kanguru Defender USB from one convenient console. KRMC offers an additional level of security to help organizations monitor their devices anywhere in the world.

For organizations with potential vulnerabilities to third-party malware tampering, Kanguru Defender encrypted flash drives are equipped with RSA-2048 digitally-signed secure firmware to help prevent these types of attacks.

Using Kanguru Defender hardware encrypted drives is a perfect solution for organizations looking to protect their sensitive data in remote, off-site environments anywhere in the world. Kanguru answers the call for mobility, flexibility and now expands on the high capacity data storage needs of todays work-from-anywhere environment.

Source : TPU

View original post here:
Kanguru expands encrypted flash drive range with new 256GB options - Geeky Gadgets

Since its release on Sunday, experts and members of the public alike have raised privacy concerns with the federal governments COVIDSafe mobile app.

The contact tracing app aims to stop COVID-19s spread by tracing interactions between users via Bluetooth, and alerting those who may have been in proximity with a confirmed case.

Read more: Explainer: what is contact tracing and how does it help limit the coronavirus spread?

According to a recent poll commissioned by The Guardian, out of 1054 respondents, 57% said they were concerned about the security of personal information collected through COVIDSafe.

In its coronavirus response, the government has a golden opportunity to build public trust. There are other ways to build a digital contact tracing system, some of which would arguably raise fewer doubts about data security than the app.

Incorporating advanced cryptography into COVIDSafe could have given Australian citizens a mathematical guarantee of their privacy, rather than a legal one.

A team at Canadas McGill University is working on a solution that uses mix networks to send cryptographically hashed contact tracing location data through multiple, decentralised servers. This process hides the location and time stamps of users, sharing only necessary data.

This would let the government alert those who have been near a diagnosed person, without revealing other identifiers that could be used to trace back to them.

Its currently unclear what encryption standards COVIDSafe is using, as the apps source code has not been publicly released, and the government has been widely criticised for this. Once the code is available, researchers will be able to review and assess how safe users data are.

COVIDSafe is based on Singapores TraceTogether mobile app. Cybersecurity experts Chris Culnane, Eleanor McMurtry, Robert Merkel and Vanessa Teague have raised concerns over the apps encryption standards.

If COVIDSafe has similar encryption standards which we cant know without the source code it would be wrong to say the apps data are encrypted. According to the experts, COVIDSafe shares a phones exact model number in plaintext with other users, whose phones store this detail alongside the original users corresponding unique ID.

US-based advocacy group The Open Technology Institute has argued in favour of a differential privacy method for encrypting contact tracing data. This involves injecting statistical noise into datasets, giving individuals plausible deniability if their data are leaked for purposes other than contact tracing.

Zero-knowledge proof is another option. In this computation technique, one party (the prover) proves to another party (the verifier) they know the value of a specific piece of information, without conveying any other information. Thus, it would prove necessary information such as who a user has been in proximity with, without revealing details such as their name, phone number, postcode, age, or other apps running on their phone.

Some approaches to contact tracing involve specialised hardware. Simmel is a wearable pen-like contact tracing device. Its being designed by a Singapore-based team, supported by the European Commissions Next Generation Internet program. All data are stored in the device itself, so the user has full control of their trace history until they share it.

This provides citizens a tracing beacon they can give to health officials if diagnosed, but is otherwise not linked to them through phone data or personal identifiers.

The response to COVIDSafe has been varied. While the number of downloads has been promising since its release, iPhone users have faced a range of functionality issues. Federal police are also investigating a series of text message scams allegedly aiming to dupe users.

The federal government has not chosen a decentralised, open-source, privacy-first approach. A better response to contact tracing would have been to establish clearer user information requirements and interoperability specifications (standards allowing different technologies and data to interact).

Also, inviting the private sector to help develop solutions (backed by peer review) could have encouraged innovation and provided economic opportunities.

Read more: COVIDSafe tracking app reviewed: the government delivers on data security, but other issues remain

Personal information collected via COVIDSafe is governed under the Privacy Act 1988 and the Biosecurity Determination 2020.

These legal regimes reveal a gap between the publics and the governments conceptions of privacy.

You may think privacy means the government wont share your private information. But judging by its general approach, the government thinks privacy means it will only share your information if it has authorised itself to do so.

Read more: The new data retention law seriously invades our privacy and it's time we took action

Fundamentally, once youve told the government something, it has broad latitude to share that information using legislative exemptions and permissions built up over decades. This is why, when it comes to data security, mathematical guarantees trump legal guarantees.

For example, data collected by COVIDSafe may be accessible to various government departments through the recent anti-encryption legislation, the Assistance and Access Act. And you could be prosecuted for not properly self-isolating, based on your COVIDSafe data.

Moving forward, we may see more iterations of contact tracing technology in Australia and around the world.

The World Health Organisation is advocating for interoperability between contact tracing apps as part of the global virus response. And reports from Apple and Google indicate contact tracing will soon be built into your phones operating system.

As our government considers what to do next, it must balance privacy considerations with public health. We shouldnt be forced to choose one over another.

Read more here:
The COVIDSafe app was just one contact tracing option. These alternatives guarantee more privacy - The Conversation AU

Of the 15 apps in total that are discussed in the guide, only three platforms didnt make the cut for Mozilla: Houseparty, Discord, and Doxy.me. SoyaCincau pic

KUALA LUMPUR, May 1 As many around the world resort to remote working conditions due to the ongoingCovid-19pandemic, the spotlight is certainly focused on video call applications available today.

Most of us have heard aboutZooms notorious problems with privacy and security, but what about the other alternatives?

Mozillahas just published a guide that takes a look at some of the more popular apps specifically, the security and privacy features of each platform.

The guide bases its assessment of each app based on its Minimum Security Standards: encryption, security updates, strong password requirements, vulnerability management, and privacy policies. Apps that meet all five criteria are certified as meeting Minimum Security Standards.

Of the 15 apps in total that are discussed in the guide, only three platforms didnt make the cut for Mozilla: Houseparty, Discord, and Doxy.me.

However, the guide has recently been updated after Discord updated its requirements for strong passwords, which means that only two apps donotmeet Mozillas minimum standards now.

Are Houseparty and Doxy.me unsafe?

Houseparty, the platform developed by Epic Games (Fortnite creators), isnt really a simple, standalone video conferencing app. Instead, the idea is for friends to hang out within the app; there are built-in games and Snapchat integration on the platform.

The issue here stems from the lack of a strong password requirement. On the app, all that is required is a minimum of five characters this means that even passwords like 12345 are accepted.

However, the app uses encryption, receives regular security updates, manages vulnerabilities, and has a privacy policy that you can viewhere.

Doxy.me, on the other hand, received the lowest score of all 15 apps reviewed.

Again, there is no strong password requirement, and Doxy.me doesnothave a a bug bounty program, although there are other mechanisms in place for users to report vulnerabilities.

The biggest issue, according to Mozilla, has to do with Doxy.mes simple, web browser-based platform. The programme is used by medical personnel to provide medical advice remotely, and does not require an app.

This means the platform fails on the security updates requirement instead, Mozilla advises users to keep their browsers up to date if/when using Doxy.me.

What about Zoom?

To be utterly frank with you, I expected Zoom to fall within the group of apps that dont meet the required standards.

However and despite the bad press the company has drawn Mozilla says that the platfrom meets all five of its security standards.

Despite the prevalence of something called Zoombombing, where strangers hijack video conferences to broadcast inappropriate content, Mozilla appears to suggest that any past mistakes are being rectified.

To Zooms credit, they have acknowledged their mistakes and seem to be working hard to fix them.

Its also worth noting that while encryption is present in all of the apps discussed, there are different types or levels of encryption.

The type of encryption that most users really want in their messaging apps is end-to-end encryption the kind present in apps like WhatsApp. Additionally, all of the apps support a feature that alerts participants if a video call is being recorded.

In general, competition is definitely heating up in the video conferencing space. Mozilla says that that can only be a good thing for users, which certainly makes sense.

The case study of Zoom is a perfect example of how accountability should work here; the notoriety of the the platforms problems resulted in a quick response from the company, with founder Eric Yuan even apologising for missteps in aninterviewonCNN.

And with remote working conditions expected to continue for now, its worth thinking about the security and privacy aspect of video calls especially for professional purposes. SoyaCincau

More:
Guide: Which video call apps are safe to use? - Malay Mail

Hermiston Police Chief Jason Edmiston

HERMISTON Encrypting police radios has been a topic of conversation in Hermiston for about three years since the Umatilla-Morrow Radio Data District is preparing to install new radios throughout the district this summer. Police Chief Jason Edmiston said the cost of that encryption was a big factor.

If encryption costs more than the radio data districts budget or if the city of Hermiston has to pony up for encryption, we were not interested, Edmiston said. The company that theyre going with has encryption included in the price.

Edmiston said the main reason why the city supports encrypted radio traffic is due to protecting confidential information.

I think inevitably that the Criminal Justice Information System is probably going to take a path that if you have a radio system that is able to be encrypted, thou shalt encrypt, he said.

Law enforcement have cited criminals using hand-held scanners to avoid law enforcement as one issue that speaks in favor of encryption. Edmiston said that the biggest issue for his department is the amount of personal information thats broadcast over the radios.

There is a lot a person can glean from listening to the radio, he said. I think every officer has had experience with people that collect that information. I know I personally have.

Edmiston said that people can still request radio traffic regarding a particular issue, but it will mean that those who listen to scanners at home, which could upset some Facebook page operators.

Theres various Facebook websites that are probably going to be up in arms, he said. I understand that. At the end of the day, that radio traffic is still accessible through the Oregon open records law.

The radios will be installed in patrol vehicles once the trees are in full leaf. That will help the district determine potential radio dead spots.

Read this article:
HPD is on board with encrypted radios - My Columbia Basin

The Mobile Encryption Market has witnessed continuous growth in the last few years and is projected to grow even further during the forecast period of 2020-2026. The exploration provides a 360 view and insights, highlighting major outcomes of the industry. These insights help the business decision-makers to formulate better business plans and make informed decisions to improved profitability. In addition, the study helps venture or private players in understanding the companies in more detail to make better informed decisions. Some of the major and emerging players in the Global Mobile Encryption market are McAfee(Intel Corporation), Blackberry, T-Systems International, ESET, Sophos, Symantec Corp, Check Point Software Technologies, Ltd., Dell, IBM, Mobileiron, BeiJing Zhiyou Wangan Tech. Co. Ltd, CSG,Inc., Hewlett Packard Enterprise, Proofpoint, Inc., Silent Circle & Adeya SA

If you are part of this market, then Get to Know how you are perceived in comparison to your competitors McAfee(Intel Corporation), Blackberry, T-Systems International, ESET, Sophos, Symantec Corp, Check Point Software Technologies, Ltd., Dell, IBM, Mobileiron, BeiJing Zhiyou Wangan Tech. Co. Ltd, CSG,Inc., Hewlett Packard Enterprise, Proofpoint, Inc., Silent Circle & Adeya SA; Get an accurate view of your business in Global Mobile Encryption Marketplace with latest study published by HTF MIGet Sample PDF with Latest Sales & Market Sizing Figures @:https://www.htfmarketreport.com/sample-report/2227674-2013-2028-report-on-global-mobile-encryption-market

The Players Profiled in the Report:McAfee(Intel Corporation), Blackberry, T-Systems International, ESET, Sophos, Symantec Corp, Check Point Software Technologies, Ltd., Dell, IBM, Mobileiron, BeiJing Zhiyou Wangan Tech. Co. Ltd, CSG,Inc., Hewlett Packard Enterprise, Proofpoint, Inc., Silent Circle & Adeya SA

Breakdown by type, the market is categorized as:, Disk Encryption, File/Folder Encryption, Communication Encryption, Cloud Encryption & Other

By end users/application, market is sub-segmented as:BFSI, Healthcare & Retail, Government and Public Sector, Telecommunications and IT & Other

Regional Analysis for Mobile Encryption Market:North America, Europe, Asia-Pacific etc

The Global Mobile Encryption Market study covers current status, % share, future patterns, development rate, SWOT examination, sales channels, to anticipate growth scenarios for years 2020-2026. It aims to recommend analysis of the market with regards to growth trends, prospects, and players contribution in the market development. The report size market by 5 major regions, known as, North America, Europe, Asia Pacific (includes Asia & Oceania separately), Middle East and Africa (MEA), and Latin America and further into 15+ country level break-up that includes China, the UK, Germany, United States, France, Japan, batch of Southeast Asian & Nordic countries.

If you need any specific requirement Ask to our Expert @https://www.htfmarketreport.com/enquiry-before-buy/2227674-2013-2028-report-on-global-mobile-encryption-market

For Consumer Centric Market, Survey or Demand Side Analysis can be provided as part of customization which consider demographic factor such as Age, Gender, Occupation, Income Level or Education while gathering data. (if applicable)

Consumer Traits (If Applicable) Consumer Buying patterns (e.g. comfort & convenience, economical, pride) Buying behavior (e.g. seasonal, usage rate) Customer Lifestyle (e.g. health conscious, family orientated, community active) Expectations (e.g. service, quality, risk, influence)

The Mobile Encryption market factors described in this report are:-Key Strategic Developments in Mobile Encryption Market:The research includes the key strategic activities such as Research & Development (R&D) initiatives, Merger & Acquisition (M&A) completed, agreements, new launches, collaborations, partnerships & (JV) Joint ventures, and regional growth of the key competitors operating in the market at global and regional scale to overcome current slowdown due to COVID-19.

Key Market Features in Global Mobile Encryption Market:The report highlights Mobile Encryption market features, including revenue size, weighted average regional price, capacity utilization rate, production rate, gross margins, consumption, import & export, demand & supply, cost bench-marking in Mobile Encryption, market share and annualized growth rate (Y-o-Y) and Periodic CAGR.

Analytical Market Highlights & ApproachThe Global Mobile Encryption Market report provides the rigorously studied and evaluated data of the top industry players and their scope in the market by means of various analytical tools. The analytical tools such as PESTLE analysis, porters five forces analysis, feasibility study, SWOT analysis by players, BCG matrix, heat map analysis, and ROI analysis have been practiced reviewing the growth of the key players operating in the market.

Extracts from Table of Contents :Global Mobile Encryption Market Study Coverage :It includes major manufacturers, emerging players growth story, major business segments of Global Mobile Encryption market, years considered, and research objectives. Additionally, segmentation on the basis of the type of product, application and technology.

Global Mobile Encryption Market Executive SummaryIt gives a summary of overall studies, growth rate, available market, competitive landscape, market drivers, trends, and issues, and economic indicators.Mobile Encryption Market Production by RegionMobile Encryption Market Profile of ManufacturersPlayers are studied on the basis of SWOT, their products, production, value, financials, and other vital factors.

To review full table of contents click here @https://www.htfmarketreport.com/reports/2227674-2013-2028-report-on-global-mobile-encryption-market

Key Points Covered in Mobile Encryption Market Study :Mobile Encryption Overview, Definition and ClassificationMarket drivers and barriersMobile Encryption Market Competition by ManufacturersMobile Encryption Capacity, Production, Revenue (Value) by Region (2020-2026)Mobile Encryption Supply (Production), Consumption, Export, Import by Region (2020-2026)Mobile Encryption Production, Revenue (Value), Price Trend by Type {, Disk Encryption, File/Folder Encryption, Communication Encryption, Cloud Encryption & Other}Mobile Encryption Market Analysis by Application {BFSI, Healthcare & Retail, Government and Public Sector, Telecommunications and IT & Other}Mobile Encryption Manufacturers Profiles/AnalysisMobile Encryption Manufacturing Cost AnalysisIndustrial/Supply Chain Analysis, Sourcing Strategy and Downstream BuyersMarketing Strategy by Key Manufacturers/Players, Connected Distributors/TradersStandardization, Regulatory and collaborative initiativesIndustry road map and value chainMarket Effect Factors Analysis

Buy the PDF Report @https://www.htfmarketreport.com/buy-now?format=1&report=2227674

Thanks for reading this article; you can also get individual chapter wise section or region wise report version like Complete America, LATAM, Europe, Nordic regions, Oceania or Southeast Asia or Just Eastern Asia.

About Author:HTF Market Report is a wholly owned brand of HTF market Intelligence Consulting Private Limited. HTF Market Report global research and market intelligence consulting organization is uniquely positioned to not only identify growth opportunities but to also empower and inspire you to create visionary growth strategies for futures, enabled by our extraordinary depth and breadth of thought leadership, research, tools, events and experience that assist you for making goals into a reality. Our understanding of the interplay between industry convergence, Mega Trends, technologies and market trends provides our clients with new business models and expansion opportunities. We are focused on identifying the Accurate Forecast in every industry we cover so our clients can reap the benefits of being early market entrants and can accomplish their Goals & Objectives.

Contact US :Craig Francis (PR & Marketing Manager)HTF Market Intelligence Consulting Private LimitedUnit No. 429, Parsonage Road Edison, NJNew Jersey USA 08837Phone: +1 (206) 317 1218sales@htfmarketreport.com

Connect with us atLinkedIn|Facebook|Twitter

Read more here:
Mobile Encryption Market: Study Navigating the Future Growth Outlook - MR Invasion

The National Institute for Mathematical Sciences announced on April 27 that it has developed a multivariate and simultaneous quadratic equation-based public-key encryption algorithm capable of coping with attacks by means of quantum computers.

According to the institute, the algorithm is designed such that a users digital signature value can never be falsified unless the solution of a multivariate and simultaneous quadratic equation is obtained. Unlike existing public-key encryption algorithms such as RSA and ECDSA, the algorithm is not based on integer factorization and discrete logarithm equation, and thus Shors algorithm is not applied to the algorithm, it added.

The new algorithm allows quick encryption even in a low-performance CPU and is applicable to IoT devices equipped with such CPUs. The institute explained that the application of the algorithm to an 8-bit CPU resulted in public-key encryption 30 times faster than the international standard.

With public-key cryptography highly dependent on foreign technologies, the new algorithm is very meaningful in terms of integrity, authentication, non-repudiation, and many more, the institute said, adding, It is expected to be utilized for device authentication in various environments such as self-driving cars, unmanned aerial vehicles, smart manufacturing and wearable devices.

Excerpt from:
Innovative Encryption Algorithm Developed in South Korea - BusinessKorea

Data security is one of the most daunting tasks for IT and infosec professionals. Each year, companies of all sizes spend a sizable portion of their IT security budgets protecting their organizations from hackers intent on gaining access to data through brute force, exploiting vulnerabilities or social engineering. Throughout this guide are links that will help you learn more about the challenges related to securing sensitive data, ensuring compliance with government and industry mandates, and maintaining customer privacy. Along with the challenges, you'll find advice on how to solve them.

The average cost of a data breach in 2019 was calculated at $3.92 million, according to a report by the Ponemon Institute and IBM Security. High-profile companies such as Capital One, Evite and Zynga experienced data breaches that exposed more than 100 million customer accounts each. The average security incident in 2019 involved 25,575 accounts, according to the report. To make matters worse, this information must be disclosed to customers, and organizations could potentially wind up as cautionary tales.

The lessons from these breaches are numerous, including the need to do the following:

The move to the cloud presents an additional threat vector that must be well understood in respect to data security. The 2019 SANS State of Cloud Security survey found that 19% of survey respondents reported an increase in unauthorized access by outsiders into cloud environments or cloud assets, up 7% since 2017.

Ransomware and phishing also are on the rise and considered major threats. Companies must secure data so that it cannot leak out via malware or social engineering.

Breaches can be costly events that result in multimillion-dollar class action lawsuits and victim settlement funds. If companies need a reason to invest in data security, they need only consider the value placed on personal data by the courts.

Sherri Davidoff, author of Data Breaches: Crisis and Opportunity, listed five factors that increase the risk of a data breach: access; amount of time data is retained; the number of existing copies of the data; how easy it is to transfer the data from one location to another -- and to process it; and the perceived value of the data by criminals.

Many organizations realize that the value of data and the cost to protect data are increasing simultaneously, making it near impossible to protect data by just layering on more security. Instead, IT and infosec teams must think proactively and creatively about their data protection strategies.

They should also assess their risk versus the protections their current security investments provide and make decisions accordingly. To do so requires an unprecedented level of visibility that most organizations do not possess right now.

Security expert Ashwin Krishnan advised IT and security professionals to focus on three key aspects when trying to improve data security in the modern enterprise: the more data generated and collected presents a bigger "surface" for data breaches; customer rights expand with new regulatory compliance and privacy compliance mandates, such as GDPR and the California Consumer Privacy Act; and companies have to be aware if they are involved in data brokering.

Data security has myriad aspects that protect information at rest, in motion and in use. Here are some technologies widely used by enterprises to protect data.

EncryptionOne of the most basic concepts of data security is encryption, as simply encrypting sensitive data can go a long way toward meeting privacy and compliance mandates and keeping sensitive information safe from hackers.

Encryption is not a one-size-fits-all proposition, as organizations must select the encryption algorithm that matches their enterprise security requirements. Our encryption tutorial deciphers the differences and helps you select the best approach for your organization.

The most common form of encryption -- symmetric -- involves converting plaintext to ciphertext using the same key for encryption and decryption. Asymmetric encryption uses two interdependent keys -- one to encrypt the data and one to decrypt it. Symmetric encryption has many "flavors," including Advanced Encryption Standard and Triple DES. Asymmetric has the Diffie-Hellman key exchange and RSA, among others. Companies that don't want to encrypt all their information must determine the priority of data through classification.

Perimeter securityIntrusion detection systems and intrusion prevention systems, along with access control lists, beef up an organization's security perimeter and reduce the severity of attacks that get through. Meanwhile, endpoint security management can track malware signatures and prevent them from causing harm. Networking expert Kevin Tolly explained the need for a multipronged approach to data security, as well as the unique traits of fast-and-frontal attacks compared to low-and-slow attacks.

Data loss prevention (DLP)DLP prevents users from transferring sensitive data, and organizations can roll it out as enterprise security software. DLP tools can be deployed as agents on endpoints or agentless at the network level. Learn how to choose DLP products as well as considerations for DLP deployment.

DLP software often includes templates to aid compliance with specific mandates, such as HIPAA and PCI DSS.

A cloud access security broker (CASB) also performs DLP tasks and can help mitigate the threat to data in the cloud. CASBs actively intervene in user-to-cloud application sessions by intercepting session traffic, helping to monitor and enforce corporate security policies. CASBs scan data objects, such as files and documents, to ensure they comply with corporate standards and government regulations.

Data security, often thought to be about the prevention, detection and mitigation tools an organization uses, is just as much about strategy and the implementation of best practices. A good start to developing a strategy lies in focusing on the following areas.

Governance, risk and compliance (GRC)Some companies use GRC as a framework for ensuring data security and privacy compliance. Governance refers to how a company uses information management systems and hierarchical controls to ensure adherence. Risk management is the identification, analysis and response to potential risks. Compliance is the assurance of conformity to regulations and corporate policies when handling data. Integrated risk management takes GRC a step further to speed up decision-making and performance.

Insider threatsThe human aspect -- or insider threat -- is often underestimated or even overlooked when companies develop a data security strategy. Privacy and risk management expert Sudeep Venkatesh said targeted phishing attacks and business email compromise attacks, which are aimed at top people in the organization, cause the most harm in terms of data loss. To combat this trend, companies should enact best practices that marry prevention and protection so that communication is secured and delivered to the appropriate person. If no action is taken, companies are left vulnerable to breaches initiated by an action taken by an insider -- whether malicious or accidental.

Social mediaSocial media is another vector users fall prey to when it comes to inviting malware into the enterprise. For instance, hackers will take advantage of users who search for "cheat codes" to access third-party applications, such as games on platforms like Facebook, for free. The cheat codes can be Trojans that enable a bad actor to control a device, install ransomware, activate the camera or microphone, and record keystrokes to steal passwords. Third-party applications are just one of many enterprise social media risks that should be monitored and mitigated.

Visibility and discoveryOrganizations also stumble on the data governance front when they are unable to locate critical data that lives in nooks across the enterprise. For instance, protecting data is a Herculean task when users can download sensitive information onto their hard drives and out-of-sight of compliance tools. Government regulations and corporate standards are pushing companies to gain better visibility into how they are handling, storing and processing data.

Cloud-based data also requires a discovery mechanism to ensure governance. Before deploying any project into the cloud, IT and security teams should understand the data types that will be involved, and they should each be categorized and assessed for risk.

Password hygieneOne of the more straightforward data security best practices is centered around passwords, which are a universal point of vulnerability for organizations. The 2019 Verizon Data Breach Investigations Report found that 80% of hacking-related breaches can be linked to stolen and reused credentials. Password spraying, keylogger attacks and other brute-force hacking techniques put on full display the weakness of traditional passwords. In addition, most users have far too many business application passwords to easily remember, resulting in poor password hygiene, which means not being unique enough or changed often enough.

Making passwords longer isn't necessarily the answer. They need to be more complex or be used in conjunction with tokens, biometrics or other types of authentication. Users also can deploy enterprise password managers, which store the encrypted passwords they use across applications, to ease the burden of remembering every application's sign-on.

Database protectionDatabases require best practices to secure the data within them as well. Four simple steps can ensure sensitive information stays protected:

Developing, implementing and enforcing data security best practices is made easier if organizations fully understand the privacy and compliance mandates to which they must adhere.

The California Consumer Privacy Act (CCPA) went into effect January of this year. It enforces consumers' rights to control their personal information. Many experts believe a version of the CCPA will likely become federal law. CCPA itself is a take on the European Union's General Data Protection Regulation, which also protects consumers' personal data.

While companies worry that the cost to comply with government mandates could be prohibitive, many are still going forward in their efforts to ensure data is able to be discovered, reported on and erased. That way, when consumers request to see their data and then delete it, businesses will be ready.

To follow the multiple compliance mandates, organizations can create a data inventory, establish processes to get consumers their information under deadline and make updates to their privacy statement.

AI and machine learning are going to be key in compliance efforts going forward. Companies are looking to automate some regulatory compliance processes, including data location and extraction. Inventories, as security expert Michael Cobb noted, become outdated unless automated scanning tools are deployed to sustain data discovery capture by recording regular snapshots of all applications and repositories where personal information resides. Automation, in his opinion, is the only way large organizations can remain compliant with a large volume of data that is structured and unstructured and stored in data centers and in the cloud.

Next-generation technology could also help companies fall in line with other compliance mandates, such as PCI DSS. For companies that have lagged behind on compliance, some security experts suggest considering a zero-trust model as a security strategy. With zero trust, companies would look at the full lifecycle of data management and broaden their focus beyond just payment card data to other forms of personal data, including financial data, intellectual property and customer data. They would make no assumptions on where data is expected to be found or how it is being used -- only that the risk must be mitigated.

Data security will remain a significant challenge well into the future, but creative applications of AI and machine learning and zero-trust models will help IT and infosec teams protect data and ensure consumer privacy.

Read the original post:
Data security guide: Everything you need to know - TechTarget

Seattle, WashingtonOn Tuesday, April 28, at 9 am, Electronic Frontier Foundation (EFF), the American Civil Liberties Union (ACLU), and Stanford cybersecurity scholar Riana Pfefferkorn will ask a federal appeals court to embrace the publics First Amendment right to access judicial records and unseal a lower courts ruling denying a government effort to force Facebook to break the encryption of its Messenger service.

Media widely reported in 2018 that a federal court in Fresno, California, denied a government request that would have required Facebook to compromise the security and privacy promised to users of its Messenger application. But the courts order and details about the legal dispute have been kept secret, preventing people from learning about how DOJ sought to break Facebooks encryption, and why a federal judge rejected those efforts.

ACLU Surveillance and Cybersecurity Counsel Jennifer Granick will argue on behalf of EFF, ACLU, and Pfefferkorn that the public has a right to know when and how law enforcement tries to compel a companyone that hosts millions of peoples private communicationsto circumvent its own security features and hand over the contents of its users voice calls and other private conversations. This is especially important now, as the Justice Department has repeatedly said that it wants access to encrypted communications, a position that endangers peoples privacy and undermines the security of everyones information.

The court will hear the argument remotely via videoconference, which will be livestreamed for the public on the website of the U.S. Court of Appeals for the Ninth Circuit.

WHO: ACLU Attorney Jennifer Granick

WHAT:Oral arguments in ACLU Foundation v. DOJ

WHEN:TuesdayApril 289 am

Livestream:https://www.ca9.uscourts.gov/media/live_oral_arguments.php

For more on this case:https://www.eff.org/cases/eff-aclu-v-doj-facebook-messenger-unsealing

See the rest here:
Hearing Tuesday: EFF, ACLU, and Cybersecurity Expert Ask Court to Unseal Ruling Denying DOJ Effort to Break Encryption - EFF

The report on Global Data Encryption Service Market documents a detailed study of different aspects of the Global Data Encryption Service Market. It shows the steady growth in market in spite of the fluctuations and changing market trends. In the past four years the Global Data Encryption Service Market has grown to a booming value of $xxx million and is expected to grow more. Every market intelligence report is based on certain important parameters. It includes a meticulous analysis of market trends, market shares and revenue growth patterns and the volume and value of the market. Market studies are based on methodical researches.

Request a sample of this report @ https://www.orbisresearch.com/contacts/request-sample/4589757

This report on Global Data Encryption Service Market is also based on a meticulously structured methodology. These methods help to analyze markets on the basis of thorough research and analysis. Generally, research includes information about manufacturers, vendors, products, consumers, research papers and more. The analysis part mostly includes qualitative and quantitative analysis of markets like business models, market forecasts, market segmentations and other aspects that help in analysis. Every market research study gives specified importance to manufacturers dwelling in that market. A detailed analysis of manufacturers or key players is essential for anyone seeking to jumpstart business in any market.

Major companies of this report:

MicrosoftIBMOneNeckFlexentialGemaltoAmazon Web Services (AWS)Digital Guardian

Browse the complete report @ https://www.orbisresearch.com/reports/index/global-data-encryption-service-market-report-2020

Competitive analysis or competitor study includes detailed information of manufacturers business models, strategies, revenue growth and all the data required that would benefit the person conducting the market research. For new investors and business initiatives market research is a must as it gives them a direction and a plan of action to move forward keeping in mind their competitors. Global Data Encryption Service Market segmentation is also an important aspect of any market research report. Market segmentation is mostly based on demography, geography and behavior. It helps understand the consumers and their demands and behavior towards a particular product or market. Another important aspect covered in any market research report and is also a part of market segmentation is the regional study of the market. This section focusses on the regions with significant advancements in a particular market.

Segmentation by Type:

SymmetricAsymmetric Encryption

Segmentation by Application:

SMEsLarge Enterprise

Regional analysis of any market can give a detailed overview of regions which have more business opportunities, revenue generation potential and a forecast of next few years. For any new business establishment or business looking to upgrade and make impactful changes in their businesses, this particular section in a market report is very important. In this Global Data Encryption Service Market report, the region highlighted the most is North America. For many markets this region is of extreme importance.

Following regions are covered in Global Data Encryption Service Market Industry report:North America Country (United States, Canada)South AmericaAsia Country (China, Japan, India, Korea)Europe Country (Germany, UK, France, Italy)Other Country (Middle East, Africa, GCC)

Make an enquiry of this report @ https://www.orbisresearch.com/contacts/enquiry-before-buying/4589757

About Us :

Orbis Research (orbisresearch.com) is a single point aid for all your market research requirements. We have vast database of reports from the leading publishers and authors across the globe. We specialize in delivering customized reports as per the requirements of our clients. We have complete information about our publishers and hence are sure about the accuracy of the industries and verticals of their specialization. This helps our clients to map their needs and we produce the perfect required market research study for our clients.

Contact Us :

Hector CostelloSenior Manager Client Engagements4144N Central Expressway,Suite 600, Dallas,Texas 75204, U.S.A.Phone No.: +1 (972)-362-8199; +91 895 659 5155

Original post:
Data Encryption Service Market by Top Players, Types, Key Regions, Applications and Forecast to 2024 Aminet Market Reports - amitnetserver

A recent report has revealed that the Samsung Galaxy A71 5G will launch with a Quantum Encryption chip technology in South Korea. The worlds largest smartphone brand was previously tipped to launch the first smartphone equipped with a quantum encryption chip, so this device might feature the technology.

According to reports from South Korean news agencies, Samsung and SK Telecom are gearing up for the launch of a smartphone equipped with Quantum technology chip for encryption. The device in question is expected to be announced in May 2020 and will be found in the Samsung Galaxy A71 5G. The South Korean tech giant will be integrating the Quantum encryption chip into the motherboard of the handset (with reports also claiming a rebranding to Samsung Galaxy Quantum).

For those unaware, the Quantum encryption chip technology enhances the smartphones data protection. In other words, it improves the security of the device and helps in better protecting sensitive data held within a device. Furthermore, it will make it harder for hackers to steal data from your handset.

Samsung smartphone that arrives with the new Quantum encryption chip will have their data encrypted in the form of random numbers. So even if the hacker attempts to read the memory, he would have to first pass the chips certification process before getting an approval. Similar to Samsung, even Sony has been reportedly working on the inclusion of Quantum encryption technology in its products.

(Via)

See original here:
Samsung A71 5G tipped to launch in S. Korea with a Quantum Encryption Chip - gizmochina