Mar 14, 2016

5 Encryption Methods That Will Change the Face of Business in 2016

As a result of the San Bernardino County shootings, a Federal judge has ordered Apple to unlock one of the shooter’s iPhones. Apple has denied the request, citing customer privacy violations if it overrode its encryption process.

A four-digit lock has more than 5,000 permutations and six digits jumps to 150,000 possibilities. Encryption methodology is fast evolving and the smart business owner will need to stay aware of the changes.

Secure Sockets Layer

The Secure Sockets Layer (SSL) is the most common method of encryption because it works so well. This is used to transfer data from one place to another without fear of a person intercepting and reading the information. It requires the creation of a public and private certificate at the sender and receiver end of the communication. At the time of the connection, called the SSL handshake, a one-time session key is created. Without all of these keys, the SSL link cannot be made. This powerful encryption method is what is used by cloud solutions provider Mozy to make certain that customer information stays safe. Because of this high level of safety, encryption has opened up a world of cloud-based computing and globally located staff at many companies around the world.

Chaotic Encryption

This security technique takes advantage of modern chaos theory, which is a mathematical process of making predictions out of bounded random events. Encryption using chaos starts by taking the text and overlaying it on an image. This image is cut into a predetermined amount of grids. Each of these mini-pieces is rearranged randomly using a math key. When transmitted, these pieces have billions of combinations without the key. Because of its high level of sophistication and mathematical knowledge, chaos cryptography is sought after by governmental agencies.

Advanced Encryption Standard

Like SSL, Advanced Encryption Standard (AES) is symmetric, meaning that there is a key at the sending side and the receiving end. AES is a specific algorithm set that uses the key as a base of the mathematical equation. The key length can be 128, 192 or 256 bits long, giving billions of permutations.

This is the technology that you see in ATMs. Since banking machines are fixed in one location and do not require multiple servers, the codes can be stored without fear of detection. A person would need to cut into the ATM or dig up the shielded wiring in order to tap into this information.

Data Encryption Standard

Data Encryption Standard (DES) uses asynchronous algorithms, in which the sender and receiver have different keys. DES is used less often than the others because the math behind it somewhat caps the key length to 16. You would find DES in computer systems that do not require a lot of security.

Hardware Based

In 2015, the three largest credit organizations (Europay, MasterCard and Visa) changed their credit card technology, adding a chip to each card. Where we see consumer safety, the cybersecurity professional sees hardware driven encryption. In each of the cards is a chip with a unique set of instructions. Whenever you use the card, a one-time transaction code is generated. This way every transaction is unique. Even if a thief was able to copy the information from the purchase, the key would not work a second time. The EMV chip is being hyped as the cyber security breakthrough that will make mobile shopping safe.

Mar 10, 2016

Incapsula had a major worldwide outage last night

Do you use Imperva's Incapsula service for CDN and cloud load balancing? Well we certainly do at my day job, and they really screwed the pooch big time last night! I got woken up around 3:00am MST to the lovely sound of my phone ringing because my alert service was calling to let me know that ALL of my company's sites were down, and they were down for about 30 minutes!

According to Incapsula's status page, here is their explanation:
A rare edge case triggered an error on the Incapsula service and caused a system wide ripple effect making sites inaccessible. The issue was identified immediately and corrective actions were taken to restore service levels. 
Besides this issue, there is another issue I am dealing with in regards to the way Incapsula handles SSL certificates for legacy clients. By legacy clients, I mean clients that still use IE6 or some other application that doesn't support SNI. For clients that support SNI, Incapsula hands them our SSL certificate, and if the client doesn't support SNI then Incapsula hands them their  SSL certificate. Why? Who knows?!

You might be thinking to yourself, why would that matter? Well, it matters if you have clients that use Java based applications that don't support SNI, and are configured to manually trust SSL certificates instead of trusting the certificate authority. It would be less of an issue if Incapsula's SSL certificates lasted a year or so, but they renew themselves every two months! It's a nightmare!

Needless to say, we are pretty frustrated with Incapsula at the moment. If you are thinking about using them you might consider another CDN provider like Akamai or CloudFlare.

Do you use Incapsula? Were you impacted last night? Let us know in the comments.



Twitter Delicious Facebook Digg Stumbleupon Favorites More

 
Design by Free WordPress Themes | Bloggerized by Lasantha - Premium Blogger Themes | stopping spam