Archive for January, 2013

3 charged in malware scheme targeting bank accounts

January 21st, 2013

U.S. authorities have charged three foreign nationals with creating and distributing a virus that allowed thieves to steal tens of millions of dollars from victims’ bank accounts.

The three are accused of creating the Trojan virus Gozi, which infected more than 1 million computers worldwide and 40,000 in the United States, including computers belonging to NASA, according to court documents unsealed today by U.S. Attorney Preet Bharara in Manhattan. Nikita Kuzmin, 25, Deniss Calovskis, 27, and Mihai Ionut Paunescu, 28, are accused of creating “one of the most financially destructive computer viruses in history.”

The malware installed itself on computers after users clicked on an apparently benign PDF file embedded in an e-mail, allowing the cybercriminals to siphon user names, passwords, and other security information used to hijack online bank accounts, prosecutors alleged.

“Banking Trojans are to cybercriminals what safe-cracking or acetylene torches are to traditional bank burglars — but far more effective and less detectable,” FBI Assistant Director-in-Charge George Venizelos said in a statement. “The investigation put an end to the Gozi virus.”

Kuzmin, a Russian national who was arrested in 2010, pleaded guilty to bank fraud charges in 2011 and agreed to cooperate with federal prosecutors. Kuzmin began conceiving Gozi in 2005 to steal bank account information and hired co-conspirators to write the virus’ source code, prosecutors said today.

Kuzmin then rented out the malware to cybercriminals for a weekly fee through a business he called “76 Service,” before eventually selling the virus to his co-conspirators in 2009, according to court documents. Calovskis, of Latvia, is accused of writing the virus’ code, while Paunescu, of Romania, allegedly provided “bullet-proof hosting” to distribute Gozi.

The U.S. is seeking extradition of Kuzmin’s alleged co-conspirators, who were arrested late last year in their home countries. It was not immediately clear who, if anyone, had been hired to represent the defendants in court. The trio faces up to 60 to 95 years in prison if convicted of the charges.

Get your personal as well as office laptops encrypted by Alertsec

Unencrypted laptops present a major risk of data loss. 80% of information theft is due to lost or stolen laptops and other equipment. About 50% of network intrusions are performed with credentials gathered from lost or stolen devices. The penalties for a data breach are severe not only in terms of the monetary fines imposed on the organization, but also the potential loss of trust from customers and suppliers. Encryption software greatly enhances the security of your organization’s data as the information is not compromised if a laptop is lost or stolen.

Alertsec Xpress is the full disk encryption service that delivers a mobile data protection system for all information stored on laptops used throughout your organization.

Enhanced by Zemanta

WhatsApp privacy practices under scrutiny

January 19th, 2013

One of the world’s most popular cross-platform applications “violates” international privacy laws, according to the Canadian and Dutch data protection authorities, because it requires users to provide their entire contact list to the service.

The Office of the Privacy Commissioner of Canada and the Dutch Data Protection Authority today announced their findings for what they called a “collaborative investigation into the handling of personal information” by the California-based company.

WhatsApp, an instant messenger application for iPhone, Android devices, and BlackBerry smart phones, provides a free service to rival text messaging, and sends more than 1 billion messages to users around the world every day.

In a statement, the agencies concluded that the application violated privacy laws in both the Netherlands and Canada because users had to provide access to all of their phone book contacts, including users and non-users of the application.

“The investigation revealed that users of WhatsApp — apart from iPhone users who have iOS 6 software — do not have a choice to use the app without granting access to their entire address book. The address book contains phone numbers of both users and non-users,” Jacob Johnstamm, chairman of the Dutch Data Protection Authority, said in a statement.

iPhone users running the iOS 6 mobile operating system are asked if they are willing to allow an application to access certain sensitive data on the device, such as location data, or in this case contact list data.

The two agencies explained that WhatsApp relies on a user’s phone number to populate the instant messenger’s contacts list. All the user’s phone numbers are transmitted to WhatsApp to “assist in the identification of other WhatsApp users.” But, rather than deleting the phone number of non-users, WhatsApp retains the numbers, albeit in an unreadable hash form.

This falls foul of both Canadian and Dutch privacy law, which states that personal data may only be retained for as long as it is required for the fulfillment of a certain service.

“Both users and non-users should have control over their personal data and users must be able to freely decide what contact details they wish to share with WhatsApp,” Johnstamm remarked.

“Our investigation has led to WhatsApp making and committing to make further changes in order to better protect users’ personal information,” Canadian Privacy Commissioner Jennifer Stoddart said in a statement.

While in breach of Dutch law, and though the Netherlands is a member of the European Union bloc of 27 member states, the mobile app is not thought to have breached wider European data protection law.

The Dutch authority will examine the California-based developer’s case in a “second phase” in which “further enforcement actions” may be enacted, including sanctions. While the Canadian authority does not have order-making powers, it will keep a close eye on the company.

Get your personal as well as office laptops encrypted by Alertsec

Unencrypted laptops present a major risk of data loss. 80% of information theft is due to lost or stolen laptops and other equipment. About 50% of network intrusions are performed with credentials gathered from lost or stolen devices. The penalties for a data breach are severe not only in terms of the monetary fines imposed on the organization, but also the potential loss of trust from customers and suppliers. Encryption software greatly enhances the security of your organization’s data as the information is not compromised if a laptop is lost or stolen.

Alertsec Xpress is the full disk encryption service that delivers a mobile data protection system for all information stored on laptops used throughout your organization.

Enhanced by Zemanta

Twitter gives user data to U.S. 7 times out of 10

January 17th, 2013

Twitter gives government agencies in the United States at least some of the information they ask for on users 69 percent of the time.

That data and much more about how the social network responds to government requests for user information, as well as demands to remove tweets and reports of copyright violations was part of Twitter’s second so-called transparency report, which it issued today “in celebration of”Data Privacy Day. Google issued such a report today as well.

“We’ve been thinking about ways in which we can more effectively share this information, with an aim to make it more meaningful and accessible to the community at large,” Twitter wrote in a blog post. “We believe the open exchange of information can have a positive global impact. To that end, it is vital for us (and other Internet services) to be transparent about government requests for user information and government requests to withhold content from the Internet; these growing inquiries can have a serious chilling effect on free expression — and real privacy implications.”

In the report, Twitter said that, worldwide, it received 1,858 requests from governments for information about users in 2012, as well as 6,646 reports of copyright violations, and 48 demands from governments that content they deem illegal be removed.

Although Twitter has a responsibility to provide information on users as a result of official actions like subpoenas and court orders, the company has long taken the public position that it protects users’ privacy and anonymity whenever possible. For example, last August, the company fought police attempts in New York to get information on an Occupy Wall Street protester’s account, claiming that law enforcement did not adequately follow the Constitution’s safeguards against invasion of privacy.

“It’s our continued hope that providing greater insight into this information helps in at least two ways,” Twitter continued in its blog post: “first, to raise public awareness about these invasive requests; second, to enable policy makers to make more informed decisions. All of our actions are in the interest of an open and safe Internet.”

Privacy advocates seem to agree. In an email sent to CNET, the Electronic Frontier Foundation’s Trevor Timm lauded Twitter’s report and its attempts to maintain users’ freedoms and privacy. “I think this is the most detailed transparency report that we’ve seen from any Internet company and it should become a model for other companies, especially Facebook,” Timm told CNET. “Facebook is by far the largest social media site, yet has so far refused to release transparency reports to show us how much information the government is requesting and how much they comply.

“The first step in combating unreasonable government surveillance is information. And these transparency reports are vital in that fight. Cell phone carriers should start releasing them on a yearly basis as well.”

It will likely be interesting to many people to see how many times governments around the world ask Twitter to provide information about users in their countries, as well as how often the company decides it has no choice but to comply with those requests. The transparency report includes a section detailing “actionable” demands — meaning situations in which Twitter is legally responsible to provide what is asked for — from every country, as well as a second section focusing solely on the United States.

China is missing from the report, as Twitter is officially blocked there. And while there appears to be evidence that some Chinese are able to access Twitter, the company doesn’t have a responsibility to reply to that government, explained a Twitter spokesperson.

U.S. requests

From July 1 to December 31, 2012, Twitter said, it received a total of 1,009 requests for user information from 30 countries. Across the board, the company complied by providing some or all information demanded 57 percent of the time, covering a total of 1,433 user accounts.

Outside the U.S., Japan issued the most requests, asking Twitter for information on 75 users a total of 62 times. Yet Twitter complied just 5 percent of the time, it said. Brazil submitted 34 requests, covering 43 user accounts, and got some or all of what it was looking for 12 percent of the time.

By comparison, American government agencies were given at least some of what they were demanding in 69 percent of the 815 cases in which they asked, the report said. “As Twitter is based in San Francisco…the great majority of government information requests for user information we receive come from the United States,” the company wrote. “To increase transparency and insight, we’re introducing more in-depth details about these requests.”

According to the U.S.-only report, 60 percent of demands in the U.S. came in the form of subpoenas, while 11 percent were court orders, 19 percent were search warrants, and 10 percent were other official requests. Twitter said that in the cases of subpoenas, the requests “do not generally require a judge’s sign-off and usually seek basic subscriber information, such as the email address associated with an account and IP logs.”

Because of the Fourth Amendment to the U.S. Constitution, Twitter wrote, search warrants “typically require the most judicial scrutiny before they are issued, including a showing of probable cause and a judge’s signature. A properly executed warrant is required for the disclosure of the contents of communications (e.g., tweets, [and direct messages]).”

Twitter said that its general policy is to notify users when a government agency is demanding their information, “unless we are prohibited from doing so by law or in an emergency situation.” All told, it explained, less than 20 percent of cases involved such prohibitions issued “under seal.”

The EFF’s Timm said, “I don’t necessary blame Twitter for complying with valid subpoenas and warrants, since they are required to by law. It seems they have been vigilant in challenging unnecessarily broad legal requests. They only comply with 69 percent, while Google complied with 88 percent. And they’ve also written a detailed explanation of why they may not comply, and notify users whenever legally possible. The blame lies with the government for making so many warrantless requests and with Congress for not giving much of our electronic data more protection than just a subpoena.”

Added Timm, “It’s also great to see Twitter requires warrants for all content, despite [the Electronic Communications Privacy Act] not requiring it by law. It’s encouraging to see Google, Facebook, Microsoft, and Yahoo all come out and say this in the past week. The Fourth Amendment should protect the content of our email, just like it protects our physical letters and phone calls.”

Removal requests

Twitter has long held that its users have the right to post almost anything they want, as long as it isn’t illegal. But in some cases, it does respond when governments ask it to remove offending content.

According to the transparency report though, such cases are exceedingly rare. Between July and December, there were just 26 such court-ordered requests worldwide, Twitter said, and in just 5 percent of cases did it actually remove some or all of the content in question.

A recent situation involving a series of anti-Semitic tweets in France is one such case. And as a result, France’s removal requests were granted 100 percent of the time, the report detailed. But even so, that removal covered just 40 accounts, and only 44 individual tweets.

In the United States, by comparison, there were just two such requests between July and December.

Copyright takedowns

Although the parts of Twitter’s transparency report that are likely to get the most attention are the company’s responses to government officials for information on users, and the amount of offending content removed, it also contained interesting data on how often the company acted on demands that content posted to the social network contained copyright violations.

According to the report, Twitter received 3,268 take-down notices worldwide between July and December, and it’s agreed to comply with part or all of those requests 53 percent of the time.

Twitter said that when such requests are submitted, it notifies affected users. Among the types of media it has to remove as a result of these notices are “profile photos, header photos, background images, and Twitter-hosted media (e.g., pic.twitter.com).”

But Twitter also noted that it doesn’t comply with take-down notices for a number of reasons. In many cases, it said, such demands don’t supply adequate information for locating the allegedly offending content. And at the same time, it receives many “misfiled, non-copyright complaints” through its Web forms.

Get your personal as well as office laptops encrypted by Alertsec

Unencrypted laptops present a major risk of data loss. 80% of information theft is due to lost or stolen laptops and other equipment. About 50% of network intrusions are performed with credentials gathered from lost or stolen devices. The penalties for a data breach are severe not only in terms of the monetary fines imposed on the organization, but also the potential loss of trust from customers and suppliers. Encryption software greatly enhances the security of your organization’s data as the information is not compromised if a laptop is lost or stolen.

Alertsec Xpress is the full disk encryption service that delivers a mobile data protection system for all information stored on laptops used throughout your organization.

Enhanced by Zemanta

Internet, social media least trusted industries for privacy

January 15th, 2013

Internet and social media ranked at the bottom on a list of the most trusted industries for privacy, according to the Ponemon Institute.

Released yesterday, Ponemon’s “2012 Most Trusted Companies for Privacy” was compiled from a survey of U.S. adults asked to name the five companies they trust the most to protect the privacy of their personal information.

Based on more than 6,700 responses, the Top 20 list did not include several tech players that had been on it in past years.

Apple failed to make the list for the first time in four years. Google, Best Buy, Facebook, Yahoo, Dell, and AOL also were gone from the Top 20 after scoring good or decent grades in the past.

Those results aren’t surprising, as many of those polled expressed concern about certain technologies. A full 59 percent of the respondents said they feel their privacy rights are diminished or undermined by social media, smart mobile devices, and geotracking tools.

Almost half the people surveyed said they received one or more data breach notifications over the past two years. And 77 percent of those people said such notifications hurt their trust in the organization reporting the breach.

A majority of those polled said they’ve shared personal information with an organization they didn’t know or trust, with most admitting they did it for the convenience of online shopping. And only 35 percent feel they have control over their personal information, a percentage that has dropped steadily over the past seven years, the report said.

Identify theft was seen as the most significant threat to privacy, followed by government surveillance and data breaches.

And what do people expect from companies that use their personal information?

Security protection was named the most important feature. But a majority also said they don’t want their data shared without their consent and they want the ability to be forgotten.

On a more positive note, Hewlett-Packard took second place in the rankings, just behind American Express.

Amazon was third, followed by IBM in fourth. eBay grabbed ninth place, with Intuit rounding out the Top 10.

Among other technology providers, Microsoft and Mozilla joined the list for the first time, ranked 17 and 20, respectively. Verizon, AT&T, and WebMD also numbered among the Top 20.

Get your personal as well as office laptops encrypted by Alertsec

Unencrypted laptops present a major risk of data loss. 80% of information theft is due to lost or stolen laptops and other equipment. About 50% of network intrusions are performed with credentials gathered from lost or stolen devices. The penalties for a data breach are severe not only in terms of the monetary fines imposed on the organization, but also the potential loss of trust from customers and suppliers. Encryption software greatly enhances the security of your organization’s data as the information is not compromised if a laptop is lost or stolen.

Alertsec Xpress is the full disk encryption service that delivers a mobile data protection system for all information stored on laptops used throughout your organization.

Enhanced by Zemanta

Sony fined $395K for 2011 PlayStation Network hack

January 13th, 2013

Sony Computer Entertainment Europe has been fined 250,000 pounds (US$395,775) by the Information Commissioner’s Office in the U.K., following the massive hacking of Sony’s PlayStation Network in 2011 that saw million of users’ personal data leaked.

The monetary penalty on Sony comes after the “serious breach of the Data Protection Act,” the ICO said in a statement today.

When the Sony PlayStation Network Platform was hacked in April 2011, it compromised the personal information of millions of customers, including names, addresses, e-mail addresses, dates of birth, and account passwords. Customers’ payment card details were also at risk, the ICO said.

“An ICO investigation found that the attack could have been prevented if the software had been up to date, while technical developments also meant passwords were not secure,” it added.

Get your personal as well as office laptops encrypted by Alertsec

Unencrypted laptops present a major risk of data loss. 80% of information theft is due to lost or stolen laptops and other equipment. About 50% of network intrusions are performed with credentials gathered from lost or stolen devices. The penalties for a data breach are severe not only in terms of the monetary fines imposed on the organization, but also the potential loss of trust from customers and suppliers. Encryption software greatly enhances the security of your organization’s data as the information is not compromised if a laptop is lost or stolen.

Alertsec Xpress is the full disk encryption service that delivers a mobile data protection system for all information stored on laptops used throughout your organization.

Enhanced by Zemanta

Surveillance a la Skype: EFF, others seek answers

January 11th, 2013

Microsoft needs to open up about the trustworthiness of its Skype software for confidential conversations, according to an open letter to the company posted today.

The letter, from an array of privacy advocates, Internet activists, journalists, and others, calls on Microsoft to provide public documentation about the security and privacy practices around Skype, which facilitates video and voice communications over the Internet. Microsoft completed its $8.5 billion acquisition of Skype in October 2011.

The authors of the letter say they’re worried in particular about the access that governments have to both Skype conversations themselves and to the user data generated by those communications. Among the groups that have signed the letter are the Electronic Frontier Foundation, Reporters Without Borders, the Egyptian Initiative for Personal Rights, and the Tibet Action Institute. The letter states, in part:

Many of its users rely on Skype for secure communications — whether they are activists operating in countries governed by authoritarian regimes, journalists communicating with sensitive sources, or users who wish to talk privately in confidence with business associates, family, or friends.

It is unfortunate that these users, and those who advise them on best security practices, work in the face of persistently unclear and confusing statements about the confidentiality of Skype conversations, and in particular the access that governments and other third parties have to Skype user data and communications.

Back in 2008, Skype had told CNET that it couldn’t comply with wiretap requests “because of Skype’s peer-to-peer architecture and encryption techniques.”

Anxiety about how Skype may be used for government eavesdropping heated up after the Microsoft acquisition. According to a July 2012 story on Slate, hackers were alleging that a just-completed change to Skype’s architecture could make “lawful interception” of calls easier to conduct.

Meanwhile, Microsoft has been working to integrate Skype more tightly into its product lineup. For instance, the company plans to replace its Windows Messenger Live instant-messaging client with Skype worldwide in March, except in mainland China.

The letter calls on Microsoft to release a “regularly updated Transparency Report” — similar to those issued by Google — that touches on these points:

  • Quantitative data regarding the release of Skype user information to third parties, including number of requests, type of data requested, and how often those requests are honored.
  • Specific details of all user data Microsoft and Skype currently collects, and retention policies.
  • Skype’s best understanding of what user data third parties may be able to intercept or retain.
  • Documentation regarding the operational relationship between Skype with TOM Online — a mobile Internet company in China that offers a government-approved version of Skype — and other third-party licensed users of Skype technology.
  • Skype’s interpretation of its responsibilities under the Communications Assistance for Law Enforcement Act (CALEA) and in response to subpoenas and National Security Letters (NSLs).

The letter was addressed to Skype division president Tony Bates, Microsoft chief privacy officer Brendon Lynch, and Microsoft general counsel Brad Smith.

Get your personal as well as office laptops encrypted by Alertsec

Unencrypted laptops present a major risk of data loss. 80% of information theft is due to lost or stolen laptops and other equipment. About 50% of network intrusions are performed with credentials gathered from lost or stolen devices. The penalties for a data breach are severe not only in terms of the monetary fines imposed on the organization, but also the potential loss of trust from customers and suppliers. Encryption software greatly enhances the security of your organization’s data as the information is not compromised if a laptop is lost or stolen.

Alertsec Xpress is the full disk encryption service that delivers a mobile data protection system for all information stored on laptops used throughout your organization

Enhanced by Zemanta

Adobe mends security holes in Flash, Reader, Acrobat

January 9th, 2013

Security flaws in Adobe Flash, Reader, and Acrobat could have been the cause of computer crashes recently. The software company announced today that it sent out updates for these three programs, which are meant to patch security vulnerabilities that cause such system crashes.

“These updates address a vulnerability that could cause a crash and potentially allow an attacker to take control of the affected system,” the company wrote in a security bulletin today. “Adobe recommends users update their product installations to the latest versions.”

Adobe does not give any further detail on the security vulnerabilities but does strongly recommend that users running all versions of Adobe Flash Player for Windows, Mac OS X, Linux, and Android update their programs. Similarly, the company warns that people using Adobe Acrobat and Reader 11.0.0 and earlier versions on Windows and Mac OS X, and Adobe Reader 9.x versions for Linux are at risk.

Adobe launched new versions of Reader and Acrobat in October. The new XI version of Reader beefed up the Protected Mode features of the program, while the latest Acrobat updated text and image editing.

Adobe Reader has been dinged in the past for security holes, requiring the company to push out one. It seems that despite the new version of the program, Adobe security patches are here to stay.

Get your personal as well as office laptops encrypted by Alertsec

Unencrypted laptops present a major risk of data loss. 80% of information theft is due to lost or stolen laptops and other equipment. About 50% of network intrusions are performed with credentials gathered from lost or stolen devices. The penalties for a data breach are severe not only in terms of the monetary fines imposed on the organization, but also the potential loss of trust from customers and suppliers. Encryption software greatly enhances the security of your organization’s data as the information is not compromised if a laptop is lost or stolen.

Alertsec Xpress is the full disk encryption service that delivers a mobile data protection system for all information stored on laptops used throughout your organization.

Enhanced by Zemanta

China tightens the screws on Internet users

January 7th, 2013

The Chinese government is once again imposing new restrictions on Internet use.

A decision approved today by the Standing Committee of the National People’s Congress institutes an “identity management policy,” according to China’s official Xinhua news agency. Such a policy requires Internet users to use their real names when registering with an online provider or mobile carrier.

Though most Chinese Internet users already use their real names to sign up for online accounts, the new policy makes it the law.

Li Fei, deputy director of the Commission for Legislative Affairs of the Standing Committee, did acknowledge public concerns that the measure could “hamper the exposure of corruption cases online, public criticism lodged on the Internet, and the supervisory role of the Internet,” Xinhua said.

Several cases of public corruption in China have been unveiled on the Internet. The new policy could make it easier to track down citizens who expose such cases online.

But Li dismissed such concerns as “unnecessary” claiming that “identity management work can be conducted backstage, allowing users to use different names when posting material publicly.”

Further, Chinese service providers will now have to remove any Internet pages or other online information considered “illega,” and then turns that information over to the authorities. The authorities then have the legal right to halt publication and to punish those who posted the illegal information.

The decision also asks the public to report any such illegal online information to the authorities.

The policy doesn’t quite explain what information is considered illegal. But the Chinese government insists the law works in the best interests of its citizens, saying that the decision will “protect digital information that could be used to determine the identity of a user or that which concerns a user’s privacy,” according to Xinhua.

Further, the decision prevents service providers and government agencies from leaking the digital information of Internet users, and from selling or providing this information to others, Xinhua said.

But Li also added a warning in today’s press conference, according to Reuters.

“When people exercise their rights, including the right to use the Internet, they must do so in accordance with the law and constitution, and not harm the legal rights of the state, society… or other citizens,” Li said.

Get your personal as well as office laptops encrypted by Alertsec

Unencrypted laptops present a major risk of data loss. 80% of information theft is due to lost or stolen laptops and other equipment. About 50% of network intrusions are performed with credentials gathered from lost or stolen devices. The penalties for a data breach are severe not only in terms of the monetary fines imposed on the organization, but also the potential loss of trust from customers and suppliers. Encryption software greatly enhances the security of your organization’s data as the information is not compromised if a laptop is lost or stolen.

Alertsec Xpress is the full disk encryption service that delivers a mobile data protection system for all information stored on laptops used throughout your organization.

Enhanced by Zemanta

Fake Turkish site certs create threat of bogus Google sites

January 5th, 2013

Google and Microsoft revealed today that a certificate authority based in Turkey “mistakenly” issued security certificates last month, and that a recipient of one of the e-documents in turn created a bogus certificate that could let it impersonate various Google sites.

According to a blog post by Google engineer Adam Langley, Chrome detected and blocked an unauthorized security certificate for the domain “*.google.com” on December 24. After blocking the certificate, Langley said, Google investigated and determined the certificate came from an intermediate certificate authority that linked back to the Turkish certificate authority TurkTrust.

Fraudulent certificates — or e-documents used to verify Web site authenticity — are no joke, since they can be used to perform phishing attacks, man-in-the-middle attacks, or to spoof content.

After Google warned TurkTrust and other browser vendors, TurkTrust reported that it had mistakenly issued two intermediate certificates in August 2011 to organizations that should have received standard SSL certificates.

Microsoft wrote in its concurrent security advisory blog post that it has also blocked certificates from TurkTrust. “TurkTrust incorrectly created two subsidiary Certificate Authorities: (*.EGO.GOV.TR and e-islam.kktcmerkezbankasi.org). The *.EGO.GOV.TR subsidiary CA was then used to issue a fraudulent digital certificate to *.google.com,” the company wrote.

People using Windows Vista or newer won’t have to take any action, Microsoft said, as long as they have installed the Certificate Trust List from last June. Windows 8, Windows RT, Windows Server 2012, and devices running Windows Phone 8 will be automatically protected.

Langley added that Google’s actions last month fixed the immediate security problem for Chrome users, but that the company will update the browser again in January to remove Extended Validation status for TurkTrust-issued certificates.

He finished by warning that it’s possible Google “may also decide to take additional action after further discussion and careful consideration.”

Get your personal as well as office laptops encrypted by Alertsec

Unencrypted laptops present a major risk of data loss. 80% of information theft is due to lost or stolen laptops and other equipment. About 50% of network intrusions are performed with credentials gathered from lost or stolen devices. The penalties for a data breach are severe not only in terms of the monetary fines imposed on the organization, but also the potential loss of trust from customers and suppliers. Encryption software greatly enhances the security of your organization’s data as the information is not compromised if a laptop is lost or stolen.

Alertsec Xpress is the full disk encryption service that delivers a mobile data protection system for all information stored on laptops used throughout your organization.

Enhanced by Zemanta