Archive for the ‘Encryption’ category

« Older Entries
Newer Entries »

Sony’s mainstay insurance provider refuses to accept liability for damages and compensation

July 25th, 2011
PlayStation Plus logo

Battle between Sony and Insurer Zurich American Insurance Co. over Playstation hacks

After reading this piece of news you might wish you were not a PlayStation Network (PSN) user!

Sony’s mainstay insurance provider, Zurich American Insurance Co., is refusing to accept liability for damages and compensation regarding the recent hacks where 77 million PSN customer accounts were compromised.

The insurance provider has filed legal papers covering a total of 55 pending class-action lawsuits that customers have lodged against Sony.

The firm has brushed off its responsibility of covering data breach monetary damages as well as any other miscellaneous claims made by Sony.

History

Sony’s PlayStation Network and Qriocity networks were compromised in the month of April. According to their statement “An external intrusion on our system has affected our PlayStation Network and Qriocity services. In order to conduct a thorough investigation and to verify the smooth and secure operation of our network services going forward, we turned off PlayStation Network & Qriocity services,”

On Tue April 26 Sony confirmed that personal data of millions of customers had been compromised.

On Wed April 27 a class-action lawsuit was filed in the U.S. accusing Sony of failing to protect, encrypt and secure the private and sensitive data of its users.

Present

Nevertheless, Sony has gone ahead and filed insurance claims as it feels it is a fair coverage under previously agreed upon terms.

According to Sony the financial loss from the breaches is more than $178 million this year.  The Japan based firm wants the insurer to cover costs related to the 55 class-action lawsuits under a general liability insurance policy written by Zurich.

Customer reactions and cyber risks

Customers are furious about their loss of privacy and waiting for settlements. It is time to redefine cyber security and the legalities there in. Companies are under the impression that general liability insurance covers everything. According to Ty Sagalow, an insurance consultant and founder of Innovation Insurance Group, “There are probably still some risk managers out there that think that their comprehensive general liability policy cover breaches,” says Sagalow, who was one of the main experts in charge of first drafting cyberinsurance policies for Zurich when he worked for the company prior to starting his own consulting shop. “These types of cyberevents are not covered in the typical standard forms of insurance.”

Cyber insurance

Cyber insurance  is the insurance which covers loss occurred over the internet . The phenomenon is a recent one and yet to stabilize. Hence organizations like Sony must take into account adding additional coverage that can hold up to court scrutiny when things go haywire.

How can Alertsec help in cases of data breach?

Alertsec Xpress is the security service that protects data stored on your PC. As laptops are used in place of desktops, chances of data getting hacked are more. Unless your laptop is encrypted, you are running a big risk of your data getting compromised.

Encryption software helps enhance the laptop security. Alertsec uses industry leading Check Point Full Disk Encryption (former Pointsec) software that simplifies data protection.

Enhanced by Zemanta

No comments »

Posted in Data Protection, Encryption, Hackers, Identity and Information loss, Uncategorized, identity theft

Tags:

PhyData LLC reports laptop containing data of 1500 patients stolen

July 4th, 2011
My BenQ Joybook 8100 showing the Dutch BenQ ar...

Laptop stolen from car containing patient data

Laptop theft

The  most prevailing fear among most  computer users is that of Laptop theft. No matter how much care you take, thieves manage to get away with such thefts.

Corporate America looses over USD 5.4 billion each year in cases of laptop theft. That means 12,000 laptops disappear every week from U.S. airports alone, and a laptop is stolen every 53 seconds. As employees get more and more mobile, this problem becomes more serious.  If you add to this healthcare privacy laws, then asset security can impact your business significantly.

The recent news of laptop being stolen from an employee’s car in Goodlettsville, Tenn. got security experts thinking if enough was being done in the field of data security.

The report

According to the report, PhyData LLC, a medical billing and management company  reported a laptop stolen from an employee’s car on May 7 at the RiverGate Mall. The laptop contained more than 1,500 patient names and their personal information including names, Social Security numbers, dates of birth and medical ID numbers.

These people were patients with Advanced Diagnostic Imaging , Premier Radiology and Anesthesia Services Associates between Jan. 2009 and Dec. 2010

PhyData spokeswoman Joy Sweeney said in a statement that no evidence was found that any of the information had been accessed or misused. She further stated that the company had set up a toll-free help line with Kroll Inc., and is offering identity-theft protection services to affected patients. The company’s laptops are also now all encrypted and password protected

What Tennessean’s had to say

“Stolen from the trunk. That alone sounds strange when detailing where the thief stole it and wasn’t drawing any attention, from busting in the trunk. When the true story comes forward we will see the employee left it inattentive”

“Taken from the trunk? Was there signage on the auto? Why would someone open a trunk with so many other cars around and possible property in view? This IS NOT the whole story on this one”

There is no conspiracy.  Usually, when the trunk gets busted it’s because the driver parked and then placed valuable items in the trunk, thinking that it’d be safer.  Someone in the parking lot — possibly thieves looking to catch people placing stuff in their trunks — watches the driver from the moment he enters the garage and, once they’re sure the driver won’t be back, go to work.  After all, if an item weren’t valuable, why would anyone go through the effort of putting it in the trunk.”

What AlertSec has to say?

Alertsec is the frontrunner in offering hard disk encryption as a fully managed service. We provide information security in a cost-effective & easy way

By using encryption software, you greatly enhance the laptop security as there is no way that the information is compromised if lost or stolen. A theft would simply be reduced to an insurance matter and cost of the hardware plus time to rebuild the laptop. A small price to pay compared to what can happen if you lose confidential or sensitive data. Our industry news provides a few examples of this.

Alertsec Xpress offers a very good and easy-to-use laptop security service that includes more than the traditional software licensing model. Feel free to subscribe for your personal  30 day trial.

Enhanced by Zemanta

No comments »

Posted in Computer security, Encryption, Identity and Information loss, computer security software, identity theft, laptop encryption, laptop theft

Tags:

Goatse Security hacking group orchestrated a security breach of AT&T’s servers

June 28th, 2011
Apple iPad 2 WHITE???

Cybercrime

Wikipedia defines cybercrime as “any crime that involves a computer and a network. The computer may have been used in the commission of a crime, or it may be the target. A computer can be a source of evidence. Even though the computer is not directly used for criminal purposes, it is an excellent device for record keeping, particularly given the power to encrypt the data. If this evidence can be obtained and decrypted, it can be of great value to criminal investigators”.

The AT&T iPad hacking case

More than 100,000 Apple iPad users were a victim of data breach after the hackers accessed AT&T’s servers. Last June, Daniel Spitler of San Francisco, Calif., and Andrew Auernheimer of Fayetteville, Ark. broke into a computer without user authorization. They tried to obtain email addresses from the SIM card addresses of at least 114,000 iPad 3G users. Initially the attack appeared to be a sophisticated hack, the actual exploit used an automated script to submit HTTP requests for thousands of possible serial numbers and collect AT&T’s responses.

Post-breach, AT&T issued a statement. “This issue was escalated to the highest levels of the company and was corrected by Tuesday. We are continuing to investigate and will inform all customers whose e-mail addresses… may have been obtained,”.

How Daniel pilfered AT&T’s servers?

Daniel Spitler wrote a script called the “iPad 3G Account Slurper” and used it to access AT&T servers thereby getting info on e-mail addresses and associated unique iPad numbers. Spitler got in touch with co-defendant Andrew Auernheimer over Internet Relay Chat and they both hatched the plan of taking advantage of the Web site hole and the data from 100,000 accounts that was exposed.

Update on the case

Daniel Spitler has pleaded guilty to breaking into AT&T’s systems and obtaining the email addresses of iPad users. He is allegedly member of the Goatse Security hacking group. Spitler faces up to 10 years in prison and, $500,000 in fines on one count of conspiracy to gain unauthorized access to computers and on one count of identity theft. He is scheduled to be sentenced September 28 in Newark federal court.

Andrew Auernheimer was arrested January 18 in Fayetteville, Ark., while appearing in state court. Charges against him are still pending. He had pleaded not-guilty saying that he and his Goatse Security hacking group were planning to warn AT&T about the hole and notifying iPad 3G customers about the exposure of their data. But the chat logs were evidence enough to point out that they had not contacted AT&T.

“The magnitude of this crime affected everyone from high ranking members of the White House staff to the average American citizen,” said Michael B. Ward, special agent in charge of the FBI’s Newark Division. “It’s important to note that it wasn’t just the hacking itself that was criminal, but what could potentially occur utilizing the pilfered information.”

How Alertsec can protect our computers?

Alertsec provides protection for all information stored on laptops and PCs in an easy, convenient, and cost-effective way. It uses Check Point Full Disk Encryption (former Pointsec) software, and has created a web based encryption service that radically simplifies deployment and management of PC encryption.

Alertsec Xpress is the service that automatically protects ALL information you store on your PC

Alertsec Xpress provides:

  • Fully managed service for your convenience.
  • Very cost effective service.
  • Market leading laptop protection service.
  • Quick and easy implementation.
  • Easy to use protection.
  • Transparent solution.
  • Global 24/7 helpdesk.
  • 100% secure and reliable encryption.
  • Powered by Check Point – the market leader
Enhanced by Zemanta

No comments »

Posted in Computer security, Data Protection, Encryption, computer security software, data breach, data encryption

Tags:

Why Data Encryption is Important

May 7th, 2011
Part of the EFF's DES cracking machine which w...

Data Encryption

As the technology is upgrading day by day, people are getting more involved to their work and they have very little time for the things which seem negligible at the starting but can be very dangerous in future. In today’s world 99% people are more interested in sending and receiving data through internet and mobile data storage devices. But among those 995 people 90% people do not encrypt their data though they know that the data contains personal information and the chances of data lose or hacking is very high.

Sending data through internet has high chances of getting hacked. Because the number of hackers are increasing in a rapid rate day by day and those hackers are so efficient in their job that they can easily hack the unencrypted data from the internet. And if those hacked data contains any sort of personal information then they can misuse those data, even they can make some criminal offenses by using those data and without doing anything wrong you will become a criminal. At the time of sending data through internet lot of people can easily access your data if your data is not encrypted.

Another importance of data encryption is that is helps to protect your computer from viruses. Though you may think that your computer/ laptop is protected enough because of the anti-virus and router you are using, but remember keeping your data safe from the hackers is not that easy. And if your computer becomes virus affected, then any other computer presents in your office or home can be easily affected by the virus.

Now internet is available in the hostels, cyber cafe, hotels and those connections have no protection. So the data can easily be hacked of accessed by some other person.

And data encryption also helps to protect the data of different mobile data storage devices. As the data storage devices sometimes contain personal or sensible data, so the loss of any storage device can be very harmful for us. Because any one can misuse those data. But we will keep our data encrypted then we will be sure that no one can misuse those data.

These are the main reason behind the data encryption. Data encryption not only keeps our data safe but also helps us to be tension free.

About Alertsec:-

Alertsec Xpress is the No.1 encryption service provider for hundreds of banks and financial institutions worldwide. They are providing 24*7 customer service system. By offering computer protection software, encryption with lowest TCO (Total Cost of Operation), Checkpoint and Pointec they are assuring to make data secure. For more details about Alertsec log on to: http://www.alertsec.com

Enhanced by Zemanta

No comments »

Posted in Alertsec Express, Data Protection, Encryption, Encryption Chip, Hard Disk, data encryption

Tags:

Full Disk Encryption – An Executive’s Introduction To How It Works And Other Issues

May 2nd, 2011
Icon from Nuvola icon theme for KDE 3.x.

Encryption

File encryption or Full disk encryption?? That is the most important question for most of the organizations now a day. Because some of the organizations encrypted their important files but still failed to prevent data lose, and file encryption does not allow encryption on in and out moving data. So the organizations are not finding any profit in adopting data encryption. Full disk encryption is the only solution of their anxiety.

Now the organizations are not sure whether they will apply the full disk encryption on each and every system of their organization or just on those systems which contain sensitive data. According to PCI and ICO the answer is an organization should apply the full disk encryption to all the system. Because only a few stuffs of the organization can access the sensitive data but still there is a chance that due to some emergency an ordinary stuff can also get access to sensitive data. So, be ready before the mistake has been done.

Full disk encryption not only save your sensitive data but also assures you the protection of each and every single data of your organization. But some people do not want to apply encryption because of some drawbacks and those drawbacks can cause data loss or computer malfunction, because the following things can happen due to encryption:-

  1. Password forgotten.
  2. Problem in the hardware.
  3. Data corruption due to the encryption of data.
  4. Normally people like to make some common as well as weak password just because they can remember it. Those passwords are known as weak keys password.
  5. Sometimes we write down our passwords because we do not have the confidence that we can remember them.
  6. Data corrupted by the encryption process.
  7. The encryption algorithm can be cracked sometimes.

But we have to keep in mind before applying full disk encryption that encryption does not enhance or reduce risks, it just provides protection to your data from data loss.  So it depends on us that how we are applying the full disk encryption process to our system. Before the implementation of full disk encryption we have to be very careful about the following factors:-

  1. The encryption process is approved by the Advanced Encryption Standard (AES) or not.
  2. Due to presence of scratch pad the modern day’s computers cannot protect the hard disk and full memory. And the dangerous thing is that through these scratch pads the hackers can easily access your data.

Another problem with encryption is that there is a chance of potential data loss, but in case of full disk encryption as full disk encryption works in the hardware level not on the software level, so the chances of interaction between the encryption and other applications automatically reduces and as a result of it the probability of data loss also reduces.

So, if your system has sensitive data and you do not want to lose those data, and then apply full disk encryption to your system because it does not drop the speed of your system but it makes your system fully protected.

About ALERTSEC:-

Alertsec Xpress is the No.1 encryption service provider for hundreds of banks and financial institutions worldwide. They are providing 24*7 customer service system. By offering computer protection software, encryption with lowest TCO (Total Cost of Operation), Checkpoint and Pointec they are assuring to make data secure. For more details about Alertsec log on to: http://www.alertsec.com

Enhanced by Zemanta

No comments »

Posted in Alertsec Express, Computer security, Data Protection, Encryption, Hard Disk, full disk encryption

Tags: