Log in

Archive for the ‘full disk encryption’ category

The U.S. Senate Judiciary Committee approves three Democrat-proposed data breach bills

September 26th, 2011

Sen. Patrick Leahy's bill wins approval

Breach notification and data security are now closer to reality, thanks to the three bills three bills, proposed by Chairman Leahy(D-VT), Senator Blumenthal (D-CT), and Senator Feinstein (D-NH).

The Senate Judiciary Committee approved the bill on Sept 22. The committee’s 10 Democrats voted in favor and its eight Republicans voted against it. Leahy was disappointed that no Republican supported the measures.

About the three bills

As per the three bills, businesses are required to develop data privacy and security plans and set a federal standard for notifying individuals of breaches of sensitive personally identifiable information (SPII).

The Leahy bill

This bill is also known as the Personal Data Privacy and Security Act of 2011,. It is a cyber-security and online-privacy measure introduced to deal with threats from hackers and malicious software.

Three important points about Senator Leahy’s bill:

a. ‘Data minimization’ provision, requiring businesses to establish a plan to minimize the amount of SPII the business retains and to delete SPII that is no longer needed to fulfil a (unspecified) business purpose or legal obligation.

b. Previous iterations of Leahy’s bill had several sections on government access to commercial data. These have now been stricken off.

c. An important addition during markup was a provision designed to ensure that the CFAA is not used against people who merely violate website terms of service

Is this time any different?

Cyber security bills have been introduced before but not much was done about them. Data breach cases are growing at an exponential speed and hopefully this time is different.

Senator Chuck Grassley and the EFF concerned about the new bills

Here is what Senator Grassley had to say “Americans want and need the Congress to work with private businesses to create jobs,” “However, under this bill, we may end up with more burdensome regulations, small businesses forced into bankruptcy, jobs lost, and consumers still going unprotected because the over-notifications will be ignored.”

EFF and a group of civil liberties organizations and scholars have requested the committee to ensure the CFAA doesn’t punish ordinary computer users who happen to breach terms of use.

Discrepancies in the bill

According to the current bill, government employees who violate employment agreements remain vulnerable to contract-based prosecutions under the CFAA. All computer users should be protected against such charges irrespective of their work place.

Alertsec strengthens security

Alertsec has created a web based encryption service that radically simplifies deployment and management of PC encryption by using industry leading Check Point Full Disk Encryption (former Pointsec) software.

Organisations, especially corporate giants, have to have an information security policy in place that proves they have taken necessary steps and measures to safeguard the information they gathered. If these policies are not adhered to, the regulators may prosecute.

Alertsec Xpress is used by organizations that have recognized the need to protect their information. Customers range from single-user sole traders and consultants to multinational companies with a large number of offices around the globe. Over 4 million users worldwide use Alertsec Xpress’s Check Point Full Disk Encryption.

No comments »

Posted in Bkis, Hackers, Identity and Information loss, Security Flaw, full disk encryption, identity theft

Tags: CFAA Check Point Chuck Grassley Computer crime Computer Fraud and Abuse Act data security disk encryption Electronic Frontier Foundation Enter your zip code here Federal Emergency Management Agency Harry Reid Patrick Leahy United States United States Senate Committee on the Judiciary United States v. Lori Drew

Full Disk Encryption – An Executive’s Introduction To How It Works And Other Issues

May 2nd, 2011

Icon from Nuvola icon theme for KDE 3.x.

Encryption

File encryption or Full disk encryption?? That is the most important question for most of the organizations now a day. Because some of the organizations encrypted their important files but still failed to prevent data lose, and file encryption does not allow encryption on in and out moving data. So the organizations are not finding any profit in adopting data encryption. Full disk encryption is the only solution of their anxiety.

Now the organizations are not sure whether they will apply the full disk encryption on each and every system of their organization or just on those systems which contain sensitive data. According to PCI and ICO the answer is an organization should apply the full disk encryption to all the system. Because only a few stuffs of the organization can access the sensitive data but still there is a chance that due to some emergency an ordinary stuff can also get access to sensitive data. So, be ready before the mistake has been done.

Full disk encryption not only save your sensitive data but also assures you the protection of each and every single data of your organization. But some people do not want to apply encryption because of some drawbacks and those drawbacks can cause data loss or computer malfunction, because the following things can happen due to encryption:-

Password forgotten.
Problem in the hardware.
Data corruption due to the encryption of data.
Normally people like to make some common as well as weak password just because they can remember it. Those passwords are known as weak keys password.
Sometimes we write down our passwords because we do not have the confidence that we can remember them.
Data corrupted by the encryption process.
The encryption algorithm can be cracked sometimes.

But we have to keep in mind before applying full disk encryption that encryption does not enhance or reduce risks, it just provides protection to your data from data loss. So it depends on us that how we are applying the full disk encryption process to our system. Before the implementation of full disk encryption we have to be very careful about the following factors:-

The encryption process is approved by the Advanced Encryption Standard (AES) or not.
Due to presence of scratch pad the modern day’s computers cannot protect the hard disk and full memory. And the dangerous thing is that through these scratch pads the hackers can easily access your data.

Another problem with encryption is that there is a chance of potential data loss, but in case of full disk encryption as full disk encryption works in the hardware level not on the software level, so the chances of interaction between the encryption and other applications automatically reduces and as a result of it the probability of data loss also reduces.

So, if your system has sensitive data and you do not want to lose those data, and then apply full disk encryption to your system because it does not drop the speed of your system but it makes your system fully protected.

About ALERTSEC:-

Alertsec Xpress is the No.1 encryption service provider for hundreds of banks and financial institutions worldwide. They are providing 24*7 customer service system. By offering computer protection software, encryption with lowest TCO (Total Cost of Operation), Checkpoint and Pointec they are assuring to make data secure. For more details about Alertsec log on to: http://www.alertsec.com

No comments »

Posted in Alertsec Express, Computer security, Data Protection, Encryption, Hard Disk, full disk encryption

Tags: data encryption disk encryption drive encryption Encryption full disk encryption

ICO HITS OUT AT DATA BREACH FIGURES

April 30th, 2011

Laptop Encryption

According to different sources the number of cases registered in ICO is 2565, while action taken against only 37 cases. This generates a huge dissatisfaction against the working process of ICO. The power of ICO is now under doubt. The rumour is that ICO is nothing but a paper tiger and as a result of it everybody is thinking that the number data breaches cases will increase as there is less chances on punishment.

The fault of ICO was highlighted after data breaching incident of Viasat. After that case Viasat claimed that ICO is playing with the figures of fine for data breaching. According to different sources Viasat was penalized by $310,000 for data breaching while the actual figure have to be $500,000.

There is also more dissatisfaction against the ICO in different Organizations due to the lethargic working process of ICO. As, according to different expert the number of cases of data breaching is increasing day by day so ICO has to be more quick prompt in taking action, but the reality tells that the number of cases recorded in the ICO remains static. Means the actual data has been hampered.

ICO denies all those complain and in a conference they announced that they have the actual figures and that is 37. They also assured the public that they are in hurry to take action against those organizations that are involving in data breaching.

But the truth is far different from the announcement of ICO. According the inner source of ICO, ICO has lost a large number of report files related to data breaching. Though there are a several number steps can be taken by ICO against data breaching but they are not interested to it. Without telling the organizations about the importance of data encryption software, laptop encryption software, encryption, data security, importance of hard drive encryption, laptop encryption, full disk encryption, computer protection they are more interested in taking fines. And the main problem is that they are also not very sure about the amount of fines, as a result of that the figure varies from organization to organization.

About Alertsec:

Alertsec Xpress is a very easy and convenient service which enables us to secure valuable information on our laptops. Alertsec Xpress has found the ultimate way of deploying the protection via the web. They have found the ultimate way of deploying the protection via the web. They are the no.1 encryption service provider for hundreds of banks and financial institutions worldwide.

No comments »

Posted in Alertsec Express, Data Protection, Encryption, computer security software, full disk encryption, laptop encryption

Tags: data security Encryption laptop encryption laptop security

Leak Fear as Hospital Loses Patient Detail

April 29th, 2011

Flah Drive

As the number of laptop and data storage device robbery increasing day by day, the negligence of different organizations about the implementation of data encryption software and laptop encryption software come to the notice of ICO. Though ICO is trying hard to make all the organizations aware about the importance of encryption of data but the organizations are showing to less energy to encrypt the laptops and data storage devices. As a result of that any short of data or device loss is making huge effect on the organization.

ICO came to know that recently at Queen Marry Hospital a flash drive which contained the details of the patients of that hospital had been lost. Though the main copy of those data has been stored in a computer with password protection but the data in the flash drive was neither encrypted nor password protected.

The hospital informs that the flash drive contained the names and id numbers of at least 19 patients of them. From this we can easily understand the situation that is going to occur if the incident came to the notice of those patients. And not only in this hospital but this thing is happening in everywhere like; schools, different organizations even in antivirus developing organizations also. A source of the hospital informed that the data was stored in the flash drive from a password protected computer to upgrade the computer. The management of the hospital immediately lodged a report to the police and they assured that the treatment of the patients would not be affected due to this incident.

Such type of incidents shows us the importance of data encryption software, computer security software. If encryption is enabled in our system and storage devices then we do not have to worry about the manipulation of data after the data has been lost. Though a lot of encryption software is available in the market and ICO is trying their best so that every organization uses those encryption softwares to protect their system and data but due to unawareness and negligence most of the organizations show lethargy to implement it in their organizations. ICO has decided to take some serious steps so that every organization will implement those softwares in their organization.

Though the hospital informed the police and the patients and apologized to them for their mistakes, just to put off the light from their fault but everyone can easily understand the effect of this incident.

About Alertsec:-

Alertsec is one of the leading data encryption software providers. Alertsec offers computer protection that is convenient and affordable. Analysis of the total cost of ownership of the Alertsec Xpress solution and the major alternatives show that the benefits of the Cloud Service can cut the TCO by up to half.

No comments »

Posted in Alertsec Express, Computer security, Data Protection, Encryption, Encryption Chip, Hard Disk, USB Key, full disk encryption

Tags: Cloud computing Cryptography data encryption Data storage device Encryption security

Laptop Encryption: Protect Your Data from Hackers

April 28th, 2011

Laptop Encryption

A simple incident can turn to be the biggest problem of your life and later you may find that it happened just because of your negligence. Though there are several laptop encryption software and laptop encryption software available in the market to secure our personal and professional data but still we neglect it.

According to ICO as most of the organization does not follow the rules of data encryption and they are less interested about implementing any laptop encryption software, so as a result most of the stored data of those organizations remain unencrypted. So, any sort of loss or theft can cause a huge damage to those organizations. As an example they mentioned about the incident of Freehold School. A laptop was theft from the car of one the teachers of that school, the laptop contained the details of around 90 pupils and all those data were unencrypted.

As we are aware that the hackers are more interested in personal data and they are such powerful that minimum negligence to the data encryption act can harm your system. As a prove we can take the incident of Ashampoo, a German software company, though they are also a computer security software company but the hackers got success to hack their system and stole the personal details of their clients. As Ashampoo took an immediate step to protect their data the loss of information did not harm them too much, but the incident could have been more damaging.

In case of Freehold Community School, ICO found that the management of the school was totally unaware about the importance of laptop encryption software. Though their systems contain personal data but still they did not protect their data or they did not follow any security system to protect their data. As most of the organization does not take the importance of data encryption seriously so ICO wanted to take financial steps against them. They wanted to do surveys on different organization and if any organization been found guilty under the data law act, they want to punish them.

The ICO takes some routine steps to make aware the institutes and organizations about the importance of laptop encryption software. The steps that ICO can take to secure and encrypt the data of an organization are as follows:

Criminal prosecution.
Non-criminal enforcement.
Audit.

Now the main question is how to stay secure………

Though there are various data encryption software and sites available to protect your personal data but you can follow some routine works to maintain the preliminary protection of the data by,

1. Any attachment should not be opened randomly.

2. Use antivirus softwares to your system to protect it from the virus.

3. Always treat messages from unknown senders with suspicion.

4. After any sort of doubt contact immediately to the nearest police station and lodge a complaint.

As, the hackers are increasing in numbers and also improving in quality of action day by day , so you have to be sure that your system is encrypted, portable and mobile data storage devices, so that you can feel free from any sort of damage to your personal data or the data stored in your system or in storage devices. Because “precaution is better that cure”.

About Alertsec:

Alertsec Xpress is the No.1 encryption service provider for hundreds of banks and financial institutions worldwide. They are providing 24*7 customer service system. By offering computer security software, encryption with lowest TCO (Total Cost of Operation), Checkpoint and Pointec they are assuring to make data secure. For more details about Alertsec log on to; http://www.alertsec.com