There is growing concern regarding the role that encryption on personal devices might play in the future of law enforcement activities. Strong encryption, which uses large keys that are controversially hard to crack, has caused complaints in recent years as manufacturers such as Apple and Google increasingly add these features to their devices. What these companies have done is not new technology, but the broader application of existing public-private key encryption in a way that’s easy to use for the average consumer.

A special thank you to Maha Amircani for her guest post discussing the reality of cyber vulnerabilities faced by major cities. Maha is an attorney in Atlanta, Georgia and founder of Amircani Law. A Georgia native born to immigrant parents from Egypt, Maha represents clients in city, state and federal court litigation as well as administrative proceedings. Her practice specializes in the areas of personal injury, criminal defense, and real estate closings.

There has been a lot of interest in protecting businesses from the threat of ransomware. But, city governments are at real risk and the impact reverberates to people like me who interact with them daily. After the City of Atlanta ransomware attack in March 2018, this became crystal clear.

Utilizing VaultCore During a Hospital Ransomware Event

In Part 2 of this series, we examined the ongoing transition from Cyber Security to Cyber Defense, discussing Cyber Defense effects and utilizing VaultCore to realize those effects. In this post, we continue the discussion as we demonstrate how VaultCore enables the effects in a real-world scenario.

For practical consideration, let’s examine the following environment: A healthcare enterprise with 15 hospitals, two data centers, and multiple third-parties who use hospital technology resources. The IT infrastructure represents a number networks, applications, storage solutions, and network-connected diagnostic equipment. 

It’s been a little over a year since exclaiming that Cyber Security is dead. In that year, we have seen broader acceptance of terms like Defense and Resiliency. We have even seen attempts to pass laws that are the cyber equivalent of the “castle doctrine” for home defense. All that aside, one term that is starting to show up in this space is Orchestration. In practice, tools that support AI, machine learning, or analytics are turning to the term Orchestration to address what happens next. Applying the OODA loop (Observe, Orient, Decide, Act) is an easy way to look at this — if SIEM, AI, machine learning, big data, etc. are about Observe and Orient, then Orchestration is about Decide and Act.

Fornetix is proud to announce the availability of Bring Your Own Key (BYOK) support for both AWS and Azure Cloud Services.  This is made available through the Fornetix BYOK plugins via APIs that allow the Fornetix VaultCore appliance to speak to cloud service providers in their preferred protocol for enhanced security of encryption keys.  

Companies and individuals are using cloud services more and more. Putting so much of our data into the cloud introduces a growing problem. The lines between public cloud, private cloud, and software-as-a-service (Saas) have rapidly blurred as new technology develops, redefining what “cloud” actually means. Some businesses put significant portions of their infrastructure into the cloud and choose to keep only a very small footprint in a traditional data center or office. More commonly, businesses will leverage SaaS to handle common IT requirements such as email, storage, CRM, and backups.

What is efail? 

Efail is the name given by German Researchers to a potential attack against PGP or S/MIME encoded emails to take the encrypted contents and send them to a third-party actor.

How does efail work?

Efail requires an HTML encoded email to be manipulated by prepending an html image tag to the beginning of the email. This in turn forces the email client to send a request to a malicious domain looking for an image file that is the body of the encrypted email.

Along with the rest of the industry, we recently attended the RSA Conference in San Francisco. While there, many conversations about Fornetix VaultCore started with “You’re an HSM?” or “I already have an HSM… why do I need a key manager?”  Key managers have very clear differences from Hardware Security Modules (HSMs.)  The main differences reside in how the encryption keys can be used by a Key Manager or HSM.  There are other more important differentiators, however, let’s start with how key managers leverage open standards, like the Key Management Interoperability Protocol (KMIP), and what exactly an HSM is.

Amazon Web Services (AWS) is a secure cloud services provider that delivers compute, network, and data storage services. There are numerous benefits to migrating data storage and management to the cloud, but there are security considerations that must be addressed prior to doing so.

ASHBURN, Va., April 2018 — Fornetix, an industry leader for encryption key management, is pleased to announce the formation of a Board of Directors. The appointees are six proven executives with successful track records in the business and cybersecurity arenas.