The latest best practices in enterprise data security includes utilizing KMIP AND an encryption key management solution. While most security conscious companies are mindful of the latest advancements in storage encryption, there is a lack of attention to the requirements necessary to managing the thousands of keys generated from multiple data centers, storage devices, and software — specifically, enterprise level encryption key management systems have been overlooked, leaving companies vulnerable.

Partnership delivers impenetrable security foundation throughout the enterprise and out to the edge

FREDERICK, MARYLAND – Fornetix, LLC today announced its technology partnership with Vengar Technologies, creating a powerful, innovative joint data protection solution that leverages Fornetix’s innovative encryption key management system, VaultCore™,and Vengar’s zero-trust object level data protection.

Improved features help VaultCore amplify its data protection capabilities

FREDERICK, MARYLAND – Fornetix LLC, an industry pioneer and leader in enterprise encryption management technology, announced today that they have changed their flagship key management solution’s name from Key Orchestration to VaultCore.

FREDERICK, MARYLAND – Fornetix, Inc., an industry pioneer in enterprise encryption management technology, announces the appointment of Richard C. Schaeffer, Jr. to the company’s Board of Directors. Mr. Schaeffer is a former Senior Executive with the National Security Agency (NSA) and brings over 40 years of experience from roles throughout the defense and intelligence communities. His career includes extensive leadership, management, and technical expertise in the areas of information security and assurance, helping to safeguard many of the nation’s most critical and sensitive assets.

FREDERICK, MARYLAND – Fornetix, an industry pioneer in enterprise encryption management technology, is pleased to publicly announce Mark P. Gilroy as the company’s new Chief Executive Officer. Mr. Gilroy joined the Fornetix team last October in an interim role, during which time he brought considerable experience, passion, and momentum to the unique encryption solutions being delivered by Fornetix.

In a digital world, everything is a 1 or a 0. Those 1’s and 0’s can range from the lifeblood of an organization down to a simple message from one person to another. In most cases, those 1’s and 0’s can be jostled around: enter encryption. Tight encryption standards can make even the most significant, sensitive data appear to be indecipherable to the naked eye. Multiple firewalls, strong antivirus software, enterprise-wide encryption… these are all techniques utilized to strengthen our security posture to prevent bad actors from accessing sensitive data. Bolstering a strong perimeter security defense, coupled with constantly rotating encryption keys inside and outside of the perimeter, and always having the latest antivirus definitions will lead to a stronger aggregate security posture.

Thank you to Cyphre for contributing this guest post to our blog as we focus on GDPR compliance!

Now that European Union’s General Data Protection Regulation (GDPR) is set to become law, companies must establish policies and technology controls to securely store and transfer personal data of any person residing in the EU. Data that can be used to identify a person, such as physical address, IP address, and more, as well as genetic data, information about religious and political views, sexual orientation, and more must be encrypted or made anonymous. Individuals have the right to erase their personal data by withdrawing consent or when it is no longer being used for its original purpose.

Back in June, Kevin Mooney wrote an excellent piece on The Strong Case for Interoperability. Getting back to that subject matter, in perhaps not the most ideal of circumstances, we are going to talk about standards, interoperability, and transition as it pertains to resolving systemic issues. This is being driven by faults in 802.11 as described in Mathy Vanhoef’s and Frank Piessens’ paper on key reinstallation attacks released today.

Adobe's Product Security Incident Response Team (PSIRT) accidentally posted their private key to the internet allowing anyone with access to either side of a conversation with the PSIRT to be able to decrypt the messages.  The Adobe security team was quick to revoke the PGP key, but it has left people with encrypted messages to Adobe in the clear.  How did it happen?

Equifax made news recently for being the victim of a hack; their systems were compromised and data was accessed by person(s) that weren’t authorized to have it. Unfortunately, this is not an uncommon occurrence these days. Hacks happen all the time, to companies both large and small. Individual hacks aren’t really noteworthy any more. But what is particularly noteworthy about this incident is the data that was accessed: the personal (and supposed-to-be private) information of roughly half of the US population.