1 Encryption Made Simple for Lawyers By David G. Ries, Esq. and John W. Simek Encryption is a topic that most attorneys don t want to touch with a 10-foot pole, but it is becoming a more and more important part of security. Encryption is an electronic process to protect data. It has now reached the point where all attorneys should generally understand encryption, have it available for use when appropriate, and make informed decisions about when encryption should be used and when it is acceptable to avoid it. Fortunately, easy to use options are available today for encryption. Most attorneys will need technical assistance to install and set up encryption, but it s generally easy from there. Encryption uses a formula to transform readable data into unreadable data. The formula is an algorithm (called a cipher), the readable data is called plaintext, and the unreadable data is called ciphertext. Decryption is the reverse process that uses a key to transform the encrypted data back to readable data. As long as the decryption key is protected, the data is unreadable and secure. While the technical details of how encryption works are complex, it is not necessary for attorneys who use encryption to understand them. Encryption can be used to protect data at rest (on desktops, laptops, servers or portable media) and data in motion (over wired or wireless networks and the Internet). Anyone who has access to encrypted data cannot read or use it unless they have access to the decryption key.
2 Attorneys have ethical and legal duties to protect information relating to clients. Encryption is an important consideration in addressing these duties. Laptops and Portable Media The attributes that make laptops and portable devices useful also make them very dangerous from a security perspective: they re compact and portable. Add to that the fact that their costs have been decreasing over the years, their capacities have been dramatically increasing, and they have become more and more compact. Laptops are available with 1TB (terabyte) and larger hard drives. USB thumb drives with capacities of 256 GB or more are now available. Portable hard drives of a TB or more, the same as desktop computers, are now available. A massive amount of data, in compact media, can be easily lost or stolen. With these devices, attorneys and employees can lose or steal the equivalent of a truckload of information. Not properly protected, laptops and portable media can be recipes for a security disaster. One survey reported that 70% of data breaches resulted from the loss or theft of off-network equipment (laptops, portable drives, PDAs and USB drives). Strong security is a must. Encryption in now a standard security measure for protecting laptops and portable devices and attorneys should be using it. In fact, a joint U.S./UK research team has written that full disk encryption is so effective that law enforcement and federal agencies are complaining that they are unable to retrieve the encrypted data in criminal investigations. Federal courts are
3 struggling with the issue of whether compelled disclosure of passwords and passphrases for decryption is protected by the Fifth Amendment. After the high-profile theft of a Department of Veterans Affairs laptop and external hard drive containing personal information on more than 28 million veterans in 2006, security guidelines for federal agencies added the requirement of encryption of all data on laptops and portable devices, unless it is classified as non-sensitive. This was six years ago. In January 2007, 18 laptops were stolen from the offices of a law firm in Orlando. The laptops were reportedly protected by encryption, and the incident received very little publicity. In discussing this incident, the SANS Institute, a leading information security organization, noted, [l]aptop thefts aren t going away, but by this time next year, this type of item (laptop stolen, but the data was protected) shouldn t be newsworthy. That was over five years ago. In a recent data breach report, a Maryland law firm lost an unencrypted portable hard drive that contained medical records of patients in a lawsuit against its client hospital. One of the law firm s employees took home the hard drive containing backup data. This was the firm s method of ensuring that it had an offsite backup. She took the light rail system home and left the drive on the train. When she came back a few minutes later, it was gone. Backup is a good practice, but not if it exposes confidential data. If the drive had been encrypted, it would have had a strong level of protection. As it was, it had little or none. It is not uncommon for
4 backup software to have the ability to encrypt the backed up information. Generally, it is just a simple matter to check an option for the backup to be encrypted.
5 As these examples demonstrate, encryption is particularly important for laptops and portable media. A lost or stolen laptop or portable device that is encrypted is protected unless the decryption key has been compromised. There are three kinds of encryption for protecting laptops and portable devices: hardware encryption, encryption in operating systems (like Windows and Apple OS X), and encryption software. There are two basic approaches to encrypting data on hard drives: full disk encryption and limited encryption. As its name suggests, full disk encryption protects the entire hard drive. It automatically encrypts everything and provides decrypted access when an authorized user properly logs in. Limited encryption protects only specified files or folders or a part of the drive. With limited encryption, the user has to elect to encrypt the specific data. All of the hard drive manufacturers now offer hard drives with hardware full disk encryption built in. The major laptop manufacturers all offer models with these drives. Hardware encryption is generally easier to use and administer than encryption software. Some examples are Seagate Secure and Hitachi Self- Encrypting Drives. Secure use just requires enabling encryption and setting a strong password or passphrase. The contents of the drive are automatically decrypted when an authorized user logs in. It is automatically encrypted when the user logs off or the laptop is turned off. Since most encryption programs are tied to a user s password, secure passwords or passphrases are essential, and a forgotten password can lead to lost data. Automatic
6 logoff, after a specified time, is critical so that unencrypted data will not be exposed if a user goes away from a computer or forgets to turn it off. In an enterprise environment, like a law firm, access by an administrator, ability to reset passwords, backup and key recovery are essential. Installing encryption and administering it, particularly in a large enterprise, can be a challenge. Current business versions of Windows and current versions of Apple OS X have built in encryption capability. Windows Vista Enterprise and Ultimate and Windows 7 Enterprise and Ultimate include an encryption feature called BitLocker. BitLocker works below the operating system and encrypts an entire volume on the hard drive. BitLocker requires either a computer that is equipped with a Trusted Platform Module (TPM) chip on the motherboard or use of an external USB drive to hold the decryption key. If an intruder gains access to a USB key, the encryption can be defeated. Setup of both EFS and BitLocker is fairly technical. For most attorneys, it will be necessary to obtain technical assistance to implement them. The business versions of Windows also include an encryption function called Encrypted File System (EFS). It allows encryption of files and folders. An authorized user who is logged in has access to decrypted data. It is encrypted and unreadable to anyone else (unless they can defeat the login process). EFS is considered a fairly weak encryption method that is easily cracked using forensic tools. You are better off using BitLocker or one of the other third party encryption products discussed below.
7 OS X has built-in file encryption in FileVault. Newer versions have full disk encryption available in FileVault 2. Follow Apple s instructions for turning it on. After a password is set, it just requires turning on the FileVault button in System Preferences. Recent advances have attacked Apple s encryption scheme and the Passware software suite claims to be able to defeat FileVault 2 in less than an hour. Some commonly used third-party encryption software products for hard drives include those offered by Symantec (PGP and Symantec Endpoint), McAfee, Check Point, Guardian Edge, and Utimaco (Sophos). A common open source encryption program that is free and relatively easy to use is TrueCrypt. Hardware-encrypted drives and encryption software are available for USB drives and portable hard drives. Microsoft s BitLocker to Go can be used to encrypt portable devices. Individual USB drives with built-in encryption capability are also available, like the IronKey (Immation), KanguruMicro, Kingston, and SanDisk Cruzer Professional and Cruzer Enterprise. The IronKey is a favorite of the authors. It includes strong encryption, wiping if the wrong credentials are entered too many times and strong physical construction, with wiping from physical tampering. As an added bonus, several of the models contain a password management application called Identity Manager, which stores all of your 12+ character passwords in a secured, encrypted vault. Of course you can store any length password, but the current recommendation is 12 or more characters.
8 To avoid the loss of data, it is important to understand how the encryption works, to back up data that is encrypted, and to keep a copy of the recovery key in a secure place. Enterprise controls are available to centrally manage encryption. Smartphones and Tablets Smartphones and tablets are basically small computers, with substantial computing power and high storage capacity. Like laptops and other mobile devices, they can be easily lost or stolen and should be protected with encryption. BlackBerry devices have long been the gold standard for secure communications when speaking about cellular phones. If you use the BlackBerry Enterprise Server (BES) the communications are automatically encrypted. Encrypting the device itself is accomplished by enabling Content Protection. You can find that choice by navigating to Options -> Security Options -> Encryption. This is where you will set encryption for the device memory, encryption strength, contacts, media files and expansion memory card. In addition, you will need to set a password for the phone as well as the inactivity timer to lock the phone. The password and timouts are set by going to Options -> Password. A lot of law firms use BES to manage their BlackBerry devices. This centralized management will push the desired security settings to the phones with no user interaction. For iphones and ipads, hardware encryption was implemented in ios 4. All files are automatically encrypted and decrypted when the device is unlocked. It provides little protection unless Simple Passcode is turned off, Require Passcode is turned on,
9 and a strong passcode is selected. Require Passcode should be set for a short time and Erase Data should be turned on. ios also includes a feature called Data Protection. It secures s and attachments stored on the device and data in other apps that are designed to work with it. Android OS has included encryption for tablets (starting with Honeycomb) and for phones (starting with Ice Cream Sandwich). Earlier versions require third-party apps for encryption, like WhisperCore, Droid Crypt, or AnDisk Encryption. Also, Motorola and Samsung market enterprise phones with built-in encryption capability. Follow the device manufacturer s instructions for turning on encryption. It generally requires touching the Encrypt or Encrypt Tablet button in Settings. A strong PIN or password and automatic logoff after a set time are also important to keep the data encrypted. Again, it is important to follow the manufacturer s instructions when setting up encryption. Get help if you need it. First time encryption takes some time when a device has already been in use, so make sure that the battery is fully charged before starting. Weaknesses have been reported in the encryption for both ios and Android, so it is important to consider multiple levels of security. Despite some limitations, smartphones and tablets are more secure with encryption and attorneys should be using it.
11 choice for wireless networks. As with other forms of password management, the WPA2 passphrase should be long and complex. In addition to making sure that their wireless networks are secure, attorneys should ensure that third-party wireless networks that they use for client matters are protected by encryption. They should be protected by WPA2 and require a user name and password for access. This is particularly the case for public networks. Many security professionals and US-CERT have recommended that public networks should not be used for confidential communications. If public networks are to be used, attorneys obtain technical assurance that they are being securely used through protection like a virtual private network (VPN). A recent ethics opinion concluded that an attorney has an ethical duty to evaluate the security of a wireless network, home or public, before it is used for client communications and to take appropriate precautions in using it. California Formal Opinion No Particularly important to attorneys is the confidentiality and integrity of s. Respected security professionals have for years compared to postcards or postcards written in pencil. They can be viewed or altered by third parties. While some ethics have been incorrectly interpreted as saying that encryption is never required, current ethics opinions continue to stress the requirement of reasonable and competent safeguards. For example, California Formal Opinion No states encrypting may be a reasonable step for an attorney in an effort to ensure the confidentiality of such communications remain so when
12 circumstances for it, particularly if the information at issue is highly sensitive and the use of encryption is not onerous. Encryption is increasingly required in areas like banking and health care and by new state data protection laws. As these requirements continue to increase, it will become more and more difficult for attorneys to justify their avoidance of encryption. For , the term encryption is generally used to mean both encryption and the authentication process that are used, in combination, to protect . Encryption protects the confidentiality of . Authentication identifies the sender of an e- mail and verifies its integrity. Encryption is a process that translates a message into a protected electronic code. The recipient (or anyone intercepting the message) must have a key to decrypt it and make it readable. While it still takes some technical knowledge to set up, encryption has become easier to use over time. Encryption generally uses a pair of keys to encrypt the . The sender uses the recipient s public key to encrypt the and any attachments. Since the public key only encrypts the , it does not matter that it is available to the public or to various senders. The recipient then uses his or her private key to decrypt the . It needs to be safeguarded because anyone who has access to it can use it for decryption. The process is easy to use once the keys are set up in an program like Outlook. The most difficult process is getting the keys (digital IDs) and making the
13 public key available to senders. Once it is set up in Outlook, the sender just has to click on the Message tab in the Options group and click the Encrypt Message Contents and Attachments button. At the recipient s end, the message will automatically be decrypted if his or her private key has been installed. Digital authentication of also generally uses a key pair. The sender uses his or her private key to digitally sign the . The recipient then uses the sender s public key to verify the sender and integrity of the message. In Outlook, after installation of the private key, the sender clicks the Options tab in the Permission group and clicks Sign Message. After the sender s public key has been installed in the recipient s compatible program, the recipient will receive an automatic notice of verification of the sender and integrity. For protection of confidentiality and authentication, the sender s and recipient s key pairs are used in combination. The sender uses both the Encrypt Message and Attachments command button (that uses the recipient s private key) and the Sign Message command (that uses the sender s private key). At the receiving end, the e- mail program automatically uses the recipient s private key to decrypt the messages and automatically uses the sender s public key to verify authenticity and integrity. Again the challenging part is obtaining key pairs, exchanging public keys and setting them up in the program for encryption. Keys are available from commercial public key authorities like Verisign (now part of Symantec). Public key authorities have online directories where their customers public keys are available.
14 Another form of encryption is Transport Layer Security (TLS) encryption. It automatically encrypts between two gateways. If a law firm and client each have their own gateways, TLS can be used to automatically encrypt all s between them. TLS encryption protects s between gateways only. It does not protect s within the sender s and recipient s networks and does not protect that is misaddressed or forwarded through other gateways. Secure is also available from managed messaging service providers like Zixcorp, Mimecast, and Data Motion. They provide encryption without the complexity of setting up and exchanging keys. As an alternative to encryption, confidential information can be protected by putting it in a password-protected attachment rather than in the body of the . File password protection in some software, like current versions of Microsoft Office, Adobe Acrobat and WinZip uses encryption to protect security. It encrypts only the document and not the , so the confidential information should be limited to the attachment. It is generally easier to use than complete encryption of and attachments. However, the protection can be limited by the use of weak passwords that are easy to break or crack. It has now reached the point (or at least is reaching it) where most attorneys should have encryption available for use in appropriate circumstances. In addition to complying with any legal requirements that apply, the most prudent approach to the ethical duty of protecting confidentiality of electronic communications is to
15 have an express understanding with clients about the nature of communications that will be (and will not be) sent by and whether or not encryption and other security measures will be utilized. Conclusion Encryption is now a generally accepted practice in information security for protection of confidential data. Attorneys should understand encryption and use it in appropriate situations. All attorneys should use encryption on laptops, portable storage media, smartphones, and tablets that contain information relating to clients. They should make sure that transmissions over wireless networks are secure. Attorneys should have encryption available for and use it when appropriate. While most attorneys will need technical assistance to install and set up encryption, use of encryption after that is generally easy.
16 Encryption is now a generally accepted practice in information security for protection of confidential data. Attorneys should understand encryption and use it in appropriate situations. Attorneys should always use encryption on laptops, portable storage media, smartphones, and tablets that contain information relating to clients. While most attorneys will need technical assistance to install and set up encryption, use of encryption after that is generally easy.
DECRYPTING ENCRYPTION: GAINING COMPETENCE ON ENCRYPTION FOR YOUR PRACTICE Presented by the American Bar Association Legal Technology Resource Center, Law Practice Division and Center for Professional Development
Encryption is Now Cheap and Simple and May Be Ethically Required May 6, 2016 District of Columbia Bar Presenters: Sharon D. Nelson, Esq. and John W. Simek President and Vice President, Sensei Enterprises,
ENCRYPTION IS NOW CHEAP SENSEI ENTERPRISES 703.359.0700 WWW.SENSEIENT.COM AND SIMPLE AND MAY BE ETHICALLY REQUIRED! D.C. Bar Association May 6, 2016 Sharon D. Nelson, Esq. & John W. Simek email@example.com;
Ann Cavoukian, Ph.D. Information and Privacy Commissioner/Ontario Number 12 May 2007 Encrypting Personal Health Information on Mobile Devices Section 12 (1) of the Personal Health Information Protection
White paper 5 TIPS FOR HIPAA COMPLIANT MOBILE DEVICES PROTECTING PHI ON PORTABLE DEVICES 2016 SecurityMetrics 5 TIPS FOR HIPAA COMPLIANT MOBILE DEVICES 1 5 TIPS FOR HIPAA COMPLIANT MOBILE DEVICES PROTECTING
School of Medicine Information Technology Services All newly enrolled School of Medicine students are encouraged to visit the School of Medicine s IT office before orientation to obtain help configuring
Disk Encryption Aaron Howard IT Security Office Types of Disk Encryption? Folder Encryption Volume or Full Disk Encryption OS / Boot Volume Data Volume Managed or Unmanaged Key Backup and Data Assurance
Safe-Guarding Client Information Basic Data Security Training for Lawyers Sponsored by the Law Practice Management Committee of The New York State Bar Association John R. McCarron Jr, Esq. Partner, Montes
Mobile Device Security and Encryption Standard and Guidelines University Mobile Computing and Device best practices are currently defined as follows: 1) The use of any sensitive or private data on mobile
2015 Mobile Iron User Guide Information technology Sparrow Health System 9/1/2015 Contents...0 Introduction...2 Changes to your Mobile Device...2 Self Service Portal...3 Registering your new device...4
Research Information Security Guideline Introduction This document provides general information security guidelines when working with research data. The items in this guideline are divided into two different
Securing Patient Data in Today s Mobilized Healthcare Industry Securing Patient Data in Today s Mobilized Healthcare Industry 866-7-BE-GOOD good.com 2 Contents Executive Summary The Role of Smartphones
Deploying iphone and ipad Security Overview ios, the operating system at the core of iphone and ipad, is built upon layers of security. This enables iphone and ipad to securely access corporate services
Sophos Mobile Control Startup guide Product version: 3.5 Document date: July 2013 Contents 1 About this guide...3 2 What are the key steps?...5 3 Log in as a super administrator...6 4 Activate Sophos Mobile
Protecting your Data, Devices, and Digital Life in a BYOD World: A Security Primer GLENDA ROTVOLD AND SANDY BRAATHEN NBEA APRIL 2, 2015 What are You Trying to Protect? If someone got into your email, what
School of Nursing Research Seminar Data Security in The Academic Health Center Presented By Jon Harper AHC Information Systems 1 Overview of AHC-IS and Supported Services Provide desktop support to ~8500+
This document explains the acceptable use of encryption for the UTHSC system. It includes: acceptable encryption software, techniques, algorithms and instructions. Encryption methods and software are arranged
Encryption Process and Procedures Table of Contents Introduction Why do we need software encryption? Online Resources Pre Encryption Activities Process Flow Backing up your computer Run Chkdsk and Defrag
Whitepaper Enhancing BitLocker Deployment and Management with SimplySecure Addressing the Concerns of the IT Professional Rob Weber February 2015 Page 2 Table of Contents What is BitLocker?... 3 What is
DSHS CA Security For Providers Pablo F Matute DSHS Children's Information Security Officer 7/21/2015 1 Data Categories: An Overview All DSHS-owned data falls into one of four categories: Category 1 - Public
Guidelines on use of encryption to protect person identifiable and sensitive information 1. Introduction David Nicholson, NHS Chief Executive, has directed that there should be no transfers of unencrypted
Sophos Mobile Control Administrator guide Product version: 3 Document date: January 2013 Contents 1 About Sophos Mobile Control...4 2 About the Sophos Mobile Control web console...7 3 Key steps for managing
ipad in Business Security Device protection Strong passcodes Passcode expiration Passcode reuse history Maximum failed attempts Over-the-air passcode enforcement Progressive passcode timeout Data security
Table of Contents TPM Configuration Procedure... 2 1. Configuring the System BIOS... 2 2. Installing the Infineon TPM Driver and the GIGABYTE Ultra TPM Utility... 3 3. Initializing the TPM Chip... 4 3.1.
Lenovo Corporation March 2009 security white paper Management of Hardware Passwords in Think PCs. Ideas from Lenovo Notebooks and Desktops Workstations and Servers Service and Support Accessories Introduction
PRESIDIO BANK 33 Secure Email Client Guide THE BUSINESS BANK THAT WORKS 8/2013 Table of Contents Introduction.....3 Our Responsibility to Protect Confidential Information....4 Registering and Accessing
Symantec Encryption Solutions for Email, Powered by PGP Technology Data Sheet: Encryption The Problem with Email Are you worried that users are emailing sensitive information openly? According to Osterman
Supplier Information Security Addendum for GE Restricted Data This Supplier Information Security Addendum lists the security controls that GE Suppliers are required to adopt when accessing, processing,
MaaS360 FAQs This guide is meant to help answer some of the initial frequently asked questions businesses ask as they try to figure out the who, what, when, why and how of managing their smartphone devices,
IBM Software Business Analytics Cognos Business Intelligence Ensuring the security of your mobile business intelligence 2 Ensuring the security of your mobile business intelligence Contents 2 Executive
BitLocker Encryption for non-tpm laptops Contents 1.0 Introduction... 2 2.0 What is a TPM?... 2 3.0 Users of non-tpm University laptops... 2 3.1 Existing Windows 7 laptop users... 2 3.2 Existing Windows
GOV.UK Guidance BlackBerry 10.3 Work and Personal Corporate Published Contents 1. Usage scenario 2. Summary of platform security 3. How the platform can best satisfy the security recommendations 4. Network
is currently used by many large organizations including banks, health care organizations, educational institutions and government agencies. Thousands of organizations rely on File- Cloud for their file
WHITE PAPER: HOW DRIVE ENCRYPTION WORKS........................................ How Drive Encryption Works Who should read this paper Security and IT administrators Content Introduction to Drive Encryption.........................................................................................
Protecting Your Data On The Network, Cloud And Virtual Servers How SafeGuard Encryption can secure your files everywhere The workplace is never static. Developments include the widespread use of public
Identity Theft and the Tax Practice Edward K. Zollars, CPA www.cperesources.com www.currentfederaltaxdevelopments.com New Mexico Tax Conference Today s Session Identity Theft in General Size of the Problem
Why alone is not enough CenterTools Software GmbH 2013 Copyright Information in this document, including URL and other Internet Web site references, is subject to change without notice. Unless otherwise
ONE Mail Direct for Mobile Devices User Guide Version: 2.0 Document ID: 3292 Document Owner: ONE Mail Product Team Copyright Notice Copyright 2014, ehealth Ontario All rights reserved No part of this document
National Cyber Security Month 2015: Daily Security Awareness Tips October 1 New Threats Are Constantly Being Developed. Protect Your Home Computer and Personal Devices by Automatically Installing OS Updates.
Guidance for Recipients of Secure Email Messages from Lloyds Banking Group Version: 1.3 Last updated: 14/04/2016 1 Introduction This user guide is intended for third party email users users who receive,
Why alone is not enough CenterTools Software GmbH 2011 Copyright Information in this document, including URL and other Internet Web site references, is subject to change without notice. Unless otherwise
Mobile Device Management and Security Glossary February, 2011 MOBILE OS ActiveSync Exchange ActiveSync (EAS) is a Microsoft technology that allows mobile users to access their Microsoft Exchange mailboxes
User Manual for Version 126.96.36.199 Mobile Device Management (MDM) User Manual I Endpoint Protector Mobile Device Management User Manual Table of Contents 1. Introduction... 1 1.1. What is Endpoint Protector?...
Interesting New Computer Technologies for your Practice Steve McEvoy October 9 th, 2014 Paradise Island, Bahamas Goals Just so you know Stealing Your Data Today s Challenge Office Network Firewall IP Address
20140115 Securing Corporate Data and Making Life Easier for the IT Admin Benefits of Pre Boot Network Authentication Technology TABLE OF CONTENTS What s at risk for your organization? 2 Is your business
Mobile Security: Controlling Growing Threats with Mobile Device Management As the use of mobile devices continues to grow, so do mobile security threats. Most people use their mobile devices for both work
Acronis 2002-2014 Introduction When enterprise mobility strategies are discussed, security is usually one of the first topics on the table. So it should come as no surprise that Acronis Access Advanced
Pryvate App User Manual 2.0 Powered by Criptyque Pryvate is the most secure voice, email & chat app for business people & individuals that require a high level of communications encryption to protect their
How Whole Disk Encryption Works White Paper: Whole Disk Encryption How Whole Disk Encryption Works Contents Introduction to Whole Disk Encryption.....................................................................
Mobile Security Checklist An Easy, Achievable Plan for Security and Compliance Introduction Are mobile devices the weak link in your security defenses? Today, organizations are pouring millions of dollars
HP ProtectTools Embedded Security Guide Document Part Number: 364876-001 May 2004 This guide provides instructions for using the software that allows you to configure settings for the HP ProtectTools Embedded
How to enable Disk Encryption on a laptop Skills and pre-requisites Intermediate IT skills required. You need to: have access to, and know how to change settings in the BIOS be confident that your data
INFORMATION SECURITY GUIDE Employee Teleworking Information Security Unit Information Technology Services (ITS) July 2013 CONTENTS 1. Introduction... 2 2. Teleworking Risks... 3 3. Safeguards for College
MCTS Guide to Microsoft Windows 7 Chapter 7 Windows 7 Security Features Objectives Describe Windows 7 Security Improvements Use the local security policy to secure Windows 7 Enable auditing to record security
Certified Secure Computer User Exam Info Exam Name CSCU (112-12) Exam Credit Towards Certification Certified Secure Computer User (CSCU). Students need to pass the online EC-Council exam to receive the
Security Architecture Whitepaper 2015 by Network2Share Pty Ltd. All rights reserved. 1 Table of Contents CloudFileSync Security 1 Introduction 1 Data Security 2 Local Encryption - Data on the local computer
Secure Email User Guide Transport Layer Security (TLS) Pretty Good Privacy (PGP) PDF Messenger 1 Contents 1 Introduction... 3 2 Transport Layer Security (TLS).4 3 Pretty Good Privacy (PGP).5 4 PDF Messenger...
Page 2 of 14 Securing Critical Corporate Data in a Mobile World Page 3 of 14 Table of Contents 1 Mobile is the New Normal... 4 1.1 The Critical Importance of Mobile Security... 4 1.2 Mobile Security Challenges...
Setting up SJUMobile (Wireless Internet Access for personal devices) St. John s University provides wireless internet access to personal devices for all current registered students. To setup a connection,
The Security Rule of The Health Insurance Portability and Accountability Act (HIPAA) Security Training Introduction The HIPAA Security Rule specifically requires training of all members of the workforce.
Security Guide BlackBerry Enterprise Service 12 for ios, Android, and Windows Phone Version 12.0 Published: 2015-02-06 SWD-20150206130210406 Contents About this guide... 6 What is BES12?... 7 Key features
User Manual I Endpoint Protector Mobile Device Management User Manual Table of Contents 1. Introduction... 1 1.1. What is Endpoint Protector?... 2 2. Activation of Mobile Device Management... 3 2.1. Activation
BlackBerry Enterprise Service 10 Secure Work Space for ios and Android Version: 10.1.1 Security Note Published: 2013-06-21 SWD-20130621110651069 Contents 1 About this guide...4 2 What is BlackBerry Enterprise
Encryption: Ensuring Information Security Colin Chisholm CISSP, GCIH Information Security Analyst Associate Information Security & Systems / Compliance firstname.lastname@example.org Agenda Encryption - Explanation
Technical Safeguards is the third area of safeguard defined by the HIPAA Security Rule. The technical safeguards are intended to create policies and procedures to govern who has access to electronic protected
Smart TPM User's Manual Rev. 1001 12MD-STPM-1001R We recommend that you download the latest version of the Smart TPM utility from GIGABYTE's website. If you have installed Ultra TPM earlier, you can install
HIPAA Information Security Overview Security Overview HIPAA Security Regulations establish safeguards for protected health information (PHI) in electronic format. The security rules apply to PHI that is
Citi Secure Email Program Receiving Secure Email from Citi For External Customers and Business Partners Protecting the privacy and security of client information is a top priority at Citi. Citi s Secure
STRONGER AUTHENTICATION for CA SiteMinder Adding Stronger Authentication for CA SiteMinder Access Control 1 STRONGER AUTHENTICATION for CA SiteMinder Access Control CA SITEMINDER provides a comprehensive
*****This document is intended to be used by faculty and staff only***** Faculty and Staff at Booth can configure their Android, BlackBerry, iphone, Palm webos or other Active Sync device to connect to
Airnet-Student Airnet-Student is a new and improved wireless network that is being made available to all Staffordshire University students. Airnet-Student has two key advantages over the current Airnet
Advanced Configuration Steps After you have downloaded a trial, you can perform the following from the Setup menu in the MaaS360 portal: Configure additional services Configure device enrollment settings
Cloud Services MDM ios User Guide 10/24/2014 CONTENTS Overview... 3 Supported Devices... 3 System Capabilities... 3 Enrollment and Activation... 4 Download the Agent... 4 Enroll Your Device Using the Agent...
COMMONWEALTH OF PENNSYLVANIA DEPARTMENT S OF PUBLIC WELFARE, INSURANCE AND AGING INFORMATION TECHNOLOGY STANDARD Name Of Standard: Mobile Device Standard Domain: Security Date Issued: 09/07/2012 Date Revised:
Encrypting the Private Files on Your Computer Presentation by Eric Moore, CUGG June 12, 2010 I. File Encryption Basics A. Encryption replaces data within a file with ciphertext which resembles random data
Document Owner: Page 1 of 5 Mobile Tablet Devices Purpose The purpose of this document is to provide guidance for the appropriate purchase and usage of Mobile Tablet Devices (devices running ios and Android
For your eyes only - Encryption and DLP Erkko Skantz Symantec Finland 1 USER PRODUCTIVITY INFORMATION MANAGEMENT DATA CENTER SECURITY 2 Focus on information 3 Today's System-Centric Enterprise Data Center