A Guide to Mobile Security For Citizen Journalists
|
|
- Kimberly Fletcher
- 8 years ago
- Views:
Transcription
1 A Guide to Mobile Security For Citizen Journalists Your Citizen journalism, and with it the rise of alternative media voices, is one of the most exciting possibilities for mobile phones in activism. Mobile phones are used to compose stories, capture multi-media evidence and disseminate content to local and international audiences. This can be accomplished extremely quickly, making mobile media tools attractive to citizens and journalists covering rapidly unfolding events such as protests or political or other crises. The rise of mobiles has also helped extend citizen journalism into transient, poor or otherwise disconnected communities. However, for those working under repressive regimes, citizen journalism can be a double-edged sword. Anything you create and disseminate can be used against you, whether through the legal system or in other more sinister forms of suppression. Bloggers and online activists have various tools at their disposal to provide anonymous browsing, encryption, and privacy protection when working from a PC. For mobiles, the options are far fewer. Currently, anonymous browsing (through Tor) requires an Android phone, but encrypted content uploads over https are possible with many of the newer feature phones. At the same time, we know that security depends as much on setting (and sticking to) good protocols as on the communication tools you use. You can minimise risk by using a phone that cannot immediately be traced to you, or by capturing notes, images and video on a phone but uploading from a securely-configured PC.
2 Mobile Technologies and Threats (Or: Knowing Your Enemy) In our Mobile Surveillance Primer, we discussed the security and privacy threats inherent in mobile communications, and offered some suggestions on how to avoid surveillance. Here's a quick recap. We encourage you to read the entire article, however! SMS and MMS (multi-media messages/pictures and are transmitted unencrypted across the GSM network. Anyone with access to the network (a hacker with some fairly inexpensive encryption cracking technology, the mobile network operator itself, or anyone who is able to co-opt them) can see the content of your message as well as a slew of identifying information: unique numbers identifying the phone and SIM card, the time of the message and approximate location of the sender, and the phone number of the recipient. Voice calls are similarly vulnerable, with the added danger of identifying you by your voice (if recorded). You could also be overheard by someone in close physical proximity. Mobile Internet connections reveal all the identifying information of the phone, as well as the address of the site being visited. Unless you are using an encrypted (https) connection, all your data is also transmitted in plain text. This leaves you vulnerable not only to hackers on the GSM network and network operators, but also to anyone who is able to watch your traffic on the Internet. In general, third party applications have access to all of the above as well. They may also contain malicious code that can access and transmit data from your phone without your knowledge. Avoid installing third party apps on a phone you want to use securely. Once you upload data to a website, you are bound by the terms of service of that site. The site owners may hand over any identifying information (such as your IP address) they have about you, or be compelled to do so. This doesn't sound very promising - it's not. There are very few tools available for secure mobile communications, and none that are ideal in their current state. However, there are some options for users of feature phones, and more for
3 smartphones. When combined with a careful strategy, apps for encrypted communication and anonymous browsing can improve the security of your mobile journalism work. Doing Secure Internet Research: Anonymous Browsing on Android with Tor If you're looking to invest in secure mobile communication, Android phones are a good bet. Smartphone platforms in general are better able to perform the 'heavy lifting' required for secure communication. Android itself is largely open source, making it harder to hide malicious code. The rise of the widely-supported open source smartphone platform also opens the way for the development of an Android version with security built in at operating system level - the goal of the ongoing Guardian Project. Right now, there are many applications in development, but few with viable releases for immediate use. TorProxy, an Android application that provides anonymous routing of Internet traffic through the Tor network, comes closest. After installing TorProxy and Shadow, an anonymous web browser, it is possible to browse without revealing the source or destination of your Internet traffic. Tor also provides encryption for all but the final communication stage between the last Tor server in the chain (the Tor 'exit node') and the destination. The major weakness of the TorProxy/Shadow approach is that, because of a bug in the Android platform, it is not currently possible to use Shadow to communicate over https. Https is the encrypted version of the hypertext transfer protocol (http) used to browse the web. Sites that require the user to log in before they can add content - web services, twitter, photo sharing sites such as flickr, major blogging platforms - often use https for authentication, and cannot be accessed without it. Without https, the Tor exit node can also access the unencrypted contents of your communication. If the exit node is malicious, this can be a critical security risk.
4 The TorProxy/Shadow is good for maintaining anonymity while researching or reading online, but unless the https bug is fixed, critically restricted when it comes to disseminating content. In our tests, it was also extremely slow on unreliable mobile networks (3G was usable, but EDGE/GPRS was not). Even when used for browsing, Tor can be vulnerable in certain situations. For example, Flash video (such as YouTube) is blocked by default because it could compromise your privacy. You are strongly advised to read more about how Tor works to understand when you are and are not protected. It's also worth noting that there is some concern about the security of the original Java library(onioncoffee) from which TorProxy was developed. We're hoping to see improvements and other implementations in the coming months. If you're interested in a more robust implementation of Tor for Android, you should follow developments on Orbot, which is part of the Android Guardian project. In Short: TorProxy and Shadow provide a version of Tor for Android phones Good for: research and browsing - Tor provides anonymous browsing Major weakness: Shadow does not currently support https. Sites that require you to log in won't work, and Tor exit nodes can see your traffic. Orbot is another implementation of Tor for Android. It looks promising, but is currently still under development. How to do it: Download TorProxy and Shadow from the Android marketplace, and configure following these instructions. There's also an illustrated setup guide. Resources: How Tor works: technical overview or layman's guide What Tor does and does not do OrBot, a possible future alternative to TorProxy, is currently in development as part of the Guardian project. Keep an eye out for updates!
5 Secure Content Uploading: Browsing and with https Even if you aren't able to use Tor to browse anonymously, browsing with https - the encrypted version of http, the protocol used to access websites - can still protect the content you upload. Although https versions of sites such as gmail ( and twitter ( do not protect you from having the source, destination, size and time of your upload recorded, the content itself is encrypted while in transit. Most smartphone browsers support https, so if you have a smartphone, you should be able to access https sites out of the box. You could also try Opera Mobile (not Mini), a secure alternative to the default browser available for Nokia and Windows Mobile smartphones. It's also possible to use Opera Mini to access sites over https from many other phones. There are two caveats here, both related to the browser's use of an intermediary server to optimize sites for display on mobile devices. If you have a very old phone and are using Opera Mini Basic, your connection between the phone and Opera Mini's optimization server is not encrypted at all, and should not be considered secure. Most people should be using Opera Mini Advanced, which encrypts both the connection between you phone and the optimization server and the onward connection to the destination site. However, both versions allow the optimization server to access the data unencrypted. If an adversary were to gain control of the Opera Mini optimization server, they would be able to observe your communication. Again, this isn't a perfect solution. For content uploading, https has two major problems: Not many mobile sites are fully https-enabled. Mobile sites like m.wordpress.com are only https-enabled during log-in. This means that
6 your username and password are not revealed to the network. However, after the log-in page, the site switches back to using regular http, which means that all the content you are uploading are available to the network. is one of the only content uploading sites that has site-wide support for https on the mobile web. While browsing https sites, the network can still see the source, destination, size, and times of your uploads. Looking at upload sizes and times of content on the websites themselves, adversaries may be able to link you to the content you upload. And since they know the source of the upload, they will be able to figure out which SIM and phone you used to upload the content, as well as the location of that SIM and phone on the network. To avoid these issues, we suggest the following tactics: If you find https-enabled sites for uploading content, make sure to change the publicly viewable upload time of content you upload. While this may not help you if the uploading site's server logs are compromised, there will be less publicly available information linking you and your phone to the content you uploaded. You should also consider using only sites that are commonly used in your location, so that you aren't the only person accessing the site at a particular time. Use https-enabled as an intermediate step rather than uploading your content directly from you phone. If you are able to connect with a trusted contact who can access the Internet anonymously from a PC running Tor, ing your content to this person to upload will make it harder to trace its origin. Alternatively, many sites allow you to upload content to an existing account (which you need to have created previously, ideally from a PC running Tor or an anonymous proxy) via . Wordpress.com offers upload functionality, as doyoutube and flickr. Both gmail and hushmail offer https webmail, although gmail does not encrypt messages stored on its servers. An attacker who is able to breach gmail's security could view your messages.
7 Hushmail stores messages in encrypted form, but is still vulnerable to attackers who are able to guess a user's passphrase. They also warn that they will cooperate with subpoenas issued by Canadian courts. Because of the way hushmail works (the recipient must visit the hushmail site to decrypt a message), it is not suited for uploads. In the free version, total storage is also limited to 2MB, so you'll need to reduce the size of image, video and sound files before uploading if you want to use the service with large attachments. Gmail's message storage is much more generous. In Short: Browsing over https encrypts the content of your communication, but not the source or destination. Most smartphone browsers support end-to-end encryption over https, as does Opera Mobile. Opera Mini basic isn't secure. Opera Mini Advanced encrypts your content everywhere except the Opera Mini optimization servers Many content uploading platforms allow you to submit content using an submission address. Consider sending to such as address (or a trusted human being) using https-enabled webmail. How to do it: Download Opera Mobile here or by browsing to m.opera.com/mobile on the phone Download Opera Mini for your phone model here or by browsing to m.opera.com on the phone. If you're not sure which version you're using (basic or advanced) you can check by looking at the startup screen: when you launch the advanced version, you'll see the opera mini logo, while the basic version shows only text.
8 Resources: A review of the security features of popular webmail services, from lifehacker. Only gmail and hushmail are reasonable options. A Guide to Anonymous Blogging using Tor, by Ethan Zuckerman at Global Voices. Although the first part of the article is about how to install Tor on a Windows PC, it's worth reading for tips on accessing Wordpress.com anonymously. If you're planning to ask a trusted contact to upload content on your behalf, they should definitely be using Tor! Bruce Schreiner's security analysis of encrypted webmail services Coordinating and Uploading without Security: Anonymous Throwaway Phones Even if your phone isn't capable of running special software to allow you to browse and upload content, you can still take practical steps to improve your security. Purchasing an anonymous phone - one which cannot immediately be traced to you - and a prepaid SIM card is a good way to prepare for situations where the timing and content of your message is important enough that you are willing to discard the phone after use. An anonymous phone can be used to capture and disseminate information via the mobile web, SMS, or MMS, or to increase mainstream media coverage of an event by tipping off sympathetic journalists. MobileActive's Surveillance primer has some general information about how to avoid surveillance, and this guide from FreeB.E.A.G.L.E.S deals with buying and maintaining an anonymous phone. As more and more countries require SIM registrations, however, buying a SIM anonymously is becoming harder to do. It bears repeating that SMS and MMS are transmitted completely unencrypted, and that the network operators of the sender and recipient have access not only to the identitifying number of the phones and SIMs involved, but also to a reasonably accurate location estimate. If you suspect that an adversary is co-operating with the network operator, you should be extremely careful using these services at all.
9 In Short: Sometimes, you message might be so important that you're willing to send it unencrypted Try these tips to buy and use a phone anonymously Never re-use a phone or a SIM that could have been linked to suspicious activity
Mobile Security Survival Guide for Journalists. katrin verclas melissa loudon Alix dunn
Mobile Security Survival Guide for Journalists katrin verclas melissa loudon Alix dunn The Mobile Security Survival Guide for Journalists helps you better understand the risks inherent in the use of mobile
More informationIntroduction to Encryption What it s all about
Introduction to Encryption What it s all about At MOA Project, we believe privacy and the ability to communicate without government or corporate eavesdropping is a basic right of all people. Some groups,
More informationHiding Tracks on the Net
Hiding Tracks on the Net Ways one might hide their tracks Private Browsing Anonymizers & Proxy Servers SSL / TLS Passwords False Information Public Networks Email Services Encryption Firewalls Private
More information9236245 Issue 2EN. Nokia and Nokia Connecting People are registered trademarks of Nokia Corporation
9236245 Issue 2EN Nokia and Nokia Connecting People are registered trademarks of Nokia Corporation Nokia 9300 Configuring connection settings Legal Notice Copyright Nokia 2005. All rights reserved. Reproduction,
More informationKeep Hackers Guessing: Protecting Corporate Information While On The Go
Keep Hackers Guessing: Protecting Corporate Information While On The Go Proactive tips for wireless information security for traveling professionals. In today s world where WiFi hotspots are available
More informationProtect Your Online Footprint. HINTS & TIPS provided by MWR InfoSecurity and the Data Baby project
HINTS & TIPS provided by MWR InfoSecurity and the Data Baby project Logging on is now one of the first things we do every day. And every time we do, we leave a trace, often without giving a thought to
More informationWeb Application Firewall
Web Application Firewall Getting Started Guide August 3, 2015 Copyright 2014-2015 by Qualys, Inc. All Rights Reserved. Qualys and the Qualys logo are registered trademarks of Qualys, Inc. All other trademarks
More informationRegain Your Privacy on the Internet
Regain Your Privacy on the Internet by Boris Loza, PhD, CISSP from SafePatrol Solutions Inc. You'd probably be surprised if you knew what information about yourself is available on the Internet! Do you
More informationCMPT 471 Networking II
CMPT 471 Networking II Firewalls Janice Regan, 2006-2013 1 Security When is a computer secure When the data and software on the computer are available on demand only to those people who should have access
More informationNokia and Nokia Connecting People are registered trademarks of Nokia Corporation
Nokia and Nokia Connecting People are registered trademarks of Nokia Corporation Nokia E70 Configuring connection settings Nokia E70 Configuring connection settings Legal Notice Copyright Nokia 2006. All
More informationNokia E61i Configuring connection settings
Nokia E61i Configuring connection settings Nokia E61i Configuring connection settings Legal Notice Copyright Nokia 2007. All rights reserved. Reproduction, transfer, distribution or storage of part or
More informationSecureCom Mobile s mission is to help people keep their private communication private.
About SecureCom Mobile SecureCom Mobile s mission is to help people keep their private communication private. We believe people have a right to share ideas with each other, confident that only the intended
More informationArchitecture. The DMZ is a portion of a network that separates a purely internal network from an external network.
Architecture The policy discussed suggests that the network be partitioned into several parts with guards between the various parts to prevent information from leaking from one part to another. One part
More informationNokia for Business. Nokia and Nokia Connecting People are registered trademarks of Nokia Corporation
Nokia for Business Nokia and Nokia Connecting People are registered trademarks of Nokia Corporation Nokia E50 Configuring connection settings Nokia E50 Configuring connection settings Legal Notice Copyright
More informationAnonymity on the Internet Over Proxy Servers
Anonymity on the Internet Over Proxy Servers Final Product Fábio Rodrigues ei08116@fe.up.pt Matej Bulić ei12010@fe.up.pt Introduction user always leaves digital sign need for security and anonymity Proxy
More informationConfiguring connection settings
Configuring connection settings Nokia E90 Communicator Configuring connection settings Nokia E90 Communicator Configuring connection settings Legal Notice Nokia, Nokia Connecting People, Eseries and E90
More informationNational Cyber Security Month 2015: Daily Security Awareness Tips
National Cyber Security Month 2015: Daily Security Awareness Tips October 1 New Threats Are Constantly Being Developed. Protect Your Home Computer and Personal Devices by Automatically Installing OS Updates.
More informationThe Increasing Threat of Malware for Android Devices. 6 Ways Hackers Are Stealing Your Private Data and How to Stop Them
The Increasing Threat of Malware for Android Devices 6 Ways Hackers Are Stealing Your Private Data and How to Stop Them INTRODUCTION If you own a smartphone running the Android operating system, like the
More informationSecure Email Client User Guide Receiving Secure Email from Mercantile Bank
Receiving Secure Email from Contents This document provides a brief, end-user overview of the Secure Email system which has been implemented by. Why Secure Email? When someone sends you an email, the email
More informationInternet Privacy Options
2 Privacy Internet Privacy Sirindhorn International Institute of Technology Thammasat University Prepared by Steven Gordon on 19 June 2014 Common/Reports/internet-privacy-options.tex, r892 1 Privacy Acronyms
More informationElectronic Communication In Your Practice. How To Use Email & Mobile Devices While Maintaining Compliance & Security
Electronic Communication In Your Practice How To Use Email & Mobile Devices While Maintaining Compliance & Security Agenda 1 HIPAA and Electronic Communication 2 3 4 Using Email In Your Practice Mobile
More informationThe data which you put into our systems is yours, and we believe it should stay that way. We think that means three key things.
Privacy and Security FAQ Privacy 1. Who owns the data that organizations put into Google Apps? 2. When can Google employees access my account? 3. Who can gain access to my Google Apps administrative account?
More informationQuick Start Guide. Cerberus FTP is distributed in Canada through C&C Software. Visit us today at www.ccsoftware.ca!
Quick Start Guide Cerberus FTP is distributed in Canada through C&C Software. Visit us today at www.ccsoftware.ca! How to Setup a File Server with Cerberus FTP Server FTP and SSH SFTP are application protocols
More informationGetting a Secure Intranet
61-04-69 Getting a Secure Intranet Stewart S. Miller The Internet and World Wide Web are storehouses of information for many new and legitimate purposes. Unfortunately, they also appeal to people who like
More informationKeep Yourself Safe from the Prying Eyes of Hackers and Snoopers!
Protect Your Privacy Online P 7/1 Keep Yourself Safe from the Prying Eyes of Hackers and Snoopers! With the information in this article you can: Find out what secret information your PC is sharing with
More informationDispatch: A Unique Email Security Solution
Dispatch: A Unique Email Security Solution 720 836 1222 sales / support sales@absio.com email www.absio.com web 8740 Lucent Boulevard, Ste 101 Highlands Ranch, CO, 80129 1 110-WP005-1 Organizations use
More informationCONS No plug-ins to ease use with email client programs.
StartMail EDITOR RATING: EXCELLENT Review Date March 19, 2015 BY NEIL J. RUBENKING It doesn't cost you a thing to search the Internet or to send an email to your friends, right? Well, maybe there is a
More informationUsing Foundstone CookieDigger to Analyze Web Session Management
Using Foundstone CookieDigger to Analyze Web Session Management Foundstone Professional Services May 2005 Web Session Management Managing web sessions has become a critical component of secure coding techniques.
More informationUnless otherwise stated, our SaaS Products and our Downloadable Products are treated the same for the purposes of this document.
Privacy Policy This Privacy Policy explains what information Fundwave Pte Ltd and its related entities ("Fundwave") collect about you and why, what we do with that information, how we share it, and how
More informationCommon Cyber Threats. Common cyber threats include:
Common Cyber Threats: and Common Cyber Threats... 2 Phishing and Spear Phishing... 3... 3... 4 Malicious Code... 5... 5... 5 Weak and Default Passwords... 6... 6... 6 Unpatched or Outdated Software Vulnerabilities...
More informationConnected from everywhere. Cryptelo completely protects your data. Data transmitted to the server. Data sharing (both files and directory structure)
Cryptelo Drive Cryptelo Drive is a virtual drive, where your most sensitive data can be stored. Protect documents, contracts, business know-how, or photographs - in short, anything that must be kept safe.
More informationHow To Use Quantum Rbs Inc. Small Business Backup
Small Business Backup & Recovery (File Servers, Peer-to-Peer, Laptops, Desktops) Smart Features: Continuous Backup Anywhere Access to Backed Up Data Simple Rate Plan Secure Bank Grade Encryption Open Files
More informationFilter Avoidance and Anonymous Proxy Guard
March 21, 2011 Author: Audience: SWAT Team Evaluator Product: Cymphonix Network Composer EX Series, XLi OS version 9 Filter Avoidance and Anonymous Proxy Guard Filter Avoidance The award winning XLi technology
More informationUSC Marshall School of Business ShareFile_With_Outlook_Client_v2.docx 6/12/13 1 of 9
About ShareFile When you wish to send someone a file or need a file from someone else, your best option is to use ShareFile. It not only provides increased security by automatically encrypting files but
More informationHushmail Express Password Encryption in Hushmail. Brian Smith Hush Communications
Hushmail Express Password Encryption in Hushmail Brian Smith Hush Communications Introduction...2 Goals...2 Summary...2 Detailed Description...4 Message Composition...4 Message Delivery...4 Message Retrieval...5
More informationIIS, FTP Server and Windows
IIS, FTP Server and Windows The Objective: To setup, configure and test FTP server. Requirement: Any version of the Windows 2000 Server. FTP Windows s component. Internet Information Services, IIS. Steps:
More informationStrategies to Mitigate Targeted Cyber Intrusions Mitigation Details
CYBER SECURITY OPERATIONS CENTRE 13/2011 21 July 2011 Strategies to Mitigate Targeted Cyber Intrusions Mitigation Details INTRODUCTION 1. This document provides further information regarding DSD s list
More informationZOOMIN.TV PRIVACY POLICY Last updated: 5 August 2014
ZOOMIN.TV PRIVACY POLICY Last updated: 5 August 2014 We're always working to make our services even better. One of the ways we do that is by analyzing information we collect and receive about users in
More informationCookies themselves do not require personal information to be used and, in most cases, not personally identify Internet users.
About Cookies Website latelier-restaurant.ro uses cookies. The following information is intended to inform the user more information about placing, use and administration "cookies" used by the website
More informationThe Benefits of SSL Content Inspection ABSTRACT
The Benefits of SSL Content Inspection ABSTRACT SSL encryption is the de-facto encryption technology for delivering secure Web browsing and the benefits it provides is driving the levels of SSL traffic
More informationSECUR IN MIRTH CONNECT. Best Practices and Vulnerabilities of Mirth Connect. Author: Jeff Campbell Technical Consultant, Galen Healthcare Solutions
SECUR Y IN MIRTH CONNECT Best Practices and Vulnerabilities of Mirth Connect Author: Jeff Campbell Technical Consultant, Galen Healthcare Solutions Date: May 15, 2015 galenhealthcare.com 2015. All rights
More informationPartnership with Benetech, a non-profit organization that develops and supports Martus, secure information management software for human rights
Partnership with Benetech, a non-profit organization that develops and supports Martus, secure information management software for human rights monitoring. 1 Benetech creates and develops new technology
More informationTrend Micro Incorporated reserves the right to make changes to this document and to the products described herein without notice.
Trend Micro Incorporated reserves the right to make changes to this document and to the products described herein without notice. Before installing and using the software, please review the readme files,
More informationSYSPRO App Store: Registration Guide
SYSPRO App Store: Registration Guide SYSPRO App Store Registration Guide 2 Table of Contents What is the SYSPRO App Store?... 3 The SYSPRO App Store URL... 3 Who can use it?... 3 Register as a customer...
More informationMedia Server Installation & Administration Guide
Media Server Installation & Administration Guide Smarter Surveillance for a Safer World On-Net Surveillance Systems, Inc. One Blue Hill Plaza, 7 th Floor, PO Box 1555 Pearl River, NY 10965 Phone: (845)
More informationGUIDE TO KEEPING YOUR SOCIAL MEDIA ACCOUNTS SECURE
GUIDE TO KEEPING YOUR SOCIAL MEDIA ACCOUNTS SECURE Defense Media Activity TABLE OF CONTENTS PROTECTIVE MEASURES... 2 PREPARATION CHECKLIST... 2 IF YOU SUSPECT YOUR ACCOUNT IS COMPROMISED, THE FOLLOWING
More informationHigh Speed Internet - User Guide. Welcome to. your world.
High Speed Internet - User Guide Welcome to your world. 1 Welcome to your world :) Thank you for choosing Cogeco High Speed Internet. Welcome to your new High Speed Internet service. When it comes to a
More informationWhat is Web Security? Motivation
brucker@inf.ethz.ch http://www.brucker.ch/ Information Security ETH Zürich Zürich, Switzerland Information Security Fundamentals March 23, 2004 The End Users View The Server Providers View What is Web
More informationSECURE E-MAIL COMMUNICATIONS PLAN Updated August 25, 2011
SECURE E-MAIL COMMUNICATIONS PLAN Updated August 25, 2011 Introduction In October, 2008, the Division of Welfare and Supportive Services (DWSS) announced the introduction of secure e-mail through ASM 17-08.
More informationSecurity from the Ground Up eblvd uses a hybrid-asp model designed expressly to ensure robust, secure operation.
eblvd enables secure, cloud-based access to a PC or server over the Internet. Data, keyboard, mouse and display updates are transmitted over a highly compressed, encrypted stream, yielding "as good as
More informationDefense Media Activity Guide To Keeping Your Social Media Accounts Secure
Guide To Keeping Your Social Media Accounts Secure Social media is an integral part of the strategic communications and public affairs missions of the Department of Defense. Like any asset, it is something
More informationSECURITY RECOMMENDATIONS INTERNET BANKING TRANSACTIONAL
SECURITY RECOMMENDATIONS INTERNET BANKING TRANSACTIONAL This page should provide customers with all the information they need concerning the security of a transactional Internet banking site and, in particular,
More informationEncrypting Business Files in the Cloud
Quick Guide for IT-Security and Data Privacy Encrypting Business Files in the Cloud Requirements for data security in the cloud End to end encryption Secure file transfers Data Security in the Cloud A
More informationHow To Manage Web Content Management System (Wcm)
WEB CONTENT MANAGEMENT SYSTEM February 2008 The Government of the Hong Kong Special Administrative Region The contents of this document remain the property of, and may not be reproduced in whole or in
More informationEgnyte App for Android Quick Start Guide
Egnyte App for Android Quick Start Guide Introduction Welcome to the Quick Start Guide for the Egnyte App for Android. This guide will explain how to: Access files. Download content for offline access.
More informationData Security using Encryption in SwiftStack
Data Security using Encryption in SwiftStack May 2015 Copyright 2015 SwiftStack, Inc. swiftstack.com Page 1 of 11 Table of Contents Introduction... 3 Defining Three Threat Models... 3 Encrypted Data and
More informationNetwork setup and troubleshooting
ACTi Knowledge Base Category: Troubleshooting Note Sub-category: Network Model: All Firmware: All Software: NVR Author: Jane.Chen Published: 2009/12/21 Reviewed: 2010/10/11 Network setup and troubleshooting
More informationPrivacy Policy. Introduction. Scope of Privacy Policy. 1. Definitions
Privacy Policy Introduction This Privacy Policy explains what information TORO Limited and its related entities ("TORO") collect about you and why, what we do with that information, how we share it, and
More informationSophos Mobile Control SaaS startup guide. Product version: 6
Sophos Mobile Control SaaS startup guide Product version: 6 Document date: January 2016 Contents 1 About this guide...4 2 About Sophos Mobile Control...5 3 What are the key steps?...7 4 Change your password...8
More informationMANAGED FILE TRANSFER: 10 STEPS TO SOX COMPLIANCE
WHITE PAPER MANAGED FILE TRANSFER: 10 STEPS TO SOX COMPLIANCE 1. OVERVIEW Do you want to design a file transfer process that is secure? Or one that is compliant? Of course, the answer is both. But it s
More informationUser Guide - Table of Contents
User Guide - Table of Contents Receiving Faxes Fax-to-Email Web Access to Faxes File Format Options Receiving Faxes on Wireless Devices Receiving Faxes Securely Integration and API Methods Archive Service
More informationCovert Channels. Some instances of use: Hotels that block specific ports Countries that block some access
Covert Channels Covert Channels Tunnels that are used to bypass filters and intrusion detection systems Use traffic that is thought to be something else (i.e. DNS tunnels) Can also provide encryption (i.e.
More informationIntro to Firewalls. Summary
Topic 3: Lesson 2 Intro to Firewalls Summary Basic questions What is a firewall? What can a firewall do? What is packet filtering? What is proxying? What is stateful packet filtering? Compare network layer
More informationPenetration Testing for iphone Applications Part 1
Penetration Testing for iphone Applications Part 1 This article focuses specifically on the techniques and tools that will help security professionals understand penetration testing methods for iphone
More informationTrend Micro Incorporated reserves the right to make changes to this document and to the products described herein without notice.
Trend Micro Incorporated reserves the right to make changes to this document and to the products described herein without notice. Before installing and using the software, please review the readme files,
More informationKnow the Risks. Protect Yourself. Protect Your Business.
Protect while you connect. Know the Risks. Protect Yourself. Protect Your Business. GETCYBERSAFE GUIDE FOR S MALL AND MEDIUM BUSINESSES GetCyberSafe Guide for Small and Medium Businesses i ii Table of
More informationSSL EXPLAINED SSL EXPLAINED
1 Table of Contents Introduction... 3 What is SSL?... 4 How does SSL work?... 7 Google & SSL... 11 SSL/TLS... 13 Web Filtering SSL... 14 About Lightspeed Systems... 26 2 Introduction SSL is a challenge
More informationFileCloud Security FAQ
is currently used by many large organizations including banks, health care organizations, educational institutions and government agencies. Thousands of organizations rely on File- Cloud for their file
More informationUsing your Encrypted BlackBerry
Using your Encrypted BlackBerry How do I change the Language on my BlackBerry? 1. On the Home screen or in a folder, click the Options icon. 2. Click Typing and Input > Language. 3. To change the display
More informationSynology QuickConnect
Synology QuickConnect Based on DSM 5.2 Synology Inc. Table of Contents Chapter 1: Introduction What is QuickConnect?... 3 Chapter 2: How QuickConnect Works Overview... 4 QuickConnect Connectivity Test...
More informationThis session was presented by Jim Stickley of TraceSecurity on Wednesday, October 23 rd at the Cyber Security Summit.
The hidden risks of mobile applications This session was presented by Jim Stickley of TraceSecurity on Wednesday, October 23 rd at the Cyber Security Summit. To learn more about TraceSecurity visit www.tracesecurity.com
More informationProtecting Your Organisation from Targeted Cyber Intrusion
Protecting Your Organisation from Targeted Cyber Intrusion How the 35 mitigations against targeted cyber intrusion published by Defence Signals Directorate can be implemented on the Microsoft technology
More informationSOLITEC products or services for which a separate privacy policy is provided.
1 of 9 Privacy Policy This Privacy Policy explains what information SOLITEC Software Solutions GesmbH and its related entities ( SOLITEC ) collect about you and why, what we do with that information, how
More informationCREATING YOUR ONLINE PRESENCE
CREATING YOUR ONLINE PRESENCE Congratulations on signing up for your webhosting package, you ve just completed the first and most important step in establishing your online presence. There are just a few
More information9243060 Issue 1 EN. Nokia and Nokia Connecting People are registered trademarks of Nokia Corporation
9243060 Issue 1 EN Nokia and Nokia Connecting People are registered trademarks of Nokia Corporation Nokia 9300i Configuring connection settings Nokia 9300i Configuring connection settings Legal Notice
More informationWeb Security School Final Exam
Web Security School Final Exam By Michael Cobb 1.) Which of the following services is not required to run a Windows server solely configured to run IIS and publish a Web site on the Internet? a. IIS Admin
More information"ASM s INTERNATIONAL E-Journal on Ongoing Research in Management and IT"
To Study the Overall Cloud Computing Security Using Virtual Private Network. Aparna Gaurav Jaisingpure/Gulhane Email id: aparnagulhane@gmail.com Dr.D.Y.Patil Vidya Pratishthan s Dr. D.Y Patil College of
More informationBit Chat: A Peer-to-Peer Instant Messenger
Bit Chat: A Peer-to-Peer Instant Messenger Shreyas Zare shreyas@technitium.com https://technitium.com December 20, 2015 Abstract. Bit Chat is a peer-to-peer instant messaging concept, allowing one-to-one
More informationTransition Networks White Paper. Network Security. Why Authentication Matters YOUR NETWORK. OUR CONNECTION.
Transition Networks White Paper Why Authentication Matters YOUR NETWORK. OUR CONNECTION. : Why Authentication Matters For most organizations physical security is a given. Whether it is video surveillance,
More informationDetailed Description about course module wise:
Detailed Description about course module wise: Module 1: Basics of Networking and Major Protocols 1.1 Networks and its Types. 1.2 Network Topologies 1.3 Major Protocols and their Functions 1.4 OSI Reference
More informationABC PRIVACY POLICY. The ABC is strongly committed to protecting your privacy when you interact with us, our content, products and services.
ABC PRIVACY POLICY The ABC is strongly committed to protecting your privacy when you interact with us, our content, products and services. Our goal is to provide you and your family with media experiences
More informationPublished : 2013-12-02 License : None
K9 1 2 Published : 2013-12-02 License : None INTRODUCTION K-9 Mail is an email application (app) for Android phones or tablets. K-9 supports multiple mailboxes, each independently configurable. T his ability
More informationSecurity Awareness. ITS Security Training. Fall 2015
Security Awareness ITS Security Training Fall 2015 Why am I here? Isn t security an IT problem? Technology can address only a fraction of security risks. You are a primary target, or rather, your data
More informationWelcome. Thank you for choosing Cogeco High Speed Internet.
Welcome Welcome Thank you for choosing Cogeco High Speed Internet. Welcome to the endless range of possibilities available to you with your new High Speed Internet service. When it comes to speed, you
More informationCOORDINATED THREAT CONTROL
APPLICATION NOTE COORDINATED THREAT CONTROL Interoperability of Juniper Networks IDP Series Intrusion Detection and Prevention Appliances and SA Series SSL VPN Appliances Copyright 2010, Juniper Networks,
More informationWhat should I do if I have problems with my account statement?
Internet: Availability & Ordering Will I have to change my email address? If you currently have an e-mail address from an internet provider that you will be disconnecting after your NeuBeam service is
More informationTABLE OF CONTENT. Page 2 of 9 INTERNET FIREWALL POLICY
IT FIREWALL POLICY TABLE OF CONTENT 1. INTRODUCTION... 3 2. TERMS AND DEFINITION... 3 3. PURPOSE... 5 4. SCOPE... 5 5. POLICY STATEMENT... 5 6. REQUIREMENTS... 5 7. OPERATIONS... 6 8. CONFIGURATION...
More informationJunos Pulse for Google Android
Junos Pulse for Google Android User Guide Release 4.0 October 2012 R1 Copyright 2012, Juniper Networks, Inc. Juniper Networks, Junos, Steel-Belted Radius, NetScreen, and ScreenOS are registered trademarks
More informationCONFIGURING AND USING WEBDAV IN LENOVO EMC LIFELINE
White Paper CONFIGURING AND USING WEBDAV IN LENOVO EMC LIFELINE CONTENTS Introduction 1 Audience 1 Terminology 1 Enabling WebDAV on Your Lenovo Network Storage Device 1 Accessing Shares from Your Computer
More informationAn Analysis of Twitter s App Based Two- Factor Authentication and Recovery System
An Analysis of Twitter s App Based Two- Factor Authentication and Recovery System By Alexander Tong December 2014 Abstract This paper attempts to analyze the potential of app based two- factor authentication
More informationMANAGED FILE TRANSFER: 10 STEPS TO HIPAA/HITECH COMPLIANCE
WHITE PAPER MANAGED FILE TRANSFER: 10 STEPS TO HIPAA/HITECH COMPLIANCE 1. OVERVIEW Do you want to design a file transfer process that is secure? Or one that is compliant? Of course, the answer is both.
More informationConfiguring your email client to connect to your Exchange mailbox
Configuring your email client to connect to your Exchange mailbox Contents Use Outlook Web Access (OWA) to access your Exchange mailbox... 2 Use Outlook 2003 to connect to your Exchange mailbox... 3 Add
More informationMaaS360 Mobile Enterprise Gateway
MaaS360 Mobile Enterprise Gateway Administrator Guide Copyright 2013 Fiberlink Communications Corporation. All rights reserved. Information in this document is subject to change without notice. The software
More informationINTERNET EMAIL DOCUMENT SECURITY & PRIVACY RESOURCES
INTERNET EMAIL DOCUMENT SECURITY & PRIVACY RESOURCES AN AMP-3 PREPAREDNESS PRIMER Resources Compiled and Printed by Amp-3, LLC V2.0 rev April 2014 ! INTERNET EMAIL DOCUMENT SECURITY & PRIVACY RESOURCES
More informationRDM on Demand Privacy Policy
RDM on Demand Privacy Policy Ataccama Corp. www.ataccama.com info@ataccama.com Toronto, CA Prague, CZ London, UK Stamford, US 1 ATACCAMA RDM ON DEMAND PRIVACY POLICY 1. Ataccama Corp. ("Ataccama") and
More informationFacebook Smart Card FB 121211_1800
Facebook Smart Card FB 121211_1800 Social Networks - Do s and Don ts Only establish and maintain connections with people you know and trust. Review your connections often. Assume that ANYONE can see any
More informationTenth Judicial Circuit of Florida Information Systems Acceptable Use Guidelines Polk, Hardee and Highlands Counties as of January 2014
Tenth Judicial Circuit of Florida Information Systems Acceptable Use s Polk, Hardee and Highlands Counties as of January 2014 The following guidelines define the acceptable use of information technology
More informationMaaS360 Mobile Enterprise Gateway
MaaS360 Mobile Enterprise Gateway Administrator Guide Copyright 2014 Fiberlink, an IBM Company. All rights reserved. Information in this document is subject to change without notice. The software described
More informationCloud Server powered by Mac OS X. Getting Started Guide. Cloud Server. powered by Mac OS X. AKJZNAzsqknsxxkjnsjx Getting Started Guide Page 1
Getting Started Guide Cloud Server powered by Mac OS X Getting Started Guide Page 1 Getting Started Guide: Cloud Server powered by Mac OS X Version 1.0 (02.16.10) Copyright 2010 GoDaddy.com Software, Inc.
More informationGoogle Drive @ Holy Family University
Google Drive @ Holy Family University A Hard Drive in the Cloud. Access & share anything everywhere Google Docs has been retired and replaced by Drive. And if you are familiar with Google Docs, Google
More information