Gold Lock Desktop White Paper



Similar documents
E-commerce. Security. Learning objectives. Internet Security Issues: Overview. Managing Risk-1. Managing Risk-2. Computer Security Classifications

Securing Data at Rest ViSolve IT Security Team

Security Goals Services

Connected from everywhere. Cryptelo completely protects your data. Data transmitted to the server. Data sharing (both files and directory structure)

Information Security Services

Transparent Data Encryption: New Technologies and Best Practices for Database Encryption

Bootstrapping Secure Channels of Communication Over Public Networks

CPSC 467b: Cryptography and Computer Security

Ky Vu DeVry University, Atlanta Georgia College of Arts & Science

More effective protection for your access control system with end-to-end security

CRYPTOGRAPHY IN NETWORK SECURITY

AIRDEFENSE SOLUTIONS PROTECT YOUR WIRELESS NETWORK AND YOUR CRITICAL DATA SECURITY AND COMPLIANCE

Encrypted Communication Based on BlockChain and PKI Technology.

Security Issues with Integrated Smart Buildings

How To Use Pretty Good Privacy (Pgp) For A Secure Communication

SafeNet DataSecure vs. Native Oracle Encryption

INTRODUCTION... 3 FREQUENCY HOPPING SPREAD SPECTRUM... 4 SECURED WIRELESS COMMUNICATION WITH AES ENCRYPTION... 6

E-commerce. business. technology. society. Kenneth C. Laudon Carol Guercio Traver. Second Edition. Copyright 2007 Pearson Education, Inc.

Skoot Secure File Transfer

What is Really Needed to Secure the Internet of Things?

Secure Socket Layer. Introduction Overview of SSL What SSL is Useful For

SecureAge SecureDs Data Breach Prevention Solution

Content Teaching Academy at James Madison University

Encryption Doesn t Always Protect Your Data. Presented by: Joe Sturonas PKWARE

128-Bit Versus 256-Bit AES Encryption

How To Encrypt Data With Encryption

Counter Expertise Review on the TNO Security Analysis of the Dutch OV-Chipkaart. OV-Chipkaart Security Issues Tutorial for Non-Expert Readers

White Paper. Enhancing Website Security with Algorithm Agility

Blaze Vault Online Backup. Whitepaper Data Security

nwstor Storage Security Solution 1. Executive Summary 2. Need for Data Security 3. Solution: nwstor isav Storage Security Appliances 4.

Networked Systems Security

Software Engineering 4C03 Research Project. An Overview of Secure Transmission on the World Wide Web. Sean MacDonald

AIRDEFENSE SOLUTIONS PROTECT YOUR WIRELESS NETWORK AND YOUR CRITICAL DATA SECURITY AND COMPLIANCE

The Hidden Dangers of Public WiFi

GoldKey Product Info. Do not leave your Information Assets at risk Read On... Detailed Product Catalogue for GoldKey

7 Network Security. 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework. 7.5 Absolute Security?

Compter Networks Chapter 9: Network Security

Sync Security and Privacy Brief

Application Security in the Software Development Lifecycle

12/3/08. Security in Wireless LANs and Mobile Networks. Wireless Magnifies Exposure Vulnerability. Mobility Makes it Difficult to Establish Trust

Data Encryption WHITE PAPER ON. Prepared by Mohammed Samiuddin.

WHITE PAPER AUGUST Preventing Security Breaches by Eliminating the Need to Transmit and Store Passwords

Wireless Security for Mobile Computers

CHAPTER 1 INTRODUCTION

Secured Enterprise eprivacy Suite

Network Security: Introduction

Our Key Security Features Are:

DRAFT Standard Statement Encryption

Lecture Objectives. Lecture 8 Mobile Networks: Security in Wireless LANs and Mobile Networks. Agenda. References

The Feasibility and Application of using a Zero-knowledge Protocol Authentication Systems

Evolution from FTP to Secure File Transfer

EECS 588: Computer and Network Security. Introduction January 14, 2014

A Decision Maker s Guide to Securing an IT Infrastructure

Course Content Summary ITN 261 Network Attacks, Computer Crime and Hacking (4 Credits)

Künftige Cyber-Attacken: Risiken und Techniken. Future Cyber attacks: Risks and techniques. Prof. Dr. T. Nouri sd&m

Enterprise Cybersecurity Best Practices Part Number MAN Revision 006

PrivyLink Internet Application Security Environment *

Whitepaper on AuthShield Two Factor Authentication with ERP Applications

Network Security Course Specifications

Is your data safe out there? -A white Paper on Online Security

CS5008: Internet Computing

EXECUTIVE BRIEF. IT and Business Professionals Say Website Attacks are Persistent and Varied. In this Paper

Building A Secure Microsoft Exchange Continuity Appliance

Information Security

a) Encryption is enabled on the access point. b) The conference room network is on a separate virtual local area network (VLAN)

Quantum Safe Security Workgroup Presentation. Battelle / ID Quantique / QuantumCTek CSA EMEA Congress, Rome 19 November 2014

Topics in Network Security

Client Server Registration Protocol

Safeguarding Data Using Encryption. Matthew Scholl & Andrew Regenscheid Computer Security Division, ITL, NIST

Self-Encrypting Hard Disk Drives in the Data Center

Compliance. Review. Our Compliance Review is based on an in-depth analysis and evaluation of your organization's:

Protecting Your Data On The Network, Cloud And Virtual Servers

Cryptography & Digital Signatures

COSC 472 Network Security

Security Features of SellerDeck Web Sites

Getting a Secure Intranet

ETHICAL HACKING APPLICATIO WIRELESS110 00NETWORK APPLICATION MOBILE MOBILE0001

How To Pass A Credit Course At Florida State College At Jacksonville

PCI Compliance for Healthcare

Computer Networks. Network Security and Ethics. Week 14. College of Information Science and Engineering Ritsumeikan University

Part I. Universität Klagenfurt - IWAS Multimedia Kommunikation (VK) M. Euchner; Mai Siemens AG 2001, ICN M NT

Techniques of Asymmetric File Encryption. Alvin Li Thomas Jefferson High School For Science and Technology Computer Systems Lab

SENSE Security overview 2014

Enterprise Computing Solutions

RSA Solution Brief RSA. Encryption and Key Management Suite. RSA Solution Brief

SecureD Technical Overview

DataTrust Backup Software. Whitepaper Data Security. Version 6.8

The Nasuni Security Model

7 VITAL FACTS ABOUT HEALTHCARE BREACHES.

Transcription:

Gold Lock Desktop White Paper TM EMAIL AND FILE ENCRYPTION SOFTWARE Effective Data Security in the 21st Century Evaluating the needs of appropriate data security and identifying the risks in the modern corporate environment.

EMAIL AND FILE ENCRYPTION SOFTWARE The Need for File and Data Security in the Digital Age Data security and privacy in today's world of global communication and information sharing is a growing concern and an increasing number of corporations and businesses continue to neglect the risks of not following appropriate data security and privacy measures. In the past five years, corporate espionage has become much easier thanks the advent of technology, which makes it possible for anyone with a laptop and relatively cheap equipment to eavesdrop on internet connections and computers remotely. This creates a genuine risk for both corporations and individuals alike as more and more people realize how easy it is to steal valuable information from other systems. However, Information privacy can be achieved with the aid of modern cryptography that ensures that in the likelihood of a security breach, damage is minimal and that data theft becomes a non-issue with the use of technologies such as High-grade encryption. This document aims to highlight the needs of effective File and E-mail security, by examining some of the risks and discussing some worst-case scenarios that may lead to disaster without appropriate prevention. In particular, this document aims to cover the following topics: Examining current technology and the security of file system data Looking at the increase of accidental and intentional corporate espionage Risks associated with Data theft and appropriate prevention strategies Information access control policies and theft prevention. Security for satellite workers and remote personnel The document aims to prevent a critical overview of the risks present to locally stored information because of the implications of lax data security in both a business environment and a corporate one. By examining current cryptographic technology and looking at unlawful intrusions, it will highlight the need for an appropriate data security policy for every organization that relies on information technology. 2

RISKS OF EVERYDAY DATA THEFT AND PREVENTION OF ESPIONAGE According to national and international studies, system attacks and successful network penetrations are on the rise and this presents a great deal of risk to global facing corporations, which suffer from the problem of being largely exposed on the Internet. This problem is highlighted in particular when employees access insecure information on a regular basis, which then leads to a security breach due to lackadaisical policies on web control and internet access. In Today's connected world, the Internet is a necessary tool for most outward facing companies, not only just for e-mail but also research, marketing and in some cases financial transactions. As a result, personal and corporate exposure is at an all-time high and we have now reached a period where many companies are being targeted by hackers and snoopers. Nevertheless, information security is not network security, and these two forms of protection should be isolated and seen as different layers of security. 1. Network Zones grouping systems with similar security requirements together. 2. Strong network firewall protecting individual zones and overall network. 3. System management and secure user management and authentication. 4. Information Security with File encryption on a disk-based and filebased level. 5. Employee awareness and training. The aspect of file information security this guide will focus on is the methods contained within Data and file encryption on a file-based level by explaining the issues and highlighting the many risks that corporations can be exposed to with insufficient protection. Ensuring file and e-mail security By adopting the five-layer security model mentioned previously, corporations are able to ensure that information systems remain as secure as possible, and that risks from file-theft are minimal, but in today's information age, 3

inter-departmental e-mail communication is a necessity, and with the adage of WIFI networks, the risks of being caught up in a snooping or MITM attack are high. To combat this risk, e-mail encryption has been developed to ensure that confidential e-mail communiqués are secured and protected from eavesdropping and packet snooping. File Encryption and Cryptography Explained Since man could first read and write, there has always been attempts made to obfuscate data so that it was only ever readable by those intended, and up until the 20th century, this was all done by hand. A few thousand years later, information security has evolved into the multi-million dollar industry it is today, and with the advent of cryptology, cryptanalysis has now been born which is the study of breaking various codes and ciphers. In its simplest form, a cipher is a mathematical algorithm or set of rules that are used to encrypt or decrypt information in a way that is only readable by those that know the 'key'. This ensures relative security when keys are protected well, and that sufficient strength of cipher is used to ensure mathematical or computational attacks are impossible. Keys are elements of data, which are used to ensure that the cipher can encrypt the information required and that it is possible to be decrypted by the person who holds the decryption cipher. Depending on the type of cipher used, there may or may not be multiple ciphers required (Asymmetric Keys vs. Symmetric Keys). Hackers and crackers are becoming increasingly more adept at breaking the 'un-crack able' encryption algorithms and ciphers, by either direct brute-force attacks against the cyphertext or theft of private encryption keys. Technological breakthroughs has ensured that cryptanalysis, and successful reverse engineering methods are possible with the advent of technology such as distributed computing, and also the birth of the supercomputer. As a direct result, many corporations are relying on old and outdated data encryption technologies that have been proven unreliable by international organizations and government bodies such as the NSA. 4

As a direct result of the rise in cyber-snooping and all out digital warfare, how does an organization know that it can rely on encryption technologies and ensure that they are adequately protected not just for the immediate future, but also for the long term? Windows File system Encryption & Data Storage Issues Vulnerabilities The windows operating system is being used by millions of computers worldwide, and many corporations are neglecting the fact that this operating system comes under constant daily attack by those that seek to steal not just the data of corporate organizations, but any information thieves can get their hands on. As a direct result, many corporation and home systems are more than likely at risk. By Relying on Windows file security, which is vulnerable to attack, corporations are effectively giving information thieves access to their files, user passwords and e-mail communications. Hackers are known for their ability to exploit system vulnerability, and subsequently capture whole networks of computers to search for valuable information that has the potential to cost organizations millions of dollars to recover. Security professionals recommend that third-party encryption be used to ensure that organizations are not limited in choice of cryptography and that they are not being affected by export laws, which effectively handicap and restrict the capabilities of U.S produced software. Using third-party file and e-mail encryption software, organizations can ensure that password security is not the weak-point in security policy. Windows security measures base everything on a single password, which as a direct result creates numerous weaknesses due to the many times it is used from remote-login to roaming and accessing network shares. As a result, relying on password security is no longer an appropriate method of ensuring data privacy, and only by using high-level encryption methods, which the operating system does not support by default, can organizations actually ensure the security and privacy of data. 5

DEVELOPING STRONG ENCRYPTION POLICY The Encryption Standards present an everyday operating systems have seen numerous attacks, and various vulnerabilities, so corporations are advised to use encryption methods that are recommended by governments known for their international independence in encryption related matters. Organizations and individuals need to make informed choices based on encryption techniques not software reputation. Proof of this is evident in Microsoft Windows, which sees critically high adoption rates, yet is known for its insecurities. DES Encryption or (Data Encryption Standard) up until very recently was one of the main forms of encryption used by the US government for sensitive information from 1976. Because of its governmental popularity, it enjoyed widespread use on an international level based on a 56-bit Key model. AES Encryption Is the current evolution of DES and the primary choice of symmetric key algorithm by Gold Line Group Ltd. The Advanced Encryption Standard (AES) uses the AES-256 block cipher, which has been analyzed extensively by worldwide academia and governmental institutions. AES was ratified in 2001 as the replacement to DES, and it has been effectively standard in government since 2002. At the time of writing, AES is currently one of the most popular forms of encryption algorithms for symmetric key cryptography due to its high security and speed that it provides for both hardware based encryptions, and also software computations. RSA Encryption differs from AES encryption due to its nature, as it is primarily an asymmetric key algorithm, which is used for public-key cryptography. RSA was one of the first algorithms developed that involved using both a public key and a private key to encrypt and sign messages. RSA is known to be vulnerable when used with small keys and as a result, many software applications tend to use RSA keys, which are below 1024 bits. 1024 bits is theoretically breakable, however RSA (2048) remains physically and theoretically unbreakable. Gold Lock Desktop uses RSA (2048) to ensure maximum security. 6

DEVELOPING STRONG ENCRYPTION POLICY There are a variety of ways in which hackers and information thieves will try to breach system defenses in order to try to acquire information or disrupt business, however there are two main categories of attacks : General Security Probing Which falls under the realms of general computer hacking. System breaches do occur as a result of general security probing, and often more times than not the result is an attack which brings down network infrastructure. This is perhaps the more traditional form of hacking, and whilst carries significant risk, does not pose as significant a threat to Intellectual property. Targeted System Attacks, which are for example cases of corporate espionage, when the attacker is motivated to specifically cause harm to one individual company or government. These attacks may be financially motivated in cases of corporate sponsored espionage, or personally motivated by those with a personal grudge against the corporation. These targeted system attacks do not just stop at general probing, but aim to acquire and steal any valuable piece of information that is available on the data system. We will discuss the main aspects of targeted security attacks below: Man in the Middle Attacks are effectively snooping attacks, which place the attacker directly in-between communications of both parties. The attacker then literally acts as a silent proxy and subsequently has the ability to eavesdrop on information and manipulate it without either party's awareness. Using encryption can eliminate the effectiveness of MITM attacks however, it is important to use good key security by using verbal verifications and authentication to ensure that key security is maintained on a regular basis. Side Channel Attacks have been present in hardware solutions for a while, yet they also exist in the software world between the encryption algorithm and the software used. It is effectively like safe cracking as it analyzes variables in the system to gain information about the cryptographic process being used. Timing attacks, power-monitoring attacks and observational attacks are examples of side channel vulnerabilities. It is possible to minimize side channel attacks by ensuring that good system administration policies are followed, and that unauthori zed system use is kept to a minimum. 7

Weak Key Attacks is perhaps the most well known vulnerability of poorly coded encryption software. With today's availability of distributed computing, and super computers, a weak encryption key can sometimes be cracked in seconds. Many 'corporate' level products release software that is based on old, or out dated technologies such as DES or Triple-DES, and these are known to be vulnerable to weak-key attacks. By using encryption algorithms that use small keys, vulnerability exists, which hackers can exploit using either brute force attacks or mathematical computation using a variety of methods. Social Engineering happens to be the major weakness of developing strong encryption protocols. File and e-mail encryption will only ever be as effective as the people that are trained to use it. Without adequate security awareness training, the greatest vulnerability to information security and key divulgence will be by the users themselves. By raising awareness and teaching basic security principles such as key privacy, organizations ensure that their systems are secure not only from data theft, but also from the risks of satellite workers, remote access and e-mail communications. Conclusion By using modern encryption technologies, corporations can ensure that their assets and intellectual property are not under threat even if systems are compromised. Effective encryption guarantees against theft, and it ensures that only those that need access to information are allowed to have it. By looking at past government disclosures based on information loss and theft, one can see how urgent the need for rigorous data security policies are. By ensuring that data and e-mail communications are secured with encryption, data theft and loss thus becomes a non-issue if appropriate cryptography methods are used in conjunction with adequate user education. 8

About Gold Lock Desktop Gold Lock Desktop implements Advanced Encryption Standard (AES) encryption using a 256-Bit key. This is based on the Rijndael algorithm, which is a symmetric block cipher, which has been standardized as according to FIPS 197, and is certified up to top-secret level by CNSS Policy No.15 Each component of the Gold Lock Desktop has been tested against most conceivable attacks, and the Israeli government (Ministry of Defense) has certified Gold Lock Desktop, and its manufacturer Gold Line Group Ltd. Gold Lock uses encryption technology as well, namely RSA utilizing a public and private key system to encrypt and secure messages Based on a 2048-bit key system. Gold Lock Desktop provides secure military grade file e-mail encryption, which ensures that information sent over unsecured networks is only viewable by its intended recipients. By using transparent encryption methods, utilizing our software is both simple and straightforward. This encourages good data security practices and it minimizes the effects of a security breach. By applying a third-party software solution such as Gold Lock Desktop with appropriate security awareness and end-user training, organizations effectively immunize themselves against the theft of data and save significant expense when compared to other solutions. Gold Lock Desktop is available free of charge from our corporate website: http://www.gold-lock.com. 9

About Gold Line Group Ltd. Gold Line Group Ltd. - a mobile security company, which focus on developing solutions to the threats of corporate espionage and information theft. Established 2003, Gold Line Group have became an international leader in providing secure point-to-point IT and telecommunications encryption solutions, which subsequently allow individuals and organizations to protect files, communications and intellectual property from theft. Gold Line Group employs a team of over 20 analysts, programmers and mathematicians, which are constantly analyzing the current trends on information theft and digital security. They currently market a range of products including Gold Lock Desktop a file and e-mail based encryption, which delivers military grade encryption for email communications and files on the windows platform. Gold Lock Enterprise Delivering high-grade encryption solutions to corporations which extends to VOIP, text and file transfer using fully encrypted ECIES using ECC-256 and 18,384 Bits data integrity authentication (based on a modified Diffie-Hellman algorithm) and AES -256 Bits encryption. 10

Gold Line Group Ltd. (Israel) Mobile Security Division Corporate Headquarters Tel: +972 8935 2335 Fax: +972 8935 2335 Meginei Hagalil 5 Rehovot, 76200 Israel Time Zone: EET = East-European time = GMT+2 Hours

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information