(800) 441-6612    |    +1 (339) 368-5641
LuxSciLuxSci
Secure Email,
Web and Form Solutions
Phone: 800-441-6612
sales@luxsci.com
support@luxsci.com

Simplicity is: logging in without a username or password

Published: July 28th, 2014

“I really like what I can do in the web interface, but having to enter my username and password to login each time is extra work.”

We’ve seen the above comment many times.  Identity verification, as everyone who has not been lost on a desert island for 10 years knows, is really, really important these days.  But like many aspects of security, it can be rather annoying.

On the bright side, there are a number of ways to get around this step and make the login process simpler without necessarily making your account less secure.  Here is how we have helped many customers simplify their Internet life.

Read the rest of this post »

Share Post: More...

Encryption and Auditing for MySQL Databases under HIPAA

Published: July 21st, 2014

We get a number of questions every week regarding MySQL databases and HIPAA web site compliance. These range from confusion over auditing of access to stored ePHI to what HIPAA’s data encryption requirements actually are to how HIPAA applies to MySQL databases. Here, we will attempt to address some of these subtle questions for you.

Read the rest of this post »

Share Post: More...

LuxSci’s New WebMail Composer FAQs — How do I …?

Published: July 9th, 2014

To learn about the new WebMail Composer and our ongoing plans for enhancing the LuxSci web interface, see The Beginning of the New Luxsci Interface.  In this document, we answer common questions about the new composer; in particular, shedding light on things that are different to help acquaint you with the changes.

What does Composer look like?

Read the rest of this post »

Share Post: More...

The Beginning of the New LuxSci Interface

Published: June 24th, 2014

LuxSci is in the process of re-imagining and re-inventing the major components of its web-based user interface …. from the ground up.  We are taking some of the most important feature requests from our customers, together with the newest technologies that have matured over the past few years, and re-designing these major components to be simpler, faster, modern, and slick.

Read the rest of this post »

Share Post: More...

Schedule Your Email Filters to Work Best for You

Published: May 9th, 2014

Email FilterWould you like to be able to schedule an auto-response to be sent out not only based on criteria such as recipient email address, but also based on what day of the week and the time?  Perhaps you would like a message to fire off only when you are “off shift”. Or, perhaps certain types of messages should be forwarded to a colleague when you are “off shift”.

LuxSci has introduced day of the week and time scheduling into its powerful custom email filtering system.

Custom email filters enable you to match messages with razor precision to perform a wide range of actions on matching messages — e.g. forwarding, deleting, tagging, auto-responding, and much more.

The new scheduling option allows you to configure each filter to be used

  1. Only during a specified time range on selected days of the week.  E.g. 9am – 5pm Eastern time on Monday, Wednesday and Friday.
  2. Anytime except  during a specified time range on selected days of the week.  E.g. I work am – 5pm Eastern time on Monday, Wednesday and Friday, so have the filter be used on all other days and times.

The Filter Scheduling option can be configured in the “Additional Settings” area when you are creating or editing a custom filter in the LuxSci interface.

Share Post: More...

SecureForm Form Builder Supports Custom JavaScript

Published: May 7th, 2014

LuxSci’s SecureForm service includes “Form Builder,” which allows customers to visually build and host secure web forms… without needing any special software, hosting, or SSL certificates.

The Form Builder service now supports the addition of custom blocks of JavaScript to each of the hosted pages (with jQuery also automatically included).  Using custom JavaScript blocks, customers can now do things such as:

  1. Conditional logic — show and hide parts of the form dynamically
  2. Dynamically load content from external sources using AJAX
  3. Provide complex user interface elements
  4. Implement custom validation scenarios
  5. Anything else you can think of

Custom JavaScript blocks allow developers to extend the pages built by the SecureForm Builder service to do almost anything they would like…. at no additional charge.

Share Post: More...

OpenID and OAuth Vulnerabilities … LuxSci is not Vulnerable

Published: May 6th, 2014

OpenIDLuxSci provides OpenID services for facilitate easy and/or secure access to its WebMail services.

On May 2, a security researcher issued a notice that OpenID and OAuth have vulnerabilities that might allow a malicious website to hijack a response from a social login. Initial investigations from the OpenID Foundation indicate that this is not a new discovery, and that mitigations are clearly outlined in the OAuth Threat Model document. However, it has received coverage in the popular tech press. The threat is that the callback URL or redirect URI is compromised, which could lead to a customer’s data being shared with a malicious website, as well as the user being directed to another website.

In short, LuxSci’s OpenID solution is not vulnerable to this issue and our users are safe to use OpenID with LuxSci.

None of the OpenID providers that we support are vulnerable to this issue (e.g. Google, facebook, twitter, etc.) Facebook and Twitter were both vulnerable several years ago, but Twitter changed their protocol and facebook deprecated their OAuth 1.x support which had the bug.   In the newer OpenID 2.0 specification, the language describing how things must work was cleared up to say that validation checks at issue must be performed (version 1.x only said that they were optional). Several other mentions of this issue have appeared in various publications and have confused it with general phishing attacks, which is a real, but different problem.

Share Post: More...

Import CSV files into your MySQL database tables

Published: April 30th, 2014

LuxSci’s MySQL database hosting console now enables you to import data into MySQL database tables directly from a CSV (Comma Separated Variables) file, e.g. a simple and universal form that spreadsheets can be saved or exported to.

Why would you want to import data from CSV?  Well, you could do the same thing by writing SQL code and importing this to your database or by connecting remotely to your database and issuing commands.  But both of those methods take some time and expertise to set up.  If you have a spreadsheet of data or a CSV of data created from some other system (e.g. customer information, contact lists, inventories, etc.), you can simply upload this file and populate your database with its new contents in a matter of seconds.

Read the rest of this post »

Share Post: More...

LuxSci takes email privacy seriously … Google owns your Gmail data forever

Published: April 16th, 2014

In recent news, Google is warning consumers that Gmail and google apps are actively scanning your email.

What does this mean?  Google on Tuesday edited its privacy policy to say:

Our automated systems analyze your content (including emails) to provide you personally relevant product features, such as customized search results, tailored advertising, and spam and malware detection. This analysis occurs as the content is sent, received, and when it is stored.

When you upload, submit, store, send or receive content to or through our Services, you give Google (and those we work with) a worldwide license to use, host, store, reproduce, modify, create derivative works (such as those resulting from translations, adaptations or other changes we make so that your content works better with our Services), communicate, publish, publicly perform, publicly display and distribute such content.

Read the rest of this post »

Share Post: More...

HIPAA and Heartbleed … Are you automatically in breach?

Published: April 15th, 2014

Under the HIPAA Privacy Rule, a breach is defined as:

Breach means the acquisition, access, use, or disclosure of protected health information in a manner not permitted under subpart E of this part which compromises the security or privacy of the protected health information.

Based on this definition, merely having been vulnerable to a security exploit (e.g. Heartbleed) does not constitute a beach and does not trigger breach notification law.

So — just because you used a system that was vulnerable to Heartbleed, does not mean that a breach occurred or that any type of reporting is needed.  Imagine if it did … practically everyone would have to report and that would overwhelm Health and Human Services!

Read the rest of this post »

Share Post: More...
Security Certifications TRUSTe EU Safe Harbor Thawte Extended Validation SSL Certificate McAfee Secure Authorize.net Merchant
• Access Anywhere
• Fast and Robust
• Super Secure
• Tons of Features
• Customizable
• Mobile Friendly

Send and receive email from your favorite programs, including:

 Microsoft Outlook
 Mozilla Thunderbird
 Apple Mail
 Windows Mail

... Virtually any program that supports POP, IMAP, or SMTP

Keep your email, contacts, and calendars in sync:

 Apple iPhone and iPad
 Android Devices
 BlackBerry
 Windows Phone

... Any device with Exchange ActiveSync (EAS) support

Relay your server's mail through LuxSci via smarthost:

• Resolve issues with ISP sending limits and restrictions
• Improve deliverability with better IP reputation and IP masking
• Take advantage of Email Archival and HIPAA Compliance
• Even setup smarthosting from Google Apps!

Free web site hosting with any email account:

• Start with up to 10 web sites and MySQL databases
• DNS services for one domain included
• Tons of features and fully HIPAA capable

LuxSci's focus on security and privacy:

• Read The Case for Email Security
• Read Mitigating Security & Privacy Threats
• Review our Privacy Policy

The most accurate, flexible, and trusted filters in the business:

• Premium protection with Intel Security Saas
• Realtime virus database guards against the latest threats
• Seven-day quarantine lets you put eyes on every filtered email
• Supplement with our Basic Spam Filter for even more features

End-to-end secure email encryption — to anyone, from anyone:

• No setup required — encryption is automatic and easy to use
• Secure outbound email with TLS, PGP, S/MIME, or Escrow
• Free inbound encryption via our SecureSend portal
• Independent of your recipient's level of email security
• Widely compatible and fully HIPAA Compliant

Add an extra layer of security with an SSL Certificate:

• Secure your web site
• Debrand LuxSci WebMail with your own secure domain
• Access secure email services via your own secure domain

Encrypt your service traffic via secure tunnel:

• Add another layer of security to your SSL connections
• WebMail, POP, IMAP, SMTP, web/database access
• SecureForm posts, SecureLine Escrow, SecureSend access
• Restrict your account to VPN access only

Secure long-term message archival:

• Immutable, tamperproof email retention with audit trails
• No system requirements — minimal setup, even less upkeep
• Realtime archival of all inbound and outbound messages
• Works anywhere — even with non-LuxSci email hosting

Free data backups included with all email hosting accounts:

• Automatic backups of all email, WebAides, web/database data
• Seven daily backups and up to four weekly backups
• Unlimited restores included at no additional cost
• Custom backup schedules for dedicated servers

Automate your email management:

• Save messages to specific folders or to LuxSci WebAides
• Advanced text scanning with regular expressions
• Tag messages, alter subject lines, or add custom headers
• Filter by message charset, type, TLS status, DKIM status
• Chain filters together for even more complex actions

• Bulk add and edit users, aliases and more
• Control sharing and access globally or on a granular level
• Delegate user roles through permissions
• Configure account-wide taglines, sending restrictions, and more
• Remotely administer account via SOAP API

Share, collaborate, organize, synchronize:

• Calendars, Contacts, Documents, Notes, Widgets, Workspaces
• Fine-grained access control and security
• Access anywhere via secure web portal or smartphone
• Save over solutions like Microsoft Exchange

Free folder sharing for all email hosting accounts:

• Share mail folders with other users in your account
• Subscribe to only the folders you want to see
• Set read-only or read-write access control
• View all personal and shared folders via unified web interface

Color code and label your email messages:

• Define and assign multiple IMAP keywords to each message
• Filter, search, and sort by tags
• Compatible and synchronizes with any IMAP email client
• Also usable with WebAide entries