Posts Tagged ‘ssl’
Wednesday, December 9th, 2009
LuxSci has released its new “SecureForm” service. Quickly make your web site or PDF forms secure and HIPAA compliant. Receive the form data, including uploaded files, via secure email or download the data securely from LuxSci’s web interface.
What forms types are supported by SecureForm?
- Web site forms hosted anywhere
- File uploads up to 50MB and 25 files per post
- PDF forms hosted anywhere
How can you receive the form data?
Read the rest of this post »
Tags: csv, documents, html, pdf, pdf form, secure, secure form, secureform, ssl, web form, webaides
Posted in New Feature Announcements
No comments »
Friday, May 22nd, 2009
 It used to be that to send an email, you had very few choices and even less control over what happened once the message was sent, how many emails you could send, or how you connected to the Internet to send email. Well, times have changed, the Internet has evolved, users are more savvy, and expectations are much higher.
Today, LuxSci offers five different ways to send outbound email, each geared to particular uses and needs. In this article, we will describe each method, examine the pros and cons, and end with a feature chart. Our goal is to make your outbound email shopping experience straightforward and to provide you with an email service appropriate for your needs.
Read the rest of this post »
Tags: anonymous, authentication, bulk mailing, disclaimers, location, message, outbound email, ports, recipients, security, sending email, size, smarthost, smtp, ssl, taglines, tls
Posted in Business Solutions, LuxSci Library: The Technical Side of Email
1 Comment »
Tuesday, March 17th, 2009
 The situation: your organization needs to collect information from clients through from(s) on your web site, but that information is sensitive. So, you need to be absolutely sure that the information is transferred from the users of your web site to you in as secure a fashion as possible. This means that
- no one but you (or optionally your authorized staff) can intercept or read the information,
- the information is never stored insecurely anywhere
- the information cannot be modified without your knowledge
Why would this high level of security and privacy be necessary? There are many cases where they are essential; some of these include:
Read the rest of this post »
Tags: encryption, hipaa, pgp, phishing, s/mime, secure, secure email, secure web form, ssl, ssl certificate, web form, web site
Posted in LuxSci Library: Web Design and Programming, TechNotes
No comments »
Saturday, March 14th, 2009
 You thought email was a simple concept, but you are at once confronted with a plethora of acronyms and jargon like POP, IMAP, WebMail, Aliases, Forwards, SMTP, IMAP, POP, Quota, SPAM, TLS, SSL, Archival, and more! This article describes the ins and outs of email, explains these terms, and helps you figure out what services and features you need from your personal or business email service provider.
Read the rest of this post »
Tags: autoresponder, catch-all alias, email, email alias, email archival, email clients, email provider, imap, imaps, Internet Mail Access Protocol, personality, pop, pop3, pops, Post Office Protocol, private labeling, secure imap, secure pop, secure SMTP, security, Simple Mail Transport Protocol, smtp, smtp authentication, SMTP relaying, smtp server, spam, ssl, tls, web-based email, webmail
Posted in AAA Featured Articles, LuxSci Library: The Technical Side of Email, TechNotes
1 Comment »
Friday, March 13th, 2009
Section 1: Introduction to Email Security
 You may already know that email is insecure; however, it may surprise you to learn just how insecure it really is. For example, did you know that messages which you thought were deleted years ago may be sitting on servers half-way around the world? Or that your messages can be read and modified in transit, even before they reach their destination? Or even that the username and password that you use to login to your email servers can be stolen and used by hackers?
This article is designed to teach you about how email really works, what the real security issues are, what solutions exist, and how you can avoid security risks.
Information Security and integrity are becoming more important as we use email for personal communication and business. While you are reading this article imagine how security problems can affect your business or personal life…. if they have not already.
Read the rest of this post »
Tags: asymmetric encryption, eavesdropping, email security, false messages, http, identity theft, imap, invasion of privacy, message modification, Message Replay, opportunistic TLS, pgp, pop, repudiation, s/mime, Simple Mail Transport Protocol, smtp, SMTP relaying, smtp server, ssl, ssl certificate, symmetric encryption, tls, Unprotected Backups
Posted in AAA Featured Articles, LuxSci Library: Security and Privacy, TechNotes
14 Comments »
Thursday, March 12th, 2009
 The Secure Socket Layer, SSL for short, is a protocol by which many services that communicate over the Internet can do so in a secure fashion. Before we discuss how SSL works and what kinds of security it provides, let us first see what happens without SSL.
Life on the Internet without SSL
Let us compare communications between computers on the Internet and communications between people over the telephone. Without SSL, your computer-to-computer communications suffer from the same security problems from which your telephone communications suffer:
Read the rest of this post »
Tags: ciphers, decrypt, eavesdropping, encrypt, key length, private key, public key cryptography, secure port, secure socket layer, ssl, SSL in action, symmetric cryptography, Thawte, tls, trust
Posted in AAA Featured Articles, LuxSci Library: Security and Privacy, TechNotes
27 Comments »
Thursday, February 19th, 2009
 It’s the classic problem of having “too many keys”. You have accounts on many different web sites. Some are small and relatively insignificant, from a security point of view, like blogs or shopping sites. Some are large and sensitive, like banking and PayPal accounts. Since unified login mechanisms like OpenID are not yet pervasive, you must remember the usernames and passwords for every single site. This is a truly daunting task.
Ideally, you would like to use passwords that are “strong” (i.e. very good, not easily guessable) and different for every site. However, how can you remember each secure and unique password without resorting to a “cheat sheet”?
Read the rest of this post »
Tags: attack, change password, cheat sheet, crack, dictionary attack, encrypted, guess, hacker, key logger, obama, openid, password, remember password, secure, security, ssl, strong password, twitter, username, webaides
Posted in LuxSci Library: Security and Privacy, TechNotes
4 Comments »
Saturday, February 14th, 2009
 We recently discussed email security for accountants and mentioned that the use of password-protected files is not usually a very good solution for meeting data privacy needs. After writing this and getting some feed back, we thought that the issue of password-protected files really deserves some further discussion. Many people are under the assumption that if they use the “password protection” features of whatever software they are using, that their data is safe and secure. However, this is not necessarily the case. Why?
Using password-protected files to secure data is fast and easy and built into many applications. Why not use it? Certainly, password protecting files is much better than not doing so. However, there are several things that determine how secure these “protected” files really are.
Read the rest of this post »
Tags: aes, brute force, dictionary, digital signature, encrypted, excel, insecure, microsoft word, office 2007, one note, password, password protected, password recovery, password-protected files, Password-Protected PDF, password-to-modify, pdf, pgp, powerpoint, s/mime, secureline, ssl, strong encryption, winzip, zip
Posted in LuxSci Library: Security and Privacy, TechNotes
4 Comments »
Tuesday, February 3rd, 2009
 Frequently, we are asked to verify if an email that someone sent or received was encrypted using SMTP TLS while being transmitted over the Internet. For example, banks, health care organizations under HIPAA, and other security-aware institutions have a requirement that email be secured at least by TLS encryption from sender to recipient. This can and should be locked down to ensure that the email message content cannot be eavesdropped upon. This check, to see if a message was sent securely, is fairly easy to do by looking the the raw headers of the email message in question. However, it requires some knowledge and experience. It is actually easier to tell if a recipient’s server supports TLS than to tell if a particular message was securely transmitted.
To see how to analyze a message for its transmission security, we will look at an example email message sent from Gmail to LuxSci, and see that Gmail does not use TLS when sending messages, even when it can. This indicates that Gmail is probably not a service to be used when you have any kind of encryption requirements.
Read the rest of this post »
Tags: bank, gmail, google, headers, hipaa, mx logic, private, received, secure, security, smtp, ssl, tls, transmission
Posted in LuxSci Library: Security and Privacy, TechNotes
3 Comments »
Thursday, January 29th, 2009
 Doctors and medical professionals are feeling a growing pressure to get their business online (i.e. even use of electronic prescriptions is being pushed). This includes making available protected health information to patients via a web site and collecting similar private information from patients or would-be patients. If doctors can show that they are using digital systems with their health care practices in a meaningful way by 2011, they may be eligible for some serious money (part of the proposed stimulus package — the Health Information Technology for Economic and Clinical Health Act (HITECH)).
However, where the health information of an identifiable individual is involved, the Health Insurance Portability and Accountability Act (HIPAA) is the official compliance document. So, what do these requirements mean and how can HIPAA be followed in the context of a website?
Read the rest of this post »
Tags: backup, disposal, electronic prescription, encrypted, escrow, form, Health Insurance Portability and Accountability Act, hipaa, hipaa-secure, patient, pgp, privacy agreement, protected health information, s/mime, secure ftp, secureline, ssl, web form, web site
Posted in Business Solutions, LuxSci Library: HIPAA
2 Comments »
|
 |
|
Email updates:
