Posts Tagged ‘tls’
Wednesday, March 7th, 2012
 I recently applied for a new insurance policy with fairly well known insurance agency (who shall remain nameless). When all the preliminaries were done, the representative emailed me copies of the new policies. They were “secure” emails. I was very impressed … they thought enough of my privacy and identity to ensure that sensitive documents would be sent securely. And, working in an email security company, I actually know and appreciate the ramifications of that perhaps more than most.
So, once I finally got around to accessing the message, I discovered that it was really not secure at all! Even though the subject said “secured”, the representative said it was secure, and the PDFs of the policy documents were not physically in the message, it was really completely insecure! My faith in the company is now somewhat tarnished (though they might not even know about the issue) … and I have serious doubts about whatever provider they are using to facilitate these “secure messages”.
How do I know it was insecure?
Read the rest of this post »
Tags: email security, escrow, insecure, secureline, ssl, tls
Posted in LuxSci Library: The Technical Side of Email
No comments »
Monday, September 26th, 2011
Frequently we are approached by customers who have automated systems that need to send out secured emails on demand and without any manual interaction. These could be web site response systems for sensitive information, health care labs emailing results which need to meet HIPAA compliance, or other situations where the email messages must all be secured.
LuxSci’s SecureLine service provides a means for encrypting some or all outbound email messages using any combination of 4 different email encryption techologies: SMTP TLS, PGP, S/MIME, and SecureLine Escrow (secure message pickup).
Read the rest of this post »
Tags: answers, automated, email headers, encryption, escrow, hipaa, outbound email, pgp, questions, s/mime, secureline, smtp, soap, tls, user api
Posted in Business Solutions, New Feature Announcements
No comments »
Wednesday, September 21st, 2011
Update – April, 2012. openssl v1.0.1 is out and it supports TLS v1.1 and v1.2 which help mitigate this attack. All web sites hosted by LuxSci now use this updated software and are safer. LuxSci recommends using a web host which supports TLS v1.1 and v1.2 for secure web connections.
—-
SSL v3 and TLS v1 are subject to a serious exploit, according to a recently published attack mechanism (called BEAST). This sounds foundation-shattering and kind of scary. When people see this, as when we did, the first panicky questions that arise are:
- What is really affected?
- How serious is it?
- What can I do to protect myself?
- How does the BEAST attack actually work?
After researching this issue, we have digested what we have found and produced this article to answer all of these questions for you.
Read the rest of this post »
Tags: beast, breach, compromised, gmail, https, initialization vector, internet explorer, isp, javascript, openssl, opera, ssl, ssl v3.0, tls, tls v1.0, tls v1.1, tls v1.2
Posted in LuxSci Library: Security and Privacy, LuxSci Library: The Technical Side of Email, TechNotes
4 Comments »
Monday, May 9th, 2011
 When sending outbound email from an email program (like Outlook or Thunderbird) or from a mobile device (like iPhone or Blackberry) that is not using Premium MobileSync, your program or device connects to our outbound email servers using an Internet protocol called “SMTP” (The Simple Mail Transport Protocol).
An email server, however, does lots of different things in addition to sending outbound email. It may allow checking of email via POP or IMAP, or checking your address book using LDAP, or other things. So, when your email program connects to the server it has to specify what it wants to do (i.e. send an email). It does this by connecting to a numbered “port” on the server. Port number “25″ is the Internet standard for “regular outbound email”.
However, because port 25 is standard for outbound email, many ISPs, wifi networks, hotels, airports, and other locations that provide Internet access will arbitrarily block any connections to servers (except perhaps their own) on port 25 in order to stop spammers from using their services for the sending of spam, viruses, or malware and to prevent their IP addresses from being black listed.
Read the rest of this post »
Tags: 25, 465, 587, alternate port, anonymization, block, firewall, ip addreess, smtp, smtp port, ssl, tls
Posted in LuxSci Library: Email Programs and Devices, LuxSci Library: The Technical Side of Email, TechNotes
No comments »
Friday, May 6th, 2011
 We have previously discussed how it may be OK according to HIPAA to send and receive FAXes with ePHI over standard analog phone lines. See: Is a FAX document HIPAA-Secure?
However, we have observed that customers more and more wish to integrate FAXing with their computers, taking advantage of the “paper-free” office that is arriving most places. Why should they have to print and manually fax things or receive FAXes on an old-fashioned FAX printer, when their computers have FAX capability? Can that capability be used in a HIPAA-compliant way?
The answer is “Yes, you can”. This article explains how and points out things to watch out for.
Tags: compliance, efax, email service, fax, hipaa, hipaa fax, HIPAA-compliant FAXing, hitech, tls
Posted in Business Solutions, LuxSci Library: HIPAA
1 Comment »
Friday, April 22nd, 2011
 LuxSci has updated its per-domain administrative controls, adding features that were previously only present in the global, account-wide configuration area.
Now, the following security and privacy features can be configured on a per-domain basis, unless they are already set up globally:
Read the rest of this post »
Tags: domain, encryption, security, tls, webaide
Posted in New Feature Announcements
No comments »
Tuesday, March 1st, 2011
 LuxSci’s SecureLine end-to-end email security system enables allows customers to enable use of TLS for email delivery, without any further encryption, when TLS is supported by the recipient email servers and the customers’ needs only include transport encryption (i.e. for HIPAA). This provides security with maximum usability, when available.
However, TLS is not as secure as SecureLine Escrow for email communications. For cases where enhanced security is desired, even to a recipient whose email servers support TLS, LuxSci’s WebMail email composer now permits users to override the use of “TLS Only” so that “SecureLine Escrow” can be used instead — on a message-by-message basis. I.e., users can now use Escrow “on demand” to provide enhanced security over TLS.
Additionally, users have a new preference (under “Email Composition > SecureLine” preferences), where they can alter the behavior of WebMail so that “TLS Only” delivery is NOT used for them unless requested — Escrow can be used by default if desired.
These new security settings only apply to SecureLine customers who have “TLS” enabled as a viable secure email delivery method in their account.
Tags: escrow, hipaa, secureline, tls
Posted in New Feature Announcements
No comments »
Friday, April 2nd, 2010
 SecureForm is LuxSci’s service that makes it quick and easy to collect data, including files, from web and PDF form posts and have that data emailed to one or more recipients and/or archived in a LuxSci WebAides document storage area. The “Secure” in SecureForm refers in part to the fact that the emailed form data can be secured using PGP or S/MIME. This, combined with enforced use of SSL, ensures that the form data is secured from end-to-end … from submission by the end user to the receipt by the web site administrator. This ensures HIPAA compliance and strong security for that data.
Now, SecureForm supports the option of secure delivery of form data emails to recipients using TLS instead of PGP or S/MIME. While use of TLS only is less secure than PGP or S/MIME, it is more user friendly — there is no need for certificates or extra steps to decrypt the messages once they arrive. TLS does provide transport encryption from LuxSci’s servers to the recipients servers and thus still provides HIPAA compliant form data delivery.
Read the rest of this post »
Tags: hipaa, pgp, s/mime, secureform, secureline, smtp, tls
Posted in New Feature Announcements
No comments »
Friday, February 19th, 2010
 TLS stands for “Transport Layer Security” and is closely related to “SSL” (Secure Socket Layer). TLS is one of the standard ways that computers transmit information over an encrypted channel. In general, when one computer connects to another computer and uses TLS, the following happens:
- Computer A connects to Computer B (no security)
- Computer B says “Hello” (no security)
- Computer A says “Lets talk securely over TLS” (no security)
- Computer A and B agree on how to do this (secure)
- The rest of the conversation is encrypted (secure)
In particular:
- The meat of the conversation is encrypted
- Computer A can verify the identity of Computer B (by examining its SSL certificate, which is required for this dialog)
- The conversation cannot be eavesdropped upon (without Computer A knowing)
- The conversation cannot be modified by a third party
- Other information cannot be injected into the conversation by third parties.
TLS (and SSL) is used for many different reasons on the Internet and helps make the Internet a more secure place, when used. One of the popular uses of TLS is with SMTP. See also:
Read the rest of this post »
Tags: AES256, opportunistic TLS, secure, smtp, smtp tls, ssl certificate, tls
Posted in AAA Featured Articles, LuxSci Library: Security and Privacy
13 Comments »
Thursday, February 18th, 2010
 LuxSci’s SecureLine end-to-end email filtering solution has been augmented with a new, optional, outbound email encryption option: “TLS Only”.
SecureLine accounts that enable “TLS Only” can have their outbound email delivered over an SMTP TLS encrypted channel to recipients whose email services support it. This mitigates the need for using PGP, S/MIME, or SecureLine Escrow message pickup service for many secure outbound email messages — if TLS message transport encryption is “good enough” for your organization (i.e. it is for HIPAA compliance and it is for most bank-to-bank communications).
SecureLine TLS-Only Outbound Encryption:
Read the rest of this post »
Tags: secureline, smtp, tls
Posted in New Feature Announcements
1 Comment »
|
 |
|
Email updates:
