" encrypt Archives - LuxSci

Posts Tagged ‘encrypt’

Next Generation Data Loss Prevention (DLP) with LuxSci Secure Email

Tuesday, September 29th, 2015

Data Loss Prevention (DLP) describes a plan for companies to control the sending of sensitive data.  E.g. this can include controls to stop the flow of sensitive data or to ensure that sensitive data is always well-encrypted (for compliance) when sent.

In the context of email, DLP is usually achieved through the following formula:

  1. Construct a list of words, phrases, or patterns that, if they are present in an email, signify an email message that may contain sensitive information.
  2. Have all outbound email scanned for these words, phrases, or patterns
  3. For messages that match, take action:
    1. Block: Refuse to send the message, or
    2. Encrypt: Ensure that the message is encrypted
    3. Audit: (and maybe send a copy of the message to an “auditor”)

This classic DLP system is available through many email providers and has been available at LuxSci for many years as well. However, it does have a glaring limitation — no matter how complete and complex your DLP pattern list is, it is almost certain that some messages containing sensitive information will not quite match (or the information will be embedded in attachments that can’t be searched properly).  If they do not match, then they will escape in a way that may be considered a breach.

Read the rest of this post »

Tags: data loss prevention, dlp, encrypt, escrow, hipaa, pgp, s/mime, tls
Posted in LuxSci Library: HIPAA, LuxSci Library: Security and Privacy
No comments »

How Does Secure Socket Layer (SSL or TLS) Work?

Monday, July 22nd, 2013

The Secure Socket Layer, SSL for short, is a protocol by which enables services that communicate over the Internet to do so securely.

SSL has recently been replaced by TLS (Transport Layer Security).  TLS is newer and more secure than SSL (See TLS vs SSL: What is the difference?); however, from a lay-person’s perspective of “how does it work,” they are functionally the same.  We use the term “SSL” to refer to both TLS and SSL in this article for simplicity.

Before we discuss how SSL works and what kinds of security it provides, let us first see what happens without SSL.

Life on the Internet without SSL

This is, for example, what happens when you go to any web page whose address begins with “http://” (and not “https://”).

Let us compare communications on the Internet and communications between people over the telephone. Without SSL, your computer-to-computer communications suffer from the same security problems from which your telephone communications suffer:

Read the rest of this post »

Tags: ciphers, decrypt, eavesdropping, encrypt, key length, private key, public key cryptography, secure port, secure socket layer, ssl, SSL in action, symmetric cryptography, Thawte, tls, trust
Posted in AAA Featured Articles, LuxSci Library: Security and Privacy, LuxSci Library: The Technical Side of Email, Popular Posts
31 Comments »

Ensuring all data is encrypted at rest with LuxSci

Friday, May 10th, 2013

Email and other data are either being “transmitted” or “processed” or are “at rest.” I.e., it is moving from one computer to another, stored/at rest on a computer, or preparing to be transmitted or stored.

While most types of compliance regulation, such as HIPAA, specifically require that data be transmitted securely, not all regulations require that data be stored in an encrypted form while at rest. I.e., HIPAA does not require at-rest encryption, though it is recommended to decrease risk and potential liability in some situations.

Having your email and other data encrypted while at rest can potentially increase the security of that data, even if that level of security is not explicitly required. As a result, many LuxSci customers have asked how to ensure that all of their email and other data are encrypted while at rest.

Read the rest of this post »

Tags: at rest, cache, decrypt, encrypt, encryption, hipaa, pgp, s/mime, secureform, secureline, security, sent mail, smtp, tls, transmission, webmail
Posted in LuxSci Library: HIPAA, LuxSci Library: The Technical Side of Email, Secure Form
No comments »

How to Install S/MIME (and PGP) Encryption Certificates into Major Email Clients

Wednesday, May 27th, 2009

We at LuxSci are always being asked questions about various email programs and their usage.  With HIPAA compliance becoming more and more important, we get a lot of inquiries regarding secure email. One of the most frequently asked questions is how to install S/MIME security certificates in various email programs that our servers support. Sometimes finding instructions on installing security certificates in various email clients is difficult, even with the help of search engines. To make your search easier, we have complied instructions for several of the the major email clients:

  • S/MIME for Outlook 2003
  • S/MIME for Outlook 2007
  • S/MIME for Mail.app
  • S/MIME for Entourage
  • S/MIME for Thunderbird
  • PGP for Thunderbird via the Enigmail Add-on.

Read the rest of this post »

Tags: add-on, apple, cacert.pem, certificate, certificate authority, encrypt, enigmail, entourage, import, install, keychain, mail.app, openpgp, outlook, pgp, pgp certificate, s/mime, s/mime certificate, thunderbird
Posted in LuxSci Library: Email Programs and Devices
3 Comments »