" security Archives - Page 2 of 8 - LuxSci

Posts Tagged ‘security’

Enhancements to Application-specific Passwords

Thursday, December 17th, 2020

Since 2017, LuxSci has supported application-specific passwords.  These enable users to create distinct username/password combinations for use with different applications, devices, or for shared account access.  These login aliases can have limited privileges; for example, granting access only to email or only to web site file storage.  Use of application specific passwords can greatly enhance user security.

In the past few weeks, LuxSci has released several enhancements to application-specific passwords.

Application Specific Passwords

Read the rest of this post »

Dedicated Servers: How They Improve Security And Reliability

Tuesday, December 8th, 2020

What’s best for your organization, shared or dedicated servers? If your company is looking for website hosting, an email provider, or hosting for other online services, this question may not be high up on its list of priorities. The differences between shared and dedicated servers may not seem particularly obvious or important at first, but your choice could have significant security and reliability ramifications down the line.

Many providers will steer you toward shared servers, or only provide a “shared cloud,” even though these may not be in your company’s best interest.

Dedicated Servers

Why?

It’s more efficient and cost-effective for them to lump a bunch of their customers onto the same server. This makes it easier to manage and reduces the provider’s overhead expenses. Your provider’s cost-savings and ease-of-administration probably aren’t your organization’s greatest concerns. Instead, you should be more worried about the additional risks and complications that shared servers can bring to your business.

While dedicated servers can be a more expensive option, particularly for companies with limited needs, they provide security and reliability benefits that can make it worthwhile.

Security of Shared vs Dedicated Servers

Let’s say your website is hosted on a shared server, along with a bunch of other websites. For the sake of this example, let’s also presume that you are exceptionally diligent. All of your software and plugins are always updated as soon as possible, you have strong passwords, two-factor authentication, and suitable access control policies. You have regular security audits, and any issues that pop up are immediately rectified. Your site is essentially Fort Knox.

But what about the sites that you share your server with?

You have no control over them, and can’t make sure that they take all of the same security precautions that your organization does.

Well, that’s their problem, right?

It is, but it could very easily become your problem as well. There are a number of situations in which things could go badly for your organization as well.

Security Risks on Shared Servers

  • One or more of the other websites may be highly vulnerable. Whether through neglecting their updates or other poor security practices, they may be easy to infiltrate. If hackers can compromise one site on the server, it can give them a window into the others. This means that sharing a server significantly increases your own risk of data breaches. Cybercriminals may even target your site deliberately by looking up others that share the same IP address.
  • Malicious actors may set up their own sites on your shared server, with the sole intention of using this access to penetrate the other sites. This can also result in your organization’s website and database being breached.
  • You may share the server with a high-value target, such as a political activist or journalist. If they raise the ire of others, they could fall victim to a DDoS attack. Not only could this prevent legitimate visitors from accessing their website, but it could use up the shared resources, preventing anyone from being able to visit your site as well.

These examples around web hosting also apply to other services such as email hosting, video conferencing, payment processing, online chat, etc. It is always a better and more secure choice to isolate your services and data from others to the maximum degree possible.

While shared servers can be the more economical option, particularly for those with limited needs, you also need to weigh these savings against the potential threats that come from any of these attacks. Is the possibility of suffering an attack, as well as the costs, damage to your organization’s reputation and stress worth the slight reduction in price?

If you use a shared server, it takes control out of your organization’s hands. The configuration is handled by the provider, which means that you cannot set it up according to your company’s needs and risk tolerance.

Reliability of Shared vs Dedicated Servers

If your organization uses a shared service, it means it’s sharing the resources with many other organizations provisioned on to the same shared server(s). The disk space, disk throughput, memory, network capacity, and processing power are all split or shared between the various parties.

This isn’t necessarily a problem—unless one of the other customers starts consuming all of the resources. If you shares a server with one of these bad neighbors, the strain can cause your services to slow down, or even become unavailable. In practical terms, this could result in your web site being down, your email inaccessible, an inability for your employees to send messages, of your video teleconferencing system malfunctioning.

If one of these bad neighbors is sending out email spam, that activity can also get the whole shared server or shared IP space blacklisted. This can result in your company’s emails going straight to the spam, even when it has done nothing wrong. The reliability of your email sending and the successful inbox delivery of your messages depend on others when using shared resources.

LuxSci’s Dedicated Server Options

You can avoid facing these security and reliability issues through segmentation and isolation. LuxSci provides a range of options to suit a variety of different needs. These include giving clients:

  • Their own dedicated server(s) that are firewalled off from other customers.
  • Their own network segment with dedicated physical or network firewalls. These can be customized according to an organization’s needs.
  • Their own dedicated physical hardware, which means that even virtualization hypervisors aren’t shared between customers.

These options give our clients the flexibility they need to meet their organization’s unique requirements. Pursuing one of the above options will mean that your organization won’t have to worry about the threats or reliability problems that sharing a server can bring.

Contact our team for more information on how our dedicated servers can help your organization reduce its risks and circumvent reliability issues.

LuxSci Achieves HITRUST CSF Certification

Thursday, October 22nd, 2020

LuxSci announces today that it has achieved the HITRUST CSF Certification, the gold standard and most widely adopted security framework in the healthcare industry.

LuxSci Achieves HITRUST CSF Certification

What is HITRUST CSF Certification and why should it matter?

Today, we are very proud to announce that LuxSci has achieved the HITRUST CSF Certification, the gold standard and most widely adopted security framework in the healthcare industry. The full fleet of LuxSci services, including Secure High Volume Email Sending, Secure Marketing, Secure Email Hosting, Secure Connector for Microsoft 365 and Google Workspace, Secure Forms, Secure Texting, and Secure Web Hosting, were audited by our third-party assessor, Security Compliance Associates, and have earned Certified status for HIPAA and GDPR under HITRUST.

Read the rest of this post »

How Can You Tell if an Email Was Transmitted Using TLS Encryption?

Tuesday, October 29th, 2019

Frequently, we are asked to verify if an email that someone sent or received was encrypted using SMTP TLS while being transmitted over the internet.  For example, banks, health care organizations under HIPAA, and other security-aware institutions have a requirement that email be secured at least by TLS encryption from sender to recipient.

Email should always be transmitted with this basic level of email encryption ensure that the email message content cannot be eavesdropped upon.  This check, to see if a message was sent securely, is fairly easy to do by looking the the raw headers of the email message in question.  However, it requires some knowledge and experience.  It is actually easier to tell if a recipient’s server supports TLS than to tell if a particular message was securely transmitted.

To see how to analyze a message for its transmission security, we will look at an example email message sent from Hotmail to LuxSci, and see that Hotmail did not use TLS when sending this message.  Hotmail is not a good provider to use when security or privacy are required.

Read the rest of this post »

SSL versus TLS – What’s the difference?

Saturday, May 12th, 2018

SSL versus TLS

TLS (Transport Layer Security) and SSL (Secure Sockets Layer) are protocols that provide data encryption and authentication between applications and servers in scenarios where that data is being sent across an insecure network, such as checking your email (How does the Secure Socket Layer work?). The terms SSL and TLS are often used interchangeably or in conjunction with each other (TLS/SSL), but one is in fact the predecessor of the other — SSL 3.0 served as the basis for TLS 1.0 which, as a result, is sometimes referred to as SSL 3.1. With this said though, is there actually a practical difference between the two?

SSL versus TLS: What is the differenc?

See also our Infographic which summarizes these differences.

Read the rest of this post »

LUXSCI