Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.
Encryption Blog
Showing posts in English
Tim_Matthews | 22 Mar 2010 | 0 comments

Last week we shipped one of the most significant releases in PGP Corporation's short history - PGP 10/3.  The feature payload - which covers file protection, endpoint data protection, and email protection - was designed to help companies deal with the competing tensions of IT consumerization and increasing compliance.  There's a lot in the release, but if I had to net out four key features, here they are:

1) Support for Ubuntu and Red Hat Linux, giving increased coverage for laptops and netbooks

2) PGP Key Management Server 3.0, allowing key and policy management for 3rd party hardware and software...

Tim_Matthews | 27 Jan 2010 | 0 comments

There's no shortage of words written about Cloud computing.  Even the topic of security and the Cloud yields over 28 million results on Google (13 million on Bing for those keeping score).  Given how important a topic securing Cloud computing is, how is one to cut through the clutter?  To help out, here are five of my favorite resources on Cloud Security: 1) Cloud Security Alliance "Security Guidance for Critical Areas of Focus in Cloud Computing"

A comprehensive look at the most important areas of security in the Cloud, written by an esteemed group of security practitioners.

2) Jericho Forum "Cloud Cube Model"

A nice paper that "provides a framework for exploring in more detail the nature of different cloud formations and the...

Brian Tokuyoshi | 20 Jan 2010 | 0 comments

Google Gmail has become a phenomenally popular service, with a user base estimated in excess of 150 million.  In addition to its popularity with consumers, Gmail has been gaining ground as a service for commercial users as well. One notable instance is the City of Los Angeles, which is spending $7.25M to move 30,000 email users to the Gmail platform. As more organizations start to take a cloud-based approach to their IT computing services, the need for enterprise-managed security starts to become apparent.

Last week, Google announced that its Gmail service was the target of an attack and that certain users may have had their email accounts compromised. In recent days...

Bryan Gillson | 18 Jan 2010 | 0 comments

Bryan Gillson - Director, Business Development

At Lotusphere® 2010 today, Kevin Cavanaugh – Lotus Software’s Vice President of Messaging and Collaboration – announced a new addition to the IBM® Lotus® Protector product line created in partnership with PGP Corporation: Lotus Protector for Mail Encryption.

Lotus and PGP Corporation designed Lotus Protector for Mail Encryption to seamlessly extend Lotus Notes integrated email encryption to a wide variety of different recipient types. By leveraging gateway email technology from PGP Universal™ Server and the proxy technology from PGP Desktop Email, Lotus Notes users with Protector for Mail Encryption can send a single email that gets secured regardless of the recipients’ location and encryption technology – whether they’re internal or external; secure messages with Notes, OpenPGP, or S/MIME; or use no encryption technology at all.


Tim_Matthews | 15 Jan 2010 | 4 comments

I'm very pleased to announced that PGP Desktop 10.0 is now shipping.

All customers with current subscription licenses or maintenance will receive this upgrade free of charge. It is also available for purchase by new customers on the PGP webstore. PGP Desktop 10.0 brings all of the features you've come to expect to Mac OS 10.6 (Snow Leopard) including support for Boot Camp, Windows 7 (32 & 64 bit), and for the first time Whole Disk Encryption support to Linux (Red Hat and Ubuntu).

What else is new?  In summary:

  • Encrypt/Sign button for Microsoft Outlook
  • Faster encryption and decryption
  • Installation localization for French and Spanish
  • Safeguards against boot disk corruption
  • Support for Boot Camp

This also marks the termination of the PGP Desktop 10.0 beta program. I'd like to thank the hundreds of you who contributed to this program and helping us make PGP Desktop 10.0 the best release...

Brian Tokuyoshi | 12 Jan 2010 | 0 comments

“Open Sesame”

The phrase comes from the English translation of Ali Baba and the Forty Thieves. In that story, Ali Baba discovers that the thieves kept their treasure in a cave that’s protected by a magical door. In order to open the door, one must only utter the phrase “Open Sesame”.

Ali Baba uses this information in order to steal treasure from the cave, and thus begins the story as Ali Baba and the tribe of thieves plan revenge upon one another. Although the Forty Thieves didn’t realize it at the time, the real problem they faced was that their magic door had poor proof of identity. The security for the door relied on a shared secret, and thus freely let in unauthorized people who learned of the magic words.

It would have been far better and more secure if the door didn’t rely on shared secrets at all, and rather used a secret specific to each person as well as require proof that the user had the rights to use said...

Doug McLean | 08 Jan 2010 | 0 comments

One good way to tell if a topic has become mainstream is to monitor USA Today. So I wasn't terribly surprised when I found the lead in the paper's Money section on New Years Day to be focused on the latest trend in cybercrime. It seems that many cybercriminals, frustrated with the countermeasures put in place by larger banks and enterprises are now targeting smaller businesses that have adopted online banking as a way to save both money and and time.

As we all know cybercrooks like to target the weakest link in any system that might yield cash or cash equivalents. In this case, the miscreants have determined that the some of the systems banks use to support smaller businesses have material weaknesses that can be exploited. Specifically, the Automated Clearing House (ACH) systems and wire transfer systems have not kept pace with...

Brian Tokuyoshi | 06 Jan 2010 | 0 comments

There’s been a great deal of talk going on about cloud computing. The benefits are clear, because organizations realize that the network is an extension of their data center and that they can avoid many of the scalability and capacity problems of the past. The fundamentals of the concept are compelling and real.

Yet there is still a great deal of trepidation, especially when it comes to security. That’s because that the concept of cloud computing needed to be tested first.   The first generation of cloud computing services addressed whether the infrastructure made sense.  Was it possible to build the types of services with the quality and reliability of an in-house application?

I think we’re turning the corner on the first generation and that’s why people are talking about security.  We’ve moved past whether the concept is feasible.  Now we need to know if it’s practical and safe. The second generation of...

Doug McLean | 05 Jan 2010 | 0 comments

Albert Gonzalez, the mastermind behind the TJX, Heartland and Hannaford Bros. breaches, recently admitted that he was also the perpetrator behind the 2007 breach of Target Stores. While it was a small breach in comparison to his other accomplishments, prosecutors deemed it worthy of adding another two years to the minimum sentence they are requesting.

The Reuters report on the case indicates Gonzalez will now serve 17 to 25 years for his crimes. What I found more interesting than the developments in Gonzalez' case was the mention that one of his co-conspirators, Steven Watt, who was convicted of developing the software Gonzalez used, has been sentenced to two years in prison for his contributions to Gonzalez crime spree. He also gets to spend an extra three years having all of his computer and Internet activities "monitored."

The reason I think this is...

Tim_Matthews | 04 Jan 2010 | 3 comments

On behalf of PGP Corporation, I'd like to thank everyone that has participated in the beta test of our latest product, PGP Desktop 10.0 PGP Whole Disk Encryption for Apple® Mac OS X.

Thanks to your input we've identified a number of issues that have been fixed in the latest build (Beta-2) which is now available at the beta site.  If you choose to download and install Beta-2, you will be given the option to also obtain and apply a new evaluation license which is valid for 60 days.

We appreciate any and all feedback from you: bugs, problems, suggestions, and improvements. Submit those here.